FreePBX & pfsense

FreePBX Networking
1

PBX down. Any help, any ideas very appreciated!

FreePBX 16.0.40.13 running on CentOS. Running fine since years. Dynamic IP (Fios), but it only changes every 6 month or so. DDNS set up and working.

I have had many routers through the years, always easy to set up. Forward a few ports, all good.

Now we had to switch to pfsense (Netgate 2100).

No matter what I tried, I can not get it working.

  • Set up NAT - Port Forward for all relevant ports
  • Auto setup routes for all these ports
  • Switched to Hybrid Outbound NAT rule generation. (Automatic Outbound NAT + rules below)

The Sipstation External Connectivity Test still fails. No even port 80 (for Letā€™s Encrypt) is available from the outside despite forward and rule. Internally everything works.

I have set up port forwarding for other machines such as RDP and they work without any problems.

So ANY tips?

2

You need to set static port option on the pfsense outgoing nat options, otherwise you might get your SIP port re-writen.

1 Like
3

Thank you. Set outgoing NAT for that to static. Unfortunately no change.

Strange that not even port 80 works. It works inside the LAN.

4

You need to set it to static for the specific SIP and RTP ports you are using on FreePBX

5

you changed to pfSense.

  1. Did your LAN address or subnet change ? Did you go from like 192.168.5.1 to 192.168.1.1 ?
  2. If it did change, did you re run the FreePBX firewall wizard ?
  3. On FreePBX, did you go into ā€œsettings > SIP Settingsā€ and update your external IP there ?
  4. Who is your sip trunk provider ? In Sangoma / SipStation there is also a setting in their side that says what IP Address they expect you are trying to connect from. Is that also for your provider ?
6

As a sort of separate question. Does internal calling, extension to extension work ? Or is that not working either ?

7

Internal calls work.

8

Thanks for your response!

No, always 192.168.1.1

It did not change, but I also checked the firewall if anything was blocked.

I have a FQDN in there that gets updated. I have gone though many IP changes without any problems. Downtime is a few minutes when the IP changes. But I also tried with the manual IP in there, no change.

SipStation. See above.

I am currently running with a very simple Eero. Forwarding works fine as it does with 4 other routers I have tested.

9

Yes, I tried that. No change.

10

If you feel confortable, send me a PM with an anydesk number and I can try to check it and guide you to fix it.