Special thanks to both of you... With ANY I mean "all TCP and UDP ports".
Maybe when the remote peer sends to my PBX the SIP packet with the SIP Options, the response from the PBX is a SIP packet defined as ESTABLISHED traffic....and this ESTABLISHED feature is not working or not defined in pfSEnse firewall rules ??? Because the SIP response packet from PBX to the remote peer is not a new traffic, is an established traffic.... Thanks a lot again, regards!!! 2018-01-09 12:17 GMT-03:00 Giles Coochey <gi...@coochey.net>: > On 09/01/2018 14:34, Roberto Carna wrote: >> >> Dear, I have an Asterisk PBX in a DMZ behind a pfSense and a remote >> peer out of the pfSense. I connect PBX and Peer in order to establish >> a SIP trunk. >> >> In the path "PBX -- pfSense -- SIP trunk peer" there is no NAT at all. >> >> So we have generated two firewall rules: >> >> PBX --> SIP Peer with ANY >> SIP Peer --> PBX with ANY > > > When you say any, is it a bit unclear, Protocol any? or TCP any, UDP any? > > Could you elaborate on the exact rules you have set up? > >> >> But often the SIP packets coming from the SIP Peer don't cross the >> pfSEnse to PBX. The packets never reach my PBX. >> >> Is there any feature I have to enable/disable in pfSense in order to >> work with SIP protocol to have established the SIP trunk ??? >> >> The SIP trunk provider tell me that the SIP Options they send me are >> not responded by us. >> >> Thanks a lot, >> >> ROBERT >> _______________________________________________ >> pfSense mailing list >> https://lists.pfsense.org/mailman/listinfo/list >> Support the project with Gold! https://pfsense.org/gold > > > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold