Nextiva and PfSense

Hi, I’ve got a PfSense v2.5 and we have Nextiva Hosted VOIP phones. All works great, except the Nextiva App for Windows doesn’t like the PfSense. Logging in it says " This site can’t be reached". I’ve created Firewall WAN, LAN rules to Pass the IPs from Nextiva. Set to Conservative Mode, Enabled Multicast. Nextiva says PfSense is not compatible. Hoping someone else has this issue and has resolved it? May be useful to note that the Ring Central Desktop App also exhibits this problem. Thanks!

Never used Nextiva but we have a lot of clients using RingCentral and lots of other phone systems with out any issues. You could try this Packages — Siproxd package | pfSense Documentation We don’t use it but it might help with your issue.

Do you have the ability to setup a test pfSense box with a clean, no frills allow anything, no filtering, no proxy setup? I keep a spare pfSense vm (I know, I shouldn’t be using pfSense as a vm…) on sites where I’m filtering or proxing for testing and emergency DR.

All it does out of the box is forward packets so there shouldn’t be anything to not be compatible…

(I’m assuming that Nextiva Hosted = they run the server on the public interwebs rather than you run the server on prem)

Thanks for the recommendations. I am using a fresh install of pfsense to test on. What I have found is it seems to be related to DNS. If I manually put in say 8.8.8.8 on my pc running the Nextiva app it works no problem. If I let it get DNS from Pfsnese and let Pfsense Unbound Resolver take it over it breaks. I dont seem to have any problem resolving host names other than this Nextiva App. As I understand it Unbound uses root hints servers for dns over what is setup in General settings. PfSense BIOS Time/Date are correct as is the system time/date showing on the dashboard. I can also use cloudflare vpn and when enabled Nextiva App works. Disabled it doesn’t. So any ideas?

Do lookup and figure out if the DNS answers are different from 8.8.8.8 VS the pfsense.

nslookup is 8.8.8.8 when manually configured and 10.10.10.2 (PfSense IP) when obtained automatically.

No, look up the address that Nextiva system wants on 8.8.8.8 VS pfsense and see if they are the same.

1 Like

Are you on 2.5?

There is an update to ubound that you can fetch from the command line. No idea what it fixes, not got as far as looking yet but worth a punt.

1 Like

Thanks, I’ll look into that update. I have this posted in Netgate Forums also.

Yes, indeed they are the same. I’m not great at Wireshark but I got a capture using the Resolver and one bypassing the Resolver. Hopefully I’ll see some clue.