Difference between revisions of "Installing FusionPBX behind pfSense"
From FusionPBX
(Created page with "First we need to config pfSense to open the necessary ports for FusionPBX and Freeswitch In pfSense navigate to '''Firewall >> Aliases''' and click on the Ports TAB. '''Name...") |
(→3. Configure FusionPBX) |
||
| (5 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| − | + | The principles explained here can also apply to almost any other Firewall. | |
| − | + | == 1. Create Alias Ports in pfSense== | |
| − | + | * First we need to config pfSense to open the necessary ports for FusionPBX and Freeswitch | |
| − | |||
| − | |||
| − | + | * In pfSense navigate to '''Firewall >> Aliases''' and click on the Ports TAB. | |
| − | ''' | + | '''Name:''' PBX |
| − | + | '''Description:''' FusionPBX | |
| − | + | '''Type:''' Ports | |
| − | |||
| − | |||
| − | |||
| − | + | * Then proceed to add the ports as follows: | |
| + | '''Port''' '''Description''' | ||
| + | 80 HTTP | ||
| + | 443 HTTPS | ||
| + | 5060:5061 SIP Internal | ||
| + | 5080:5081 SIP External | ||
| + | 16384:32768 RTP | ||
| − | == Configure Port Forwarding == | + | * After you are finished Click SAVE |
| + | |||
| + | == 2. Configure pfSense Port Forwarding == | ||
Click on the '+' to add a new Entry | Click on the '+' to add a new Entry | ||
| − | Firewall | + | '''Firewall >> NAT >> Port Forward:''' Edit |
| − | '''Interface:''' WAN | + | '''Interface:''' WAN |
| − | '''Protocol:''' TCP/UDP | + | '''Protocol:''' TCP/UDP |
| − | '''Destination:''' <<Select a Public IP from the List>> | + | '''Destination:''' <<Select a Public IP from the List>> |
| − | '''Destination Port Range:''' | + | '''Destination Port Range:''' |
from: (Other) [[PBX]] | from: (Other) [[PBX]] | ||
to: (Other) [[PBX]] | to: (Other) [[PBX]] | ||
| − | '''Redirect target IP:''' 10.10.0.10 | + | '''Redirect target IP:''' 10.10.0.10 |
| − | '''Redirect target port:''' | + | '''Redirect target port:''' (Other) PBX |
| + | |||
| + | '''Description:''' FusionPBX | ||
| + | '''NAT reflection:''' Use system default | ||
| + | |||
| + | * Click SAVE when done. | ||
| + | |||
| + | |||
| + | == 3. Configure FusionPBX == | ||
| + | |||
| + | * In FusionPBX | ||
| + | |||
| + | '''System >> Variables''' | ||
| + | |||
| + | '''IP Address Section''' | ||
| + | If you have a static public IP you can replace XX.XX.XX.XX with that IP. | ||
| + | |||
| + | external_rtp_ip XX.XX.XX.XX | ||
| + | external_sip_ip XX.XX.XX.XX | ||
| + | |||
| + | or if you have a dynamic IP address you can get a Dynamic DNS from a company such as dyndns.org. | ||
| + | |||
| + | external_rtp_ip myname.dyndns.org | ||
| + | external_sip_ip myname.dyndns.org | ||
| + | |||
| + | '''Advanced >> SIP Profiles''' | ||
| + | |||
| + | Edit the Internal Profile and add: | ||
| + | |||
| + | '''Name:''' aggressive-nat-detection | ||
| + | '''Value:''' true | ||
| + | '''Enabled:''' True | ||
| + | |||
| + | Now we need to Stop and Start the internal profile for the changes to take effect. | ||
| + | |||
| + | '''Status >> SIP Status''' | ||
| − | + | Stop and Start the Internal Profile. | |
| − | |||
| − | + | In most cases this should work fine. | |
| + | I have tested with inbound and outbound calls, calls between extensions, music on hold, call transfers without issues. | ||
Latest revision as of 22:48, 2 April 2014
The principles explained here can also apply to almost any other Firewall.
1. Create Alias Ports in pfSense
- First we need to config pfSense to open the necessary ports for FusionPBX and Freeswitch
- In pfSense navigate to Firewall >> Aliases and click on the Ports TAB.
Name: PBX Description: FusionPBX Type: Ports
- Then proceed to add the ports as follows:
Port Description 80 HTTP 443 HTTPS 5060:5061 SIP Internal 5080:5081 SIP External 16384:32768 RTP
- After you are finished Click SAVE
2. Configure pfSense Port Forwarding
Click on the '+' to add a new Entry
Firewall >> NAT >> Port Forward: Edit
Interface: WAN
Protocol: TCP/UDP
Destination: <<Select a Public IP from the List>>
Destination Port Range:
from: (Other) PBX
to: (Other) PBX
Redirect target IP: 10.10.0.10 Redirect target port: (Other) PBX
Description: FusionPBX NAT reflection: Use system default
- Click SAVE when done.
3. Configure FusionPBX
- In FusionPBX
System >> Variables
IP Address Section If you have a static public IP you can replace XX.XX.XX.XX with that IP.
external_rtp_ip XX.XX.XX.XX external_sip_ip XX.XX.XX.XX
or if you have a dynamic IP address you can get a Dynamic DNS from a company such as dyndns.org.
external_rtp_ip myname.dyndns.org external_sip_ip myname.dyndns.org
Advanced >> SIP Profiles
Edit the Internal Profile and add:
Name: aggressive-nat-detection Value: true Enabled: True
Now we need to Stop and Start the internal profile for the changes to take effect.
Status >> SIP Status
Stop and Start the Internal Profile.
In most cases this should work fine. I have tested with inbound and outbound calls, calls between extensions, music on hold, call transfers without issues.
