PfSense and on prem VoIP not working

Evening Forum pro’s

There has to be, and I’m not afraid of admitting it, something I’m totally missing here. But for the life of me I cannot get this to work.

I have an SG6100 with 4 WANS in and one LAN trunk out to a unifi stack. For the most part working A1 for pretty much everyone. Apart from one, and it’s driving me nuts.

The pfsense has as I said 4 WANs, each with 5 static IPs. These IPs are all setup as Virtual IPs and I have 3 other people assigned an IP with all traffic routed via NAT. Nice and simple. All ports go here, outbound all ports translated as this go to internet. Works fine.

I have each tenant in the building on their own VLAN, and each VLAN has a DHCP server etc etc.

Within on of the VLANs (18) the on prem phone server is static at 192.168.18.150 I have all the necessary ports forwarded to SIP etc etc that the provider wants. Inbound works fine. Outbound does not. The server sends an invitation to the provider internet address and it goes seemingly no where.

Clients on this VLAN have internet access no problem, and I can use the firewall to ping from that VLAN to the internet address and get a reply. But the fact remains no outbound calls work

The only stipulation is that the invitation has to come from the public IP address allocated to the tenant which have setup just like everyone else who works.

More detail can be provided if needed but HELP!!! Please!!

Most likely there is a setting missing from the SIP provider. You can also check the Netgate documentation to see if there are some setting that might help.
https://docs.netgate.com/pfsense/en/latest/recipes/nat-voip-pbx.html

1 Like

Thanks @LTS_Tom, I did already try this to no avail

There’s also a relevant YouTube video from netgate. Firewall Best Practices for VoIP on pfSense - YouTube

1 Like

@LTS_Tom @gzornetzer Just thought I’d close this thread off by saying i had it all right from the start anyway lol.

Turns out the SG6100 was setup correctly all along. The issue was with the state table being held open by a support persons remote handset attached via the internet.
As in the documentation, it mentions that any big changes to the way NAT is configured requires all the states to be cleared. Even when doing this the remote phone some how managed to persist stopping the NAT changes from applying. Switch off their PBX and wipe the state table. The NAT changes kicked in and all calls started to work.

1 Like