Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

3CXPhone Tunnel not connecting

Discussion in 'Windows' started by zarboy, Jul 23, 2014.

Thread Status:
Not open for further replies.
  1. zarboy

    Joined:
    Apr 30, 2012
    Messages:
    13
    Likes Received:
    0
    Hi,

    I have 3CXPhone for windows configured to use the tunnel when out of the office however it still attempts to connect on port 5000. It will connect successfully if I allow 5000 though and I can see no attempt on port 5090 at any stage.

    The Re-Provision URL is not enabled\selected and the system is a fully patched V12. Remote tunnel connections are allowed but I would at least expect to see traffic on 5090 on the firewall anyway.

    Any ideas please?

    Thanks,

    M
     
  2. pj3cx

    pj3cx Active Member

    Joined:
    Aug 1, 2013
    Messages:
    646
    Likes Received:
    1
    Hi there,
    It will still attempt to reach port 5000 tcp for presence infos, contacts, profile toggle, etc..
    HTTP traffic to web server does not pass through tunnel, so you will always have to allow both web port and tunnel port for your remote 3CXPhones.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. zarboy

    Joined:
    Apr 30, 2012
    Messages:
    13
    Likes Received:
    0
    OK thanks for the quick reply, have you enabled this? It seems quite risky given the details that can be pulled down from the provisioning url...
     
  4. pj3cx

    pj3cx Active Member

    Joined:
    Aug 1, 2013
    Messages:
    646
    Likes Received:
    1
    You could backup your config, redo the phone system setup selecting HTTPS in setup wizard and inputting correct FQDNs, so that your 3CXPhone can communicate through HTTPS rather than HTTP. Also, note that the risk is low as 3cxconfig files have random filenames.
    Furthermore you should filter through your firewall who can access what.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.