Firewall rules

Trying to look for optimal rules for my gateway / firewall to work with FreePBX.

I’m using pfSense.

I want to do if I should be doing any port forwarding (port 5060, etc.) or anything like that.

I’ve been trying to look for that in the wiki but I can’t find anything.

For now, I don’t have any external extension : all phones are on the local network.

The only connection going through NAT for now is the SIP trunk.


It depends on your configuration.

If you are establishing the SIP session over TCP, make sure you open 5060 on TCP rather than UDP and vice versa.

You should also open ports 10000-20000 UDP for the RTP stream.

Again, this is all depending on how you have your system configured.

You can restrict those ports to specific providers. But many sip trunk providers have media servers all over the place and it is difficult to be all inclusive.

Good luck!