pfSense 2.3 port settings for Asterisk FreePBX

pfSense 2.3 port settings for Asterisk FreePBX

Getting Asterisk VOIP systems set up and working behind a pfSense firewall has become routine as pfSense grows in popularity and as our clients switch from legacy phone systems to Voice over IP systems. The following setup instructions for opening firewall ports to allow SIP traffic through pfSense has been tested, and works, for Avaya, FreePBX and Asterisk VOIP systems. The process of opening the SIP and RTP ports is needed both to connect to the SIP trunk provider and to get audio working in both directions once connected. If you have audio only in one direction, take a look at the RTP port settings shown below. Option A: pfSense in an environment where you have multiple public IPs and with one IP assigned to your Asterisk / FreePBX or Avaya system. Option B: Port forwarding on pfSense for single IP system like you would have on a home Internet connection. Option A – using a dedicated static IP: Add Virtual IP Add 1:1 NAT for the Virtual IP Firewall rules to open SIP ports thru the pfSense Firewall rules to open RTP ports thru the pfSense 1. Add a Virtual IP Click on Firewall -> Virtual IPs Select IP Alias Add the extra static IP address assigned by your ISP Add a meaningful description 2. Add 1:1 NAT for the Asterisk Virtual IP Click on Firewall -> NAT -> 1:1 Add the VOIP server’s public IP under External subnet IP Internal IP is the Single Host with the private IP or your Asterisk or Avaya VOIP server Provide a good description and click Save 3. Firewall rules to open SIP ports through the pfSense Open SIP ports thru pfSense to the Asterisk server Click Firewall -> Rules...