Auto provisioning (PnP) not working on ESXi and pfSense

Discussion in '3CX Phone System - General' started by Taigar, Feb 1, 2017.

Thread Status:
Not open for further replies.
  1. Taigar

    Joined:
    Jan 16, 2017
    Messages:
    7
    Likes Received:
    1
    Hello,

    First post, I searched the 3CX, pfSense and VMware forum, but didn't find my answer yet.
    I also made a post on the pfSense forum: https://forum.pfsense.org/index.php?topic=124720.0

    Problem is: auto provisioning is not working.

    It is my first ESXi install, and my first 3CX install. ESXi installed fine, created a Debian 8 VM, and installed 3CX. Connected this 3CX virtual server to my home network (Edgerouter Lite, and Toughswitches), connected a Yealink T41P phone to a ToughSwitch (PoE), and logged in to the web interface of 3CX.
    The phone showed up without any problems (using PnP, multicast), everything looked good!

    I played a little around with settings, and made an internal call on my desktop between 2 phones (T41P).

    Then it was time to install pfSense (this is the firewall application we have in our office, and I am also planning on installing it at home as VM. Worked many years with pfSense, and have a pretty good understanding of the software).
    I created a pfSense VM, setup 2 LAN networks (1x LAN, 1x LAN-VOIP (for testing)), and changed the switch and portgroup on the ESXi web interface (little bit trial and error, but I managed to get a VLAN for VOIP, with in this VLAN the 3CX server, and 2 phone's)

    With a little help from google, I managed to change all the settings on the 3CX server (change from VLAN also made a change in IP address). But I couldn't get the phone's to auto provision.
    I made a new Debian 8 VM, and installed 3CX fresh on the new VLAN (to be sure it didn't had any old IP's somewhere in the settings)
    But again, no auto provisioning.

    I tried every possible setting in the ESXI, and on the pfSense, but it didn't help.
    Then I again made a new Debian VM, and installed 3CX, this time connected to the home network again. Just to be sure it still worked (and I didn't make any faults configuring the switch/portgroup). And it worked!

    Now I only need to know why it is not working with my pfSense VM. Do I need to change some settings? Are the multicast packets blocked on the vSwitch? Does pfSense have anything to do with it?
    Does someone over here have any experience with this problem? Can you help me solve it?

    If you need more info, let me know!
     
    Sopock likes this.
  2. StefanW

    StefanW Head of Customer Support and Training
    Staff Member 3CX Support

    Joined:
    Jun 2, 2009
    Messages:
    1,216
    Likes Received:
    88
    so is the PBX and the Phone in the same network or routed via the pfsense. I run this setup for our departments 100 times so general this is not an issue. Can you define all IP addresses your have in use for phone and pbx?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Vali_3CX

    Vali_3CX Well-Known Member
    Staff Member 3CX Support

    Joined:
    Dec 12, 2008
    Messages:
    1,480
    Likes Received:
    67
    Also, Taigar, the PBX port should be 5060
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. Taigar

    Joined:
    Jan 16, 2017
    Messages:
    7
    Likes Received:
    1
    Thans for your reply.

    The 3CX and Phone are in the same network (same VLAN) connected to the pfSense. They are in the same subnet, and I am able to ping the phones from the 3CX server.

    I don't have the IP addresses available right now, because I tried another setup to find out the problem. But it was like this:

    pfSense 172.25.70.1
    3CX 172.25.70.2
    T41P 172.25.70.3
    T41P 172.25.70.4

    I installed the 3CX with default settings, and also checked the SIP port to be 5060 (it was default).

    One thing I might try is swapping out the ToughSwitch, as I am not such a big fan of these switches anymore. I have a netonix switch, lets try that.

    The setup you ran, it also has only ESXi with vSwitches, or did you also have vCenter Server and distributed switches?
     
  5. dan_tx

    Joined:
    Nov 3, 2016
    Messages:
    99
    Likes Received:
    27
    I've had to enable promiscuous mode and all VLAN's on virtual switches before to ensure all broadcast traffic was seen. If your putting 3cx on it's own virtual switch in esxi this might work for you.

    I haven't used a tough switch with 3CX, however I know they are made by Ubiquiti , the same as the Ubiquiti Unifi switches which I have used. On the Unifi switches we had IGMP Snooping enabled and 3CX auto provision would not work because the switch did not properly transmit the broadcast traffic. Upon turning IGMP snooping off on the Ubiquit Unifi switch, auto provisioning worked immediately. I would suggest checking your toughswitch and make sure IGMP snooping is turned off.
     
  6. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    447
    Likes Received:
    20
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    6,016
    Likes Received:
    421
    First of all it is multicast and not broadcast used. In order to ensure that your server listens to multicast requests open an SSH and type netstat -g
    You should see sip.mcast.net next to your default network interface.
    You could also run tshark on the server and filter with the ip of the phone or the multicast ip which is 224.0.1.75
    the phonesmust be factory reset ti send multicast

    https://www.3cx.com/docs/plug-and-play-ip-phone/
     
  8. jbryant84

    jbryant84 New Member

    Joined:
    Apr 6, 2016
    Messages:
    109
    Likes Received:
    40
    Have you tried adding option 66 to DHCP using the provisioning link found on an extension?
     
  9. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    447
    Likes Received:
    20
    It is there. OP was confused that there should be 224.0.1.75...
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Taigar

    Joined:
    Jan 16, 2017
    Messages:
    7
    Likes Received:
    1
    Thanks all for your responses.

    I understand it is multicast traffic.

    I also didn't know what to look for after using 'netstat -g'. I found 1 site which gave me the IP address (224.0.1.75).
    But sip.mcast.net is indeed listed on my 3cx server.

    I tried the Netonix switch, instead of the ToughSwitch, but no result.

    I think somewhere in the ESXi network the multicast is blocked.

    Is it possible to use this without using distributed switches?

    DCHP option 66 I didn't try, because that is not wat I wanted. PnP should be working if it can.

    Factory reset I did (about a hundred times already...)
     
  11. Sopock

    Sopock Member

    Joined:
    Jul 11, 2012
    Messages:
    447
    Likes Received:
    20
    At least for learning purpose I would connect phone to second NIC. Test PnP on softphone?

     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.