Sidebar Sidebar
  • V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

dual WAN - 2 SIP trunks

Status
Not open for further replies.

russellcrowe

Silver Partner
Advanced Certified
Joined
Nov 18, 2007
Messages
33
Reaction score
0
Hi

has anyone had any success in setting up 3CX with 2 adsl line and 2 SIP providers

i would like to split down 2 adsl line due to needing more bandwidth

so i have tried to setup the following

3cx server version 9
2 sip providers Spitfire and Voip-unlimited

Draytek 2820 dual wan router
2 adsl lines
unsing the ip address of sip provider to direct traffic down WAN1 or WAN2 on the draytek

i get one sip provider working on WAN1 and the other on WAN2 only being able to make outgoing calls

any ideas on how to solve this problem where customer needs more bandwidth than avaiable on one adsl line

thanks
russell
 
It may be something to do with using STUN, and how 3CX is reporting it's public IP to the provider on the second ADSL connection.
 
has any body go a solution working with 3cx and 2 adsl line?
russell
 
yes

You have to turn off STUN on the voip provider field. Ideally you need 2 static public ips (and preferably 2 nics on the pbx machine to do 1 to 1 nat).

On the Advanced tab for each provider in the Registration Settings area, the last box is "Which IP to use in Contact field for registration". Click the Specified IP and put in the public ip of the ADSL box you want to use for this provider.
 
have tried that apart from 2 NIC's

how would you configure NIC
as external ip's

at moment the 1 nic is internal ip

thanks
russell
 
did you also turn off the STUN server in in the Network settings too?
 
yes

and it all works fine on wan1 but on second wan the call only work outgoing but not incoming

thanks
russell
 
There are a number of things that could be wrong.

Firstly you may not be registered with the second provider. Secondly you may be routing incorrectly with the router for the second provider. It seems you are not getting the invites when someone calls your number. The provider uses your registration information to do this.

If you dial the number, do you see it getting to the pbx but not connecting? What do the activity logs say.

I also have to ask about the reason for doing it this way.

I am assuming you have just the 2 adsls for data and voip traffic? how many users? How many concurrent calls do you make? Normally we split data to one adsl and voip to the other and have it failover if need be. Other situations we have used wan load balancers. But if you have too many concurrent (that is the keyword here) voip calls for one adsl then I would consider a better connection such as T1, T3,fibre etc.

What are your adsl speeds?
 
reason is the adsl line only have 400k up speed
and they need about 8 lines
so putting 4 down one line with spitfire and 4 down the other with voip-unlimited

both sip trunks register but the WAN2 line only allows out going calls

i have directed traffic down the wans using load balancing rules based on destination ip of sip providers

port forwarding to 3cx on both wans for 5060,5090,9000-9049

data does not go down either of these lines

thanks
russell
 
I see

I would guess the inbound problem is due to the call from the wan2 provider is not coming from their ip you have in your rules.

for example you may register with them on ip 111.222.333.444 but their call for your did will come from ip 111.222.333.445

I assume you have some outbound rules in your router that says if it is going to the second providers regsitration ip then go out through wan2 otherwise go out through wan 1. You may also have a rule that says if it goes to the first providers registration ip then go out through wan1.

The problem is your 2nd provider is expecting through wan 2 adsl and it came from wan 1 adsl as it wasnt the registration ip.

my suggestion is to run a wireshark trace on an incoming call and look at the ips in the invite header. I would also quickly check your pbx logs to see if it does get an initial invite (I suspect it does) and see if it is not connecting.

Normally your DIDs are on a fixed ip server, so when you do find the correct ip that the incoming calls are coming from, you can add that to your rules for wan 2 and it should work.
 
do you mean that the calls go out on wan2 but might be coming back down wan1
so getting confused

the sip providers are set to look for wan1 and wan2 ips
e.g if spitfire goes on wan2 it would not work because they check the wan ip address

but voip-unlimited do not check ip address from but in 3cx i have said it is on wan2

so the sip traffic coming back from sip provider could be on diff ip to the sip destination?
in 3cx settings

thanks for your help
russell
 
yes.

lets say voip unlimited is on your wan 2. I assume you have a registration ip for voip unlimited. You therefore have a rule that says anything going out to voip unlimited ip should go out on wan 2. Your registration does that and works.

But say you have a did with voip unlimited. calling that did (from a landline or cell phone) will go into voip unlimited and it will come down the internet to you. BUT NOT FROM THE REGISTRATION IP.

The call comes in to them, they look up and says this belongs to customerx. They then say where is customerx and look up on their registration data your ip (wan 2). They send the invite down wan 2 (and you need to check you are getting it at the pbx). I believe the pbx replies but the invite came from a different ip. so they sent