From owner-freebsd-pf@FreeBSD.ORG Thu Jul 7 13:03:08 2005 Return-Path: X-Original-To: freebsd-pf@freebsd.org Delivered-To: freebsd-pf@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7341216A41F for ; Thu, 7 Jul 2005 13:03:08 +0000 (GMT) (envelope-from jmelo@freebsdbrasil.com.br) Received: from capeta.freebsdbrasil.com.br (vrrp.freebsdbrasil.com.br [200.210.70.30]) by mx1.FreeBSD.org (Postfix) with SMTP id 8A8D643D4C for ; Thu, 7 Jul 2005 13:03:06 +0000 (GMT) (envelope-from jmelo@freebsdbrasil.com.br) Received: (qmail 48726 invoked by uid 0); 7 Jul 2005 10:03:05 -0300 Received: from jmelo@freebsdbrasil.com.br by capeta.freebsdbrasil.com.br by uid 82 with qmail-scanner-1.22 (uvscan: v4.3.20/v4529. spamassassin: 2.64. Clear:RC:1(201.17.165.147):. Processed in 0.415182 secs); 07 Jul 2005 13:03:05 -0000 Received: from unknown (HELO ?10.69.69.2?) (201.17.165.147) by capeta.freebsdbrasil.com.br with SMTP; 7 Jul 2005 10:03:04 -0300 Message-ID: <42CD2829.4020007@freebsdbrasil.com.br> Date: Thu, 07 Jul 2005 10:03:37 -0300 From: Jean Milanez Melo User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050614) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-pf@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: freebsd 5.4 with pf nat and voip X-BeenThere: freebsd-pf@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Technical discussion and general questions about packet filter \(pf\)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Jul 2005 13:03:08 -0000 Thomas Maack Nielsen wrote: >I have the following setup: > >FreeBSD 5.4 with pf enabled. > >pf works as the firewall and does the NAT to. > >On the NAT side i got 2 x pc's and 2 x Grandstream 286 voip adaptors. > >My NAT rule is the following: > >nat pass on $extern from $intern:network to any -> $extern > >This works fine for my pc's, but not for my Grandstreams, they are setup >to use a STUN serve for easy configuration, but the tell me that I am >using symmetric NAT type, and for symmetric NAT a STUN server doesn't >work, is it possiable to change the NAT type to any other than symmetric NAT? >Or is it the STUN server detecting wrong? > >Regards, > >Thomas Maack Nielsen > >_______________________________________________ >freebsd-pf@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-pf >To unsubscribe, send any mail to "freebsd-pf-unsubscribe@freebsd.org" > > Thomas, What the protocols are you using in Grandstremas? SIP? If it is SIP try to configure redirect ports like this: rdr on $ife proto tcp from any to any port 5060 -> $Grandstream_IP port 5060 rdr on $ife proto udp from any to any port 5060 -> $Grandstream_IP port 5060 I hope it can help you. -- Atenciosamente Jean Milanez Melo FreeBSD Brasil LTDA. Fone: (31) 3281-9633 http://www.freebsdbrasil.com.br