A NAT 1:1 would be perfect and then open up 5060 for Kamailio (UDP,TCP, or whatever you need) as well as a port range for RTP.
This said, best support for PFSense is on their forums.
Fred Posner fred@qxork.com https://qxork.com Direct/SMS: +1 (224) 334-3733 Direct/SMS: +1 (336) 439-3733
Need Fred? Call Fred. 336-HEY-FRED Matrix: @fred:matrix.lod.com
On 9/6/19 4:26 PM, Youssef Boujraf wrote:
Dear All,
I am evaluating the kamailio proxy 5.2 server with rtpproxy on an internal network. Everything are ok.
Now, I would like to evalute Kamailio proxy from outside (internet) but I have some difficulties to setup my PfSense firewall to enable inbound & outbound rules, network settings and kamailio.cfg.
The issues are :
Setup correctly Network files :
/etc/hostname
127.0.0.1 localhost ip_private codecsip.mydomain codecsip ip_public codecsip.mydomain codecsip
/etc/hosts file
codesip
dns
/etc/resolv.conf
nameserver 8.8.8.8
Setup /etc/kamailio/kamailio.cfg :
#!define WITH_MYSQL #!define WITH_AUTH #!define WITH_USRLOCDB #!define WITH_NAT #!define WITH_TLS /* uncomment the next line to disable the auto discovery of local aliases based on reverse DNS on IPs (default on) */ #auto_aliases=no /* add local domain aliases */ alias="codecsip.mydomain" #!ifdef WITH_NAT # ----- rtpproxy params ----- # modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722") modparam("rtpproxy", "rtpproxy_sock", "unix:/var/run/rtpproxy/rtpproxy.sock")Setup etc/default/rtpproxy :
|CONTROL_SOCK=udp:127.0.0.1:7722 EXTRA_OPTS="-l <IP-address>"|Where <IP-address> is the external IP address of your host.
Regarding the firewall rules, it will be great to identify which rules I need to create : Inbound and outbound rules and NAT 1:1 ?
If anyone have any information it could be great
Best regards, *Youssef*
Kamailio (SER) - Users Mailing List sr-users@lists.kamailio.org https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users