angeraer
Forum User
- Joined
- Dec 4, 2017
- Messages
- 6
- Reaction score
- 0
Hello,
I've been reading this forum and the website for quite a while now trying to figure out the best practice implementation for a 'hosted' installation. There are numerous threads about this topic and I already installed it +20 times now in all different configurations trying to see what works best. Can I summarize the 3CX best practice possibilities to this:
The fact that I currently have an 'unknown brand' cloud PBX from a provider currently working without a SBC and without STUN configured on the phones means they are using some other technology? How is it possible that this system doesn't need firewall rules or whatever to have it operational?
thanks,
Andy.
EDIT1: Added VPN solution as suggested by @sip.bg
EDIT2: Added off-premise SBC colution as suggested by accentlogic
I've been reading this forum and the website for quite a while now trying to figure out the best practice implementation for a 'hosted' installation. There are numerous threads about this topic and I already installed it +20 times now in all different configurations trying to see what works best. Can I summarize the 3CX best practice possibilities to this:
- On-premise installation:
- Phones and PABX in the same (V)LAN
- Off-premise installation:
- if extensions < 5 use direct SIP with STUN. (Firewall rules needed in both ways with unique ports per phone!)
- If extensions < 50 use a SBC. SBC and phones in same (V)LAN.
- If extensions > 50 use multiple SBCs and phones in multiple (V)LANs since there is a limitation in number of extensions per SBC.
- Tunnel on-premise phone (V)LAN via VPN to off-premise PABX. (Example encrypted EoIP Layer 2 tunnel)
- Use an off-premise non-3CX SBC as a SIP proxy. Phones will be seen as if they are locally connected to the PABX. (Not supported by 3CX)
The fact that I currently have an 'unknown brand' cloud PBX from a provider currently working without a SBC and without STUN configured on the phones means they are using some other technology? How is it possible that this system doesn't need firewall rules or whatever to have it operational?
thanks,
Andy.
EDIT1: Added VPN solution as suggested by @sip.bg
EDIT2: Added off-premise SBC colution as suggested by accentlogic
Last edited: