Pfsense Port Foward & Filter

[mikecLA]

I've successfully installed pfsense in between my uverse modem and LAN hub, and can NAT Forward SIP traffic so external phones can register on my network. What I need to do next is add a filter to this rule only that will block every IP address attempting to get in except one (or those from a list manually entered).

How can this be done?

 

[jadams]

This is done in the firewall rules.

firewall--->rules

Add a new firewall rule and the boxes should be somewhat self explanatory.

Choose an interface you want it to apply to
Choose the source, can be a network, a single IP, etc
Choose the destination its going to
and the ports.

 

[mikecLA]

Could not get the asterisk server to register SIP trunks behind pfsense. Ended up getting untangle to work correctly, so I'm using that right now -- Does exactly what I need, firewalls everything and lets me specify source IP address for SIP connections to forward.

I like pfsense better, so I'll play with that, but for now, using untangle as the live firewall. Just getting either one of them to work with AT&T uverse was an absolute nightmare. Uverse wants control of everything and little documentation exists for the NVG510 modem.