Installed a new system for a customer last night. Because of some bizarreness in his network, we had to complete the firewall installation by hand.
We set up all of the ports, the networks, the zones, everything - we could not connect to the server from the ITSP.
I fired up tcpdump to look at the incoming traffic, and the traffic was hitting the interface, but nothing was getting sent back. We disabled the FreePBX firewall to test if it was the firewall or some other oddness in the configuration.
Everything worked.
We re-enabled the FreePBX firewall and everything continued to work.
So, here’s the hint:
If you are installing a new system and have to set the firewall module up by hand, be sure once you have the entire configuration set before you enable the firewall, and if you make major changes (add zones, add destinations, etc.) be sure to disable the firewall, then re-enable the firewall again.
I know it shouldn’t be necessary, but it worked for us last night.