Archive

Archive for the ‘pfsense’ Category

Allow ICMP traffic through pfsense firewall

January 20, 2010 1 comment

By default you cannot ping a pfsense firewall. You need to add a rule to allow it:
Action: Pass
Interface: WAN
Protocol: ICMP
ICMP type: Echo
Source type: Any
Destination: WAN Address

Advertisements
Categories: pfsense

Using pfsense with remote sip phones

January 20, 2010 3 comments

pfsense by default only allows one sip registration to be active at a time on a protected LAN. The siproxd extension allows multiple phones to coexist happily, but it is a little confusing to set up. Here is what works the best from my testing:
Firewall: Rules: WAN = none for SIP or RTP

Firewall: NAT: Port Forward = none

Firewall: NAT: Outbound = Manual Outbound NAT, using default rule with NO Static Port mapping

Reboot the pfsense machine

UPDATE: siproxd is not necessary for multiple sip reigsrations to work! The above should be adequate.

Install the siproxd package from the System:Package Manager page on the pfsense admin page.

Services: siproxd: Settings = Inbound to LAN, Outbound to WAN, Port to 5060. Expedited Forwarding on.

Reboot the pfsense machine

I am including some screenshots to help.

Click on the “e” to edit the rule.

siproxd settings:

Categories: Asterisk, networking, pfsense