Re: Problems setting up Vonage VoIP with FreeBSD + ipfilter

From: Louis A. Mamakos (louie_at_TransSys.COM)
Date: 05/21/04

  • Next message: Nelis Lamprecht: "Re: named in sandbox" 
    To: Adam McLaurin <adam.mclaurin@gmx.net>
Date: Fri, 21 May 2004 07:22:37 -0400

    > So I got set up with Vonage VoIP, which I am really excited to have, but
    > I am having a heck of a time getting it set up behind my FreeBSD box.
    >
    > My network configuration is as follows:
    > Cable modem --> FreeBSD 5.2.1-R (ipf/ipnat) --> 8-port D-Link Switch -->
    > Internal network
    >
    > The Vonage Voice Terminal (VT) is on port 8 of the switch
    >
    > So basically what I need to do is forward the following UDP ports to the
    > VT (which I will be assigning 192.168.56.22).
    > 53
    > 69
    > 5060-5061
    > 10000-20000
    >
    > So in my ipf.rules I added the following:
    > pass in quick on dc0 proto udp from any to any port 9999 >< 20001
    > pass in quick on dc0 proto udp from any to any port = 53
    > pass in quick on dc0 proto udp from any to any port = 69
    > pass in quick on dc0 proto udp from any to any port = 5060
    > pass in quick on dc0 proto udp from any to any port = 5061
    >
    > And in the ipnat.rules I added:
    > rdr dc0 146.115.126.186/32 port 53 -> 192.168.56.22 port 53 udp
    > rdr dc0 146.115.126.186/32 port 69 -> 192.168.56.22 port 69 udp
    > rdr dc0 146.115.126.186/32 port 5060 -> 192.168.56.22 port 5060 udp
    > rdr dc0 146.115.126.186/32 port 5061 -> 192.168.56.22 port 5061 udp
    >
    > Now, I'm not 100% certain the rdr's are correct (I'm not too comfortable
    > with ipnat, and the docs confuse the hell out of me).
    >
    > However, I have absolutely no idea how to forward all UDP ports from
    > 10000-20000 without manually writing a rule for each port (which seems
    > to be a very bad idea just for the processing overhead on each incoming
    > UDP packet).
    >
    > Can someone guide me through this? There aren't any Vonage How-To's for
    > FreeBSD yet, so I'm pretty much flying blind.

    I'm using a Vonage CPE device behind a FreeBSD firewall built with
    ifpw/natd. I did not have to add any inbound NAT mappings at all. Perhaps
    you should start with a simpler configuration?

    louie

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Nelis Lamprecht: "Re: named in sandbox"