dual WAN - 2 SIP trunks

Discussion in '3CX Phone System - General' started by russellcrowe, Feb 1, 2011.

Thread Status:
Not open for further replies.
  1. russellcrowe

    Joined:
    Nov 18, 2007
    Messages:
    31
    Likes Received:
    0
    Hi

    has anyone had any success in setting up 3CX with 2 adsl line and 2 SIP providers

    i would like to split down 2 adsl line due to needing more bandwidth

    so i have tried to setup the following

    3cx server version 9
    2 sip providers Spitfire and Voip-unlimited

    Draytek 2820 dual wan router
    2 adsl lines
    unsing the ip address of sip provider to direct traffic down WAN1 or WAN2 on the draytek

    i get one sip provider working on WAN1 and the other on WAN2 only being able to make outgoing calls

    any ideas on how to solve this problem where customer needs more bandwidth than avaiable on one adsl line

    thanks
    russell
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,848
    Likes Received:
    299
    It may be something to do with using STUN, and how 3CX is reporting it's public IP to the provider on the second ADSL connection.
     
  3. russellcrowe

    Joined:
    Nov 18, 2007
    Messages:
    31
    Likes Received:
    0
    has any body go a solution working with 3cx and 2 adsl line?
    russell
     
  4. abc123

    abc123 Active Member

    Joined:
    Nov 9, 2009
    Messages:
    712
    Likes Received:
    1
    yes

    You have to turn off STUN on the voip provider field. Ideally you need 2 static public ips (and preferably 2 nics on the pbx machine to do 1 to 1 nat).

    On the Advanced tab for each provider in the Registration Settings area, the last box is "Which IP to use in Contact field for registration". Click the Specified IP and put in the public ip of the ADSL box you want to use for this provider.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. russellcrowe

    Joined:
    Nov 18, 2007
    Messages:
    31
    Likes Received:
    0
    have tried that apart from 2 NIC's

    how would you configure NIC
    as external ip's

    at moment the 1 nic is internal ip

    thanks
    russell
     
  6. abc123

    abc123 Active Member

    Joined:
    Nov 9, 2009
    Messages:
    712
    Likes Received:
    1
    did you also turn off the STUN server in in the Network settings too?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. russellcrowe

    Joined:
    Nov 18, 2007
    Messages:
    31
    Likes Received:
    0
    yes

    and it all works fine on wan1 but on second wan the call only work outgoing but not incoming

    thanks
    russell
     
  8. abc123

    abc123 Active Member

    Joined:
    Nov 9, 2009
    Messages:
    712
    Likes Received:
    1
    There are a number of things that could be wrong.

    Firstly you may not be registered with the second provider. Secondly you may be routing incorrectly with the router for the second provider. It seems you are not getting the invites when someone calls your number. The provider uses your registration information to do this.

    If you dial the number, do you see it getting to the pbx but not connecting? What do the activity logs say.

    I also have to ask about the reason for doing it this way.

    I am assuming you have just the 2 adsls for data and voip traffic? how many users? How many concurrent calls do you make? Normally we split data to one adsl and voip to the other and have it failover if need be. Other situations we have used wan load balancers. But if you have too many concurrent (that is the keyword here) voip calls for one adsl then I would consider a better connection such as T1, T3,fibre etc.

    What are your adsl speeds?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. russellcrowe

    Joined:
    Nov 18, 2007
    Messages:
    31
    Likes Received:
    0
    reason is the adsl line only have 400k up speed
    and they need about 8 lines
    so putting 4 down one line with spitfire and 4 down the other with voip-unlimited

    both sip trunks register but the WAN2 line only allows out going calls

    i have directed traffic down the wans using load balancing rules based on destination ip of sip providers

    port forwarding to 3cx on both wans for 5060,5090,9000-9049

    data does not go down either of these lines

    thanks
    russell
     
  10. abc123

    abc123 Active Member

    Joined:
    Nov 9, 2009
    Messages:
    712
    Likes Received:
    1
    I see

    I would guess the inbound problem is due to the call from the wan2 provider is not coming from their ip you have in your rules.

    for example you may register with them on ip 111.222.333.444 but their call for your did will come from ip 111.222.333.445

    I assume you have some outbound rules in your router that says if it is going to the second providers regsitration ip then go out through wan2 otherwise go out through wan 1. You may also have a rule that says if it goes to the first providers registration ip then go out through wan1.

    The problem is your 2nd provider is expecting through wan 2 adsl and it came from wan 1 adsl as it wasnt the registration ip.

    my suggestion is to run a wireshark trace on an incoming call and look at the ips in the invite header. I would also quickly check your pbx logs to see if it does get an initial invite (I suspect it does) and see if it is not connecting.

    Normally your DIDs are on a fixed ip server, so when you do find the correct ip that the incoming calls are coming from, you can add that to your rules for wan 2 and it should work.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  11. russellcrowe

    Joined:
    Nov 18, 2007
    Messages:
    31
    Likes Received:
    0
    do you mean that the calls go out on wan2 but might be coming back down wan1
    so getting confused

    the sip providers are set to look for wan1 and wan2 ips
    e.g if spitfire goes on wan2 it would not work because they check the wan ip address

    but voip-unlimited do not check ip address from but in 3cx i have said it is on wan2

    so the sip traffic coming back from sip provider could be on diff ip to the sip destination?
    in 3cx settings

    thanks for your help
    russell
     
  12. abc123

    abc123 Active Member

    Joined:
    Nov 9, 2009
    Messages:
    712
    Likes Received:
    1
    yes.

    lets say voip unlimited is on your wan 2. I assume you have a registration ip for voip unlimited. You therefore have a rule that says anything going out to voip unlimited ip should go out on wan 2. Your registration does that and works.

    But say you have a did with voip unlimited. calling that did (from a landline or cell phone) will go into voip unlimited and it will come down the internet to you. BUT NOT FROM THE REGISTRATION IP.

    The call comes in to them, they look up and says this belongs to customerx. They then say where is customerx and look up on their registration data your ip (wan 2). They send the invite down wan 2 (and you need to check you are getting it at the pbx). I believe the pbx replies but the invite came from a different ip. so they sent it down wan2 but you are going to reply via wan 1. There is a disconnect and their systems will believe there is a "man in the middle" attack and ignore it.

    But, the server that sends that initial invite call for that did will always send it and will always have the same ip. Find that ip and add it to your wan2 rules and it will work.

    You may be lucky and get it from the pbx otherwise you can run a wireshark and capture the ip on that initial invite.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  13. sigma1

    sigma1 Active Member

    Joined:
    Nov 20, 2009
    Messages:
    542
    Likes Received:
    1
    How about you keep everything very simple and use 2 sip trunk providers that authenticate based on IP (no registration). This way all you need to do is modify the routing table based on the destination subnet.

    Turn off stun, on the VoIP provider tabs just do NOT require authentication.

    The ideas above suggestions (especially dual NIC) are terrific to overcomplicate the process and get poor results. 1 LAN IP, 1 MultiWAN router, 2 PUBLIC ips, 2 specific routing table entries, make sure that you have port fwd for BOTH extrnal IPs to the 3CX LAN IP.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.