Question regarding port forwarding

When I install Freepbx behind a router, I never forward any port (unless I have external phones). I know that it is usually not necessary (or recommended) to forward ports. Everything works fine but I noticed something strange in the firewall logs of the routers (PFSense and OPNSense). Whenever a call comes in, a whole bunch of incoming UDP connection from the voip provider between ports 10000 and 20000 are blocked by the firewall. The call works, the audio is good, everything is fine. I am just wondering why I see these connection from the providers (both voip.ms and babytel do the same thing).

Of course, forwarding ports 10000-20000 removes theses messages in the firewall logs, but I can’t help but wonder why these connection happen. I mean, if they we’re necessary, I wouldn’t have audio without forwarding.

Do these blocked packets only happen at the very beginning of the call? If so, it is probable that the inbound media path through the router is only established AFTER media is first sent out from the PBX. Any inbound audio packets before the outbound starts will get blocked. Most of the time this won’t matter, but there are call flow cases where you need inbound audio to work immediately (AMD is a common one) and in those cases you will have issues if you are not forwarding the RTP ports.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.