• V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

Direct Remote Extension

Status
Not open for further replies.

EricMatelyan

Joined
May 6, 2013
Messages
4
Reaction score
0
Hello,

I've been having trouble trying to setup a direct remote extension for the past 2 days, and was hoping I could get some assistance on this.

We have 2 sites, both with Static IPs
Site A has a 3cx server
Site B only has 3 users, and I'm trying to setup direct remote extensions to connect to Site A
Both sites have Cisco ASA 5505 firewalls
We are using Grandstream GXP-2100 phones

I've configured port forwarding on both firewalls
The Firewall checker verifies that the ports are forwarding correctly
I've followed the instructions at the two links below,
http://www.3cx.com/blog/voip-howto/remote-extensions/
http://www.3cx.com/blog/docs/provisioning-a-remote-extension/
The last step states to point the "Config Server Path" to "//PublicIPofPBX:5000/provisioning", and the phone will download the configuration, however nothing happens after this point.
I created a test document at this location, //PublicIPofPBX:5000/provisioning, and I'm able to open it from the remote site, so I know that the port is open. Any suggestions?

Another note, we have an IPSec VPN between the two sites. Is there any easier way to do this through the VPN? I know the other option was to setup a proxy server at the remote site, but management wanted this done sooner than later, so I figured I could get it configure remote extensions real quick, and have our phones up. I was obviously wrong.
 
Setting up external extension has not been one of my successes.

I did note that you have a VPN. The two networks should be mapped and you should not have to open any ports. The firewall settings should be for the ISP IPs.

Over the VPN, the remote extensions show up as local.

Yes? No?
 
I was able to setup a proxy manager at the remote location, and have the remote phones go through that successfully. It doesn't seem as though the phones are travelling across the tunnel though.

I'm not going to fuss around with it anymore at this point, because it was a pain to even get this far, but I wasn't able to find ANY documentation, tutorials, videos, etc...on how to set it up with a VPN. Maybe I'm doing something wrong on my end, but the VPN works fine for everything else.

Thank you for the reply
 
It can depend how you are using VPN. Are the devices connecting directly with the VPN server (acting as VPN clients), PC's running the 3CX soft phone, and some other devices are capable of this, or is all VPN handled by a VPN router at the remote end. If it's the later (which I suspect), and assuming that the IP's of the remote sets (devices) are on the same subnet as the "home" LAN, then all setting of the phones should be as if they were on the same LAN as the 3CX server. In this case there should be no need for port forwarding.
 
When you attempt to setup the direct external extensions are you than able to see the phone attempting to connect on the server activity log or is does it nothing at all?
 
Have phones working over site-to-site vpn as well as remote extensions without any problems. If you have VPN connection between sites, why would you bother with remote extensions at all? Does it show anything about those phones trying to connect in 3cx log?
Can computers/servers in both sites A and B access/ping/etc. the other end?
 
Agreed.. we found that trying to run connections at a remote office using both remote extension configs as well as direct extension configs which traversed the VPN were problematic.. regardless of the "why would you ever" question.

If you want to stick with VPN, turn off SIP-ALG on your edge firewall. While I doubt it would or even should come into play since the traffic for VoIP over the VPN is the same for the rest of the data over the VPN.. it should not even look at it.. but make sure it is not.

I have a client with multiple remote offices.. I just cut over using remote extensions at one to using the VPN tunnel instead.
While I hate bumping the payload to send VoIP over VPN, I am beginning to believe the firewall had better be up to snuff to handle it instead of dinking around with the "multiple remote extension at remote office" scenario. Ended up wasting more time there than just doing the VPN.. go figure.
 
Status
Not open for further replies.

Getting Started - Admin

Latest Posts

Forum statistics

Threads
141,625
Messages
748,896
Members
144,739
Latest member
Ghisl1
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.