[SR-Users] Kamailio - PfSense Firewall - inbound/outbound rules

Fred Posner fred at palner.com
Fri Sep 6 22:33:49 CEST 2019 

A NAT 1:1 would be perfect and then open up 5060 for Kamailio (UDP,TCP,
or whatever you need) as well as a port range for RTP.

This said, best support for PFSense is on their forums.

Fred Posner
fred at qxork.com
https://qxork.com
Direct/SMS: +1 (224) 334-3733
Direct/SMS: +1 (336) 439-3733

Need Fred? Call Fred. 336-HEY-FRED
Matrix: @fred:matrix.lod.com

On 9/6/19 4:26 PM, Youssef Boujraf wrote:
> Dear All,
> 
> I am evaluating the kamailio proxy 5.2 server with rtpproxy on an
> internal network.
> Everything are ok.
> 
> Now, I would like to evalute Kamailio proxy from outside (internet) but
> I have some difficulties to setup my PfSense firewall to enable inbound
> & outbound rules, network settings and kamailio.cfg.
> 
> The issues are :
> 
> Setup correctly Network files :
> 
>   * /etc/hostname 
> 
>     127.0.0.1 localhost
>     ip_private codecsip.mydomain codecsip
>     ip_public codecsip.mydomain codecsip
> 
>   * /etc/hosts file
> 
>     codesip
> 
>   * dns
> 
>      
> 
>   * /etc/resolv.conf
> 
>     nameserver 8.8.8.8
> 
> Setup /etc/kamailio/kamailio.cfg :
> 
>     #!define WITH_MYSQL
>     #!define WITH_AUTH
>     #!define WITH_USRLOCDB
>     #!define WITH_NAT
>     #!define WITH_TLS
> 
>     /* uncomment the next line to disable the auto discovery of local aliases
>        based on reverse DNS on IPs (default on) */
>     #auto_aliases=no
> 
>     /* add local domain aliases */
>     alias="codecsip.mydomain"
> 
>     #!ifdef WITH_NAT
>     # ----- rtpproxy params -----
>     # modparam("rtpproxy", "rtpproxy_sock", "udp:127.0.0.1:7722")
>     modparam("rtpproxy", "rtpproxy_sock", "unix:/var/run/rtpproxy/rtpproxy.sock")
> 
> 
> Setup etc/default/rtpproxy :
>  
> 
>     |CONTROL_SOCK=udp:127.0.0.1:7722
>     EXTRA_OPTS="-l <IP-address>"|
> 
> Where <IP-address> is the external IP address of your host.
> 
> 
> 
> Regarding the firewall rules, it will be great to identify which rules I
> need to create : Inbound and outbound rules and NAT 1:1 ?
> 
> 
> If anyone have any information it could be great
> 
> Best regards,
> *Youssef*
> 
> _______________________________________________
> Kamailio (SER) - Users Mailing List
> sr-users at lists.kamailio.org
> https://lists.kamailio.org/cgi-bin/mailman/listinfo/sr-users
>

More information about the sr-users mailing list