RTP Ports - Please Help! 1

[Voyto]

Hi All,

I have recently just replaced our office router for something more substantial for our network size (ASUS Merlin -> OPNsense)

I have copied over all port-forwards from the old router to the new. There was a NAT Passthrough section on the old which doesn't exist on the new - possibly my issue?

Anyway, since the switchover - our H.323 remote IP phones can connect, dial out, receive calls.....but no sound.

I've tested going overboard with the port-forwards and was able to get one-way audio, but the port range I used was way too big for production use.

My new router allows me to monitor the firewall activity and it's confusing me massively! I can't seem to spot a pattern. Below is the firewall output when I try calling a remote worker....

INTERFACE     SOURCE            DESTINATION       PROTOCOL
WAN           REMOTE_IP:49658   OFFICE_IP:45496   UDP
WAN           REMOTE_IP:49659   OFFICE_IP:45497   UDP
WAN           REMOTE_IP:50510   OFFICE_IP:65340   UDP
WAN           REMOTE_IP:50511   OFFICE_IP:65341   UDP
WAN           REMOTE_IP:49244   OFFICE_IP:51673   UDP
WAN           REMOTE_IP:52470   OFFICE_IP:1967    UDP

I assume these are the RTP ports - but they aren't following the range specified in System > LAN > VoIP (49152-49410)

The only variable that's changed is the router - so I obviously don't have my firewall configured correctly...but based on the above, my previous rules aren't working. Here are the port forwards I have....

Please help!

 

[Voyto]

Fixed myself! Thought I'd post in case anyone is to stumble upon this in the future....

In OPNsense, I simply had to create an OUTBOUND NAT rule, with the IP Office as the source and everything else as any. Those random ports above are now a thing of the past and the original port forwards are working great.

 

[Westi]

have a star for posting the solution and thinking of others.

Joe
FHandw, ACSS, ACIS

"Dew knot truss yore Spell Cheque