Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Solved 3CX with multiple Local Subnets

Discussion in '3CX Phone System - General' started by Molan21, Oct 30, 2017.

Thread Status:
Not open for further replies.
  1. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    How do I get my 3CX system working correctly with multiple local subnets.

    I have two subnets in my site. Subnet A and Subnet B the 3CX PBX is on Subnet A and all phones and clients work great if connected to subnet A,

    However if I connect a client or phone to Subnet B it sees that it is not on the Default Subnet A that is in the provisioning file and then tries to use the External PBX IP xxx.west.3cx.us which then resolves back to the public IP of my network and promptly fails. (Because Meraki doesn't support DNS Hair pin turns, I have already talked to Meraki Support to see if they do)

    If I edit the client to remove the External PBX IP it will connect fine and work until the next re-provision at which point the External PBX IP is restored and the connection lost again.

    Thanks
     
  2. cobaltit

    cobaltit Well-Known Member

    Joined:
    Mar 22, 2012
    Messages:
    1,620
    Likes Received:
    244
    I think there is a slight misunderstanding here. There is no decision making process happening in the phones. They strictly read the provisioning file and attempt to connect based on that. There is no deciding if they are in the same subnet or not. The soft phones will do that but the regular phones won't. You also make no mention of how the subnets are connected. But assuming you have to private subnets with proper routing between them there really isn't anything to do. You provision the extension as Local and somehow get that provisioning file on the phone. If it doesn't work then your network isn't setup correctly. If when installing 3CX you told it to use the 3CX provided domain for your internal clients then you either need hairpin support or preferably you need control over DNS at Subnet B so that it resolves to the internal private IP of your 3CX instance.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    YiannisH_3CX likes this.
  3. pact

    pact New Member

    Joined:
    Dec 16, 2009
    Messages:
    219
    Likes Received:
    41
    Can you confirm you are using 'Local Lan (in the office)' provisioning method?

    Also that your two subnets can route between them? (no firewall blocking).
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Saqqara

    Saqqara Well-Known Member

    Joined:
    Mar 12, 2014
    Messages:
    1,255
    Likes Received:
    203
    Things to check

    a routing issue between the two networks - if you are in lan b can you access the 3cx server I.e 3cx console via IP address

    As above, what provisioning method have you used - should be lan if routing setup correctly. You may have to setup option 66 for dhcp to point the phones to the correct provisioning server just for lan b - https://www.3cx.com/sip-phones/dhcp-option-66/

    If in lan b, when you do an nslookup for xxx.west.3cx.us what is the IP address - it is the wan ip ?. If so then you need to setup the dns for this record to point to the IP address of the 3cx server for lan b
     
    #4 Saqqara, Oct 31, 2017
    Last edited: Oct 31, 2017
  5. eddv123

    eddv123 Well-Known Member

    Joined:
    Aug 15, 2017
    Messages:
    1,441
    Likes Received:
    189
    What IP handsets are you using? If fully supported and they are seen by the local subnet of the PBX you will be able to see them in your phone's list for PnP Provisioning, if not as with the above suggestions use DHCP Opt 66 which is used for setups like this as well as across a VPN (phones not in primary subnet).

    You may also want to have a look over this useful 3CX guide, it covers both multiple network subnets and NIC cards:
    https://www.3cx.com/blog/docs/network-configurations-supported-3cx-phone-system/
     
  6. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    447
    Likes Received:
    20
    In this case 3CX client is running on Android based phone?:confused:
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    To clarify.
    1. I am talking about the 3CX soft phone client app Specifically. not a hardware phone
    2. Yes I can route between the two subnets. as I mentioned above if I delete the external IP the client connects fine.
    3. No there is not firewall between the subnets
    4. I have a Meraki MX100 device. It does not support hairpin turns I already confirmed this with Meraki Support
    5. I do have control of my internal DNS
     
  8. cobaltit

    cobaltit Well-Known Member

    Joined:
    Mar 22, 2012
    Messages:
    1,620
    Likes Received:
    244
    1. Thank you for clarifying. Originally you said when I connect a client or phone which led to the confusion.
    2. Good
    3. Good
    4. Good
    5. So you can either create a DNS entry in the servers servicing subnet B to resolve your 3CX provided domain name to the private IP (avoiding hairpin) or you can backup, uninstall, reinstall and this time pick either the IP address option or your own internal FQDN that will resolve without hairpin for the internal interface. Then reprovision the phones in subnet B
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    If I understand what you are saying with the reinstall option. I would then lose access for clients that are offsite if I used an internal FQDN would I not?

