3cxphone5 on microsoft direct access

Discussion in 'Windows' started by smokeman, Apr 21, 2011.

Thread Status:
Not open for further replies.
  1. smokeman

    Joined:
    Dec 10, 2010
    Messages:
    50
    Likes Received:
    0
    so, as you can tell from some of my posts, we are thoroughly testing this in our environment, preparing for a purchase...

    We are deploying 250 laptops on Microsoft's Direct Access. Now directaccess is an ipv6 technlology. I searched, and found some discussion on ipv6, and know it is being worked on. I'm not going to get into that, but instead discuss directaccess with UAG, and it's 6to4 technologies, and translation. We have been able to get several other things working on our direct access clients by using the 6to4 translation. The only thing is instead of ip addresses, you have to use names, and the 6to4 does the translation for you. You can also use ipv6 addresses which you can find out by pinging the name.

    on the 3cxphone5, I'm guessing this is not an option.
    I've tried turning off auto provisioning, and setting the server with a name, instead of an ip address, and no joy.
    I tried turning on the 3cx tunnel with that setup, also no connection.
    I tried downloading the 3cx proxy manager, and testing it with it's outside interface as both ipv4, and ipv6....none of the settings worked.

    the only way I got a 3cxphone5 to connect, was by telling it I was out of the office, and using the external ip(which forced the connection outside directaccess). This wouldn't work if we were doing directaccess with forced tunneling, instead of split tunneling.

    I've tried setting up a 3cx phone system 10, on a 2008 server, with an ipv4, and ipv6 address. I also have a 3cx system9 server on windows xp, with an ipv4 only address, trying to force UAG to do the NAT 6 to 4.

    can anyone think of a way I can get the 3cxphone to connect to 3cx system9 directly over a directaccess client?
     
  2. smokeman

    Joined:
    Dec 10, 2010
    Messages:
    50
    Likes Received:
    0
    alright, since no-one has answered...I'll then assume no-one at 3cx knows about the ipv6 stuff yet, and let me ask another related question:
    if we deploy 3cx softphones to all 200+ notebooks that will be direct access clients, is there any reason not to force them all to be "i am outside the office", with an external ip address? That means, when they are actually in the office, they will be going out our firewall, then back in.
    When the outside option is checked, does the 3cx tunnel still come into play, and does it get the outside ip address, or the inside ip address?
     
  3. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,868
    Likes Received:
    304
    The issue ( and perhaps not the only one) that I could see is an issue with the port number of each user. If you left the port as a default 5060, then if more than one user registered from behind the same public IP, even from the home office, there may be some confusion. aIt it would look to 3CX as the same phone (Public IP + port) and the local router would not know where to send call incoming info.
    I would suspect that, if it worked properly, in all situations, that you could leave " I am out of the office" enabled at all times, then the other options would not have been included.

    When the set registers from behind a public IP, then 3CX would need that IP to be able to reach the phone. The 3CX log will show you how the registration appears to 3CX, in various scenarios.
     
  4. smokeman

    Joined:
    Dec 10, 2010
    Messages:
    50
    Likes Received:
    0
    any further research with this?
    we have moved from testing, to a production deployment. We're rolling out the desk phones now, and looking at what the softphones will do.

    we are using provider nexvortex, which allows unlimited simultaneous calls, and charges are based on minute usage.

    We've set our firewall to accept 900-9099, but we have to worry about simultaneous calls to nexvortex, and to our remote laptop users.

    if we were able to get the 3cx softphone to connect by name, instead of ip address, our UAG server would be able to do ip6 to ip4 nat, and all these calls to softphones would go through the internal interface, and we would not have to worry about external simultaneous calls.
    We hate to tell our users "you have to get on our vpn for the phone to work", since they are now used to using direct access for email, and file server access. will the 3cx tunnel make it to where we won't have to worry about that?
     
Thread Status:
Not open for further replies.