[asterisk-users] Anyone with a working pfSense firewall configuration?
Tim Nelson
tnelson at rockbochs.com
Mon May 11 16:30:30 CDT 2009
----- "Eric Chamberlain" <eric at rf.com> wrote:
> Other SIP clients behind the firewall (not using STUN, work).
>
> We have a SIP client using STUN and ICE behind a pfSense firewall.
> The firewall is behaving oddly.
>
> REGISTER packets work fine.
>
> But when the client tries to make a call, the first INVITE packet from
>
> the client pass through the firewall and makes it to the Asterisk
> server.
>
> The Asterisk server sends back a 401 client sends ACK, traffic passes
>
> fine.
>
> When the client then sends the INVITE with the authentication
> information, the INVITE packet never makes it to the Asterisk server.
>
> A packet trace on the WAN interface of the firewall shows the INVITE
>
> going out, but the packets never make it to the Asterisk server.
>
> Any ideas on how to configure pfSense to work with a SIP client using
>
> STUN and ICE, without having to install siproxyd?
>
> --
> Eric Chamberlain, Founder
> RF.com - http://RF.com/
pfSense employs source-port randomization by default. You may want to enable advanced outbound NAT which turns this behavior off.
While I'm not sure this is the source of your problems, I've seen it ruin otherwise acceptable SIP situations.
Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105
More information about the asterisk-users
mailing list