From owner-freebsd-net@FreeBSD.ORG Fri May 21 04:22:50 2004 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A512A16A4CE for ; Fri, 21 May 2004 04:22:50 -0700 (PDT) Received: from whizzo.transsys.com (whizzo.TransSys.COM [144.202.42.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 513BB43D3F for ; Fri, 21 May 2004 04:22:50 -0700 (PDT) (envelope-from louie@transsys.com) Received: from whizzo.transsys.com (localhost [127.0.0.1]) by whizzo.transsys.com (Postfix) with ESMTP id 615B220FFD; Fri, 21 May 2004 07:22:37 -0400 (EDT) X-Mailer: exmh version 2.6.3 04/04/2003 with nmh-1.0.4 To: Adam McLaurin Organization: Serendipity Scheduling & Management X-Image-URL: http://www.transsys.com/louie/images/louie-mail.jpg From: "Louis A. Mamakos" References: <20040520201657.56cb3ed8.adam.mclaurin@gmx.net> In-reply-to: Your message of "Thu, 20 May 2004 20:16:57 EDT." <20040520201657.56cb3ed8.adam.mclaurin@gmx.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Fri, 21 May 2004 07:22:37 -0400 Sender: louie@transsys.com Message-Id: <20040521112237.615B220FFD@whizzo.transsys.com> cc: freebsd-net@freebsd.org Subject: Re: Problems setting up Vonage VoIP with FreeBSD + ipfilter X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 May 2004 11:22:50 -0000 > So I got set up with Vonage VoIP, which I am really excited to have, but > I am having a heck of a time getting it set up behind my FreeBSD box. > > My network configuration is as follows: > Cable modem --> FreeBSD 5.2.1-R (ipf/ipnat) --> 8-port D-Link Switch --> > Internal network > > The Vonage Voice Terminal (VT) is on port 8 of the switch > > So basically what I need to do is forward the following UDP ports to the > VT (which I will be assigning 192.168.56.22). > 53 > 69 > 5060-5061 > 10000-20000 > > So in my ipf.rules I added the following: > pass in quick on dc0 proto udp from any to any port 9999 >< 20001 > pass in quick on dc0 proto udp from any to any port = 53 > pass in quick on dc0 proto udp from any to any port = 69 > pass in quick on dc0 proto udp from any to any port = 5060 > pass in quick on dc0 proto udp from any to any port = 5061 > > And in the ipnat.rules I added: > rdr dc0 146.115.126.186/32 port 53 -> 192.168.56.22 port 53 udp > rdr dc0 146.115.126.186/32 port 69 -> 192.168.56.22 port 69 udp > rdr dc0 146.115.126.186/32 port 5060 -> 192.168.56.22 port 5060 udp > rdr dc0 146.115.126.186/32 port 5061 -> 192.168.56.22 port 5061 udp > > Now, I'm not 100% certain the rdr's are correct (I'm not too comfortable > with ipnat, and the docs confuse the hell out of me). > > However, I have absolutely no idea how to forward all UDP ports from > 10000-20000 without manually writing a rule for each port (which seems > to be a very bad idea just for the processing overhead on each incoming > UDP packet). > > Can someone guide me through this? There aren't any Vonage How-To's for > FreeBSD yet, so I'm pretty much flying blind. I'm using a Vonage CPE device behind a FreeBSD firewall built with ifpw/natd. I did not have to add any inbound NAT mappings at all. Perhaps you should start with a simpler configuration? louie