    For DNS I had thought about doing this however my issue with creating a DNS entry is that in order to redirect it I would have to create a Zone "west.3cx.us" but because I am managing multiple remote sites that all fall under this DNS zone I would lose the ability to manage those sites due to the internal DNS record as it would break dns resolution for any other record in this zone.
     
  10. Saqqara

    Saqqara Well-Known Member

    Joined:
    Mar 12, 2014
    Messages:
    1,255
    Likes Received:
    203
  11. cobaltit

    cobaltit Well-Known Member

    Joined:
    Mar 22, 2012
    Messages:
    1,620
    Likes Received:
    244
    During the install after you pick the 3CX FQDN it should give you options to either use the same 3CX FQDN for internal or to use the internal IP or your own FQDN. It's been a while so I might be blending some of the options but something along those lines should be there.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    I agree that this would work however it will cause other issues. As I mentioned above I have multiple 3CX sites and if I do this I will lose the ability manage and connect to my other 3CX sites due to this breaking DNS resolution for all but my internal IP under domain I create
     
  13. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    447
    Likes Received:
    20
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    It gives the option to use both an internal IP and the external FQDN. the issue is that on my second subnet it isn't using the internal IP which it needs to use instead of the FQDN.
     
  15. Saqqara

    Saqqara Well-Known Member

    Joined:
    Mar 12, 2014
    Messages:
    1,255
    Likes Received:
    203
    Not sure if I understand this, all your 3cx should have different fqdn so adding a zone for xxx.west.3cx.us (for example - Pabx.west.3cx.us) it will still work.

    When a device does a dns query, if will find pabx.west.3cx.us and use the IP address associated with this fqdn. All other xxx.west.3cx.us it will use the ip on the internet dns servers. Off course your network devices have to point to your internal dns servers and use forwarders to internet dns servers

    You can test, add the fqdn to the windows host file pointing to the internal IP address and run nslookup commands to see the returned IP address


    What software are you using for internal dns servers ?
     
    #15 Saqqara, Oct 31, 2017
    Last edited: Oct 31, 2017
  16. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    Yes, each site has a unique FQDN but each FQDN is still part of the same domain. If I create an entry for that domain on my DNS server I will break resolution for every FQDN except for the one I have manually created.

    For example Site1.west.3cx.us and Site2.west.3cx.us. In order to redirect Site1.west.3cx.us I must create a DNS zone for west.3cx.us which means I am now answering DNS queries for all Sub domains of west.3cx.us so my server will respond to both addresses. Site1 will return my IP, and Site2 will now return as no record found because my server has no record of it.
     
  17. Saqqara

    Saqqara Well-Known Member

    Joined:
    Mar 12, 2014
    Messages:
    1,255
    Likes Received:
    203
    you create a dns zone for site1.west.3cx.us not West.3cx.us

    What dns software are you using
     
    Molan21 likes this.
  18. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    7,448
    Likes Received:
    540
    I think there might be some confusion here. First of all please let us know how the PBX is installed, You are using a 3CX FQDN but what are you using locally? Is the system installed with local IP or split DNS?
    By this you mean that you see the actual public IP in the 3CX client or do you mean the public FQDN (.west.3cx.us). Also is there a local IP or an FQDN in the clients "In office" setting?
     
  19. Molan21

    Joined:
    Oct 26, 2017
    Messages:
    26
    Likes Received:
    1
    Adding the entire DNS record never occurred to me for some reason. Call it PEBKAC I guess. Thank you for pointing that out. I just did as you suggested and all is working correctly now.
     
  20. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    7,448
    Likes Received:
    540
    Glad the issue is resolved and thank you for the update
     
Thread Status:
Not open for further replies.