Happy New Year to everyone!
I currently run openBSD FW v7.0 with vpn setups at a few client sites. Fantastic...no issues. One client recently changed office location (this week exactly) and had Bell install a voip system using softphones. The phones worked last week. However, now that the rest of server-room equipment has been brought over and installed on the weekend including the BSD FW, the phones stopped working. A Bell tech spent most of the day on site today switching the Bell modem from bridge mode to pass-through mode but still no luck. We've decided to install a dry-loop to remedy the issue. I prefer not to open any ports obviously, but should I have added a pf rule that explicitly opens port 5060/udp for the sip server? Is anyone using pf with voip phones that could point me in the right direction? I have another client doing a similar implementation in the next 2 weeks albeit different ISP & VoIP provider. So I'm kind of interested in what's the best option or config going forward. Thanks in advance for your response.
