OPNsense Forum
English Forums => General Discussion => Topic started by: comet on April 22, 2018, 12:42:26 am
-
I ran into an issue today where a Linksys VoIP adapter connected to OPNsense, but registering to an Asterisk server at another location on the Internet (not on the same local network), was re-registering every few minutes but every time it did, it would use a different SIP port. This behavior would cause the Asterisk server to think the VoIP adapter had disappeared near the end of each registration cycle. The solution in this case was to create a new rule under Firewall: NAT: Outbound, specifying the VoIP adapter's address as the Source address (actually I created an alias and used that), and then checking the Static-port: checkbox. Then the VoIP adapter registered using the correct ports, and Asterisk is happy.
However, sometimes I use a softphone client on one of my desktop machines and I wonder if that could be similarly affected. It occurs to me that there should be some way to set a list of outgoing ports that would not be remapped. For example 5060 UDP, or perhaps a range such as 5060-5063 UDP (which are commonly used by SIP devices with multiple phone ports or "lines"). Basically, if a device is trying to make a outgoing connection using one of the "protected" ports, it should not be remapped.
I'm not sure if that is a workable solution (please feel free to explain if it isn't) but I just wondered if OPNsense has the ability to protect certain specific user-specified ports from being remapped, and if so, how do you do that?