Static source ports with outgoing NAT'ed VoIP traffic vie PPPoE

Security Gateway Discussions
Post Reply
SECOIT GmbH
Posts: 32
Joined: 13 Feb 2018, 16:20
Contact:

Static source ports with outgoing NAT'ed VoIP traffic vie PPPoE

Post by SECOIT GmbH » 17 Apr 2018, 08:15

Hi All,

What is the best way to have static source ports for UDP packets (SIP and RTP) when using source NAT (internal private IPv4 address via public WAN IPv4 address to SIP provider) via PPPoE?

When doing a "normal" source NAT the connection itself works but source ports are changed.
Example:
LAN side: 192.168.1.100:5060 -> 217.0.10.20:5060, translated WAN side: 33.44.55.66:34756 -> 217.0.10.20:5060

How can I achieve that the source port doesn't change? I tried using source SAT but that seems unreliable with PPPoE. The E80 crashed and automatically rebooted a few times when I applied/commited changes on the source SAT and the connection itself from the PBX to WAN was unreliable (sometimes worked, sometimes packets were never translated and were stuck on the LAN side).

So what is the best way (in terms of reliable and firewall not crashing) to have static source ports when doing outbound (source) NAT via a PPPoE connection? This would also be required for RTP packets (which is not a single static 5060 source port but rather a range of ports).

Btw, I tried only policies so far. No IP rules.


Thanks,
Michael
--
Michael Steffens
SECOIT GmbH
https://www.secoit.de

Post Reply