pf nat and UMA
Adam Wien
adam.wien at gmail.com
Mon Sep 24 15:02:54 PDT 2007
I'm trying to get my new UMA phones working behind a pf firewall. I'm
having all sorts of trouble. I've tried static maps, binat,
redirects, nothing seems to be working.
They seem to work on port 4500. Port 4500 on the phone to port 4500
on the remote server. It looks to me to look a lot like SIP. When I
make calls, it rings on the other side but, after 15 seconds, at
best, it drops the call.
Here's what I have so far.
nat on em3 proto udp from any port 4500 to any port 4500 -> (carp0)
static-port #nat for my phones
nat on em3 from carp1:network to any -> carp0 #basic nat rule
I see it in the state table...
self tcp 192.168.x.131:51325 -> 208.74.x.x:57358 ->
204.187.87.88:443 ESTABLISHED:ESTABLISHED
self tcp 192.168.x.131:52324 -> 208.74.x.x:52324 ->
216.9.242.88:443 ESTABLISHED:ESTABLISHED
self udp 192.168.x.131:4500 -> 208.74.x.x:62310 ->
208.54.83.1:4500 MULTIPLE:MULTIPLE
I'm really at a loss.
Thanks,
Adam
More information about the freebsd-pf
mailing list