SIP port forward from pfSense WAN to OpenVPN Client


I have problems setting up port forward from pfsense WAN to PBX as OpenVPN client.

Port Forward WAN to PBX OpenVPN IP
5061 TCP
10000-20000 UDP

Outbound mode set to Hybrid with static ports for both rules. The outbound interface is OpenVPN.

SIP is able to connect and register from client but no audio.

When I connect the SIP phone to OpenVPN everything works perfectly.

PBX has defined NAT local networks and NAT on extensions.

I think the problem is the UDP traffic but I cannot see any UDP traffic coming in from WAN to PBX.

The SIP phone IP showing in the PBX is the OpenVPN gateway.

PBX is a Grandstream UCM6104.

Any help?


I have never tried to use SIP via an outbound OpenVPN with port forwarding. Not really sure if that would work. The way I usually see it done is by running OpenVPN on FreePBX and because the phones are connecting directly to the server, no ports need to be forwarded.

Hi Tom,

I’m using openvpn as GW because I don’t have a public IP at the PBX site.

Right now the problem is the RTP traffic. I can connect and register the client into the PBX (I can see it from the PBX) but I got no audio at all.

I’m using a Grandstream UCM6104 TLS (TCP 5061) and RTP (UDP 1000:2000).

When I connect the client to openvpn I can access the pbx and make calls. The problem is when I try to use pfSense public IP.

I’m guessing is some sort of problem with the UDP Nat. I have static port for the outbound.