Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Desktop IP Phone with native tunnel support ?

Discussion in '3CX Phone System - General' started by itgs, Dec 9, 2015.

Thread Status:
Not open for further replies.
  1. itgs

    Joined:
    Nov 8, 2008
    Messages:
    58
    Likes Received:
    1
    Do you know if exist any desktop ip phone that supporto natively the 3cx tunnel ?

    Could be a nice solution to semplify configuration (no SBC need) in small remote offices (2 / 3 phone) where there is no server inside and the 3CX Phone System is in cloud.

    Thank you
     
  2. Charles_3CX

    Charles_3CX New Member
    3CX Support

    Joined:
    Jul 6, 2015
    Messages:
    114
    Likes Received:
    4
    HI There,

    All the IP Phones listed in our Preferred / Recommended list, http://www.3cx.com/sip-phones/ , have the capability to connect remotely to 3CX Phone System using the 'Stun provisioning' method. Although this does not create a tunnel and uses the stun ports configured under the provision tab of the extension. You can also use a VPN connection from your remote site to the network that hosts the 3CX Phone System server (as long as the actual VPN connection is not initiated from the server itself but rather a firewall /router type VPN). This will enable you to also connect your IP Phones as local Lan.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. itgs

    Joined:
    Nov 8, 2008
    Messages:
    58
    Likes Received:
    1
    Thank you Charles for your reply.

    So, if I well understood, there is no desktop ip phone able to connect directly at the 3CX using tunnel, right ?

    This mean that, if I want to use this method (to reduce nat/sip/rtp issues and limit licenses usage with in-lan extensions communications) the only way is to install on a local server the Session Border Controller, right ?

    If yes, could you clarify me if it is necessary configure something on firewall or stun to permit communications from SBC to 3CX (installed in cloud on a public ip address) ?

    I installed SBC on a Win2k8R2 but don't work.
    Analyzing log files, I found tons of this two row:

    ALERT | 20151209-074409.000 | 3CXTunnel | TUNL | 1640 | TunnelTcp.cpp:344 | Sending first packet from [ V4 0.0.0.0:6013 UNKNOWN_TRANSPORT target domain=unspecified mFlowKey=0 ] to [ V4 My3CxIpAddress:5090 TCP target domain=unspecified mFlowKey=0 ]

    ERR | 20151209-074409.046 | 3CXTunnel | TUNL | 1640 | TunnelTcp.cpp:159 | Bridge [3CXSBC14.0.45961.29] failure 'Connection is terminated by peer - while begin to read a packet from tunnel' on TCP connection: TunnelTcp::process

    This is the config file:

    [Log]
    Type=file # cout, cerr, file, syslog
    File=C:\ProgramData\3CXSBC\Logs\3cxsbc.log
    Level=ERR # NONE", "EMERG", "ALERT", "CRIT", "ERR", "WARNING", "NOTICE", "INFO", "DEBUG", "STACK", "ERR", "VERBOSE"
    [Bridge/123456]
    Name=3CXSBC14.0.45961.29
    ID=123456
    #LocalSipPort=5060 # local SIP (UDP/TCP) address (def: 5060)
    #LocalSipAddr=0.0.0.0
    PbxSipIP=My3CxIpAddress
    PbxSipPort=5060
    Password="myPassword"
    SecurityMode=0
    TunnelAddr=My3CxIpAddress
    TunnelPort=5090
    [General]
    PrintStatsInterval=30
    ReconnectInterval=30

    Could you help me to understand where is the issue ?

    Thank you for support
     
  4. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    11,109
    Likes Received:
    329
    Using the tunnel requires that port 5090 be open (forwarded) at the PBX end, has this been done? Have you successfully run any other device over the tunnel, such as an Android 3CX phone App? Doing so would confirm that all settings are correct at the PBX end and any "problems are with the SBC.
     
  5. itgs

    Joined:
    Nov 8, 2008
    Messages:
    58
    Likes Received:
    1
    Yes

    Yes

    I don't understand why don't work !

    Is there anybody here that could check my sbc configuration file ?

    Thank you
     
  6. andreaschr

    Joined:
    Oct 26, 2015
    Messages:
    91
    Likes Received:
    6
    Hi there,

    If you have any bluetooth or wifi device disable them .
    Go to View network connections.Press the ALT key, click Advanced Options and then click Advanced Settings.
    Select the correct Connection and click the arrows to give priority to the desired connection.
    Restart the SBC and check if that worked . If not Edit the config file and uncomment this #LocalSipAddr=0.0.0.0 and replace the 0.0.0.0 with the ip of the machine . ex. LocalSipAddr=192.168.1.10 . Restart the SBC the check again.

    Let me know if that solve your issue.
     
  7. itgs

    Joined:
    Nov 8, 2008
    Messages:
    58
    Likes Received:
    1
    Thank you Andreaschr...

    I tried what you suggest to me but, nothing change.
    I have only one nic on the server.
    I uncommented the row in config file but in log, I noticed that there is no local ip address:

    ALERT | 20151215-152937.908 | 3CXTunnel | TUNL | 10484 | TunnelTcp.cpp:344 | Sending first packet from [ V4 0.0.0.0:62412 UNKNOWN_TRANSPORT target domain=unspecified mFlowKey=0 ] to [ V4 MyPbxIpAddress:5090 TCP target domain=unspecified mFlowKey=0 ]
    ERR | 20151215-152937.924 | 3CXTunnel | TUNL | 10484 | TunnelTcp.cpp:159 | Bridge [3CXSBC14.0.45961.29] failure 'Connection is terminated by peer - while begin to read a packet from tunnel' on TCP connection: TunnelTcp::process

    I have no idea why this happen....

    Thank you for support
     
  8. eagle2

    eagle2 Well-Known Member

    Joined:
    Apr 27, 2011
    Messages:
    1,085
    Likes Received:
    11
    I suggest using MikroTik or similar router supporting L2TP or OpenVPN tunnels. Most of hardware phones (Yealink, Fanvil) are capable of connecting to SIP server (i.e. 3CX phone system) via tunnel. For 3CX PS the connection is local LAN one. This method may be even better than using SBC, at least the tunnel may be encrypted and more secure.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.