PFsense Telephones

Aus metasec wiki
Wechseln zu: Navigation, Suche

Quelle: http://doc.pfsense.org/index.php/VoIP_Configuration

http://keystoneit.wordpress.com/2010/01/20/using-pfsense-with-remote-sip-phones/


If you are using VoIP, you may need settings other than the defaults in some circumstances. The default settings handle the majority of scenarios, but depending on the specifics of your usage, you may need to change configuration settings for things to work. If your VoIP deployment is not working properly, try the following:

1. Enable source port rewriting - by default, pfSense enables Static Port on UDP 5060 traffic, preventing the rewriting of the source port. This is because rewriting the source port commonly breaks SIP. In some cases, though, it is necessary so multiple phones can connect to the same outside host. The static port page has information on this. Note: this is not true in 2.0, the default has been changed to rewrite the source port for 5060 traffic.

2. Set Conservative state table optimization - pf's default UDP timeouts are too low for some VoIP services. If your phones mostly work, but randomly disconnect, set "Firewall Optimization Options" to Conservative under System -> Advanced. Note this only works on 1.2.3-RC1 and newer as pf itself never increases UDP timeouts, our code changed to do this.

3. Use the siproxd package - for deployments where option #1 above breaks the ability to connect because the service will not work with rewritten source ports, the siproxd package enables multiple phones to connect to a single outside server.

4. In rare circumstances, scrubbing needs to be disabled under System > Advanced.

Von „http://wiki.metasec.de/index.php?title=PFsense_Telephones&oldid=663