Asterisk/FreePBX behind pfSense

I’ve been bashing my head against a brick wall for about 6 hours trying to get asterisk to work behind pfSense - turns out it was the suggested siproxd that was causing the problem. I’m not sure if I missed something during my frustration, but you don’t need it. I was following this from the pfSense docs (well, the Google cached version as the pfSense docs have been down a lot the past couple of days). The only firewall rules you need are:

5060 UDP -> internal IP 5060 (for sip)

10000 - 20000 UDP -> internal IP 10000 (for RTP)

Firewall rules

You’ll also need to set your external address (settings -> asterisk SIP settings) to a domain or IP that is your address. If you’re on a dynamic IP, get something like Dynamic DNS to point to your IP address.

External IP address

Things that should be done:

  • Narrow that RTP range down as small as possible
  • Only allow certain IP addresses through the firewall for those ranges (e.g. sipgate has this page which shows their IP addresses).

Update: only allow Sipgate IP addresses through the firewall

NAT rules for Sipgate IP addresses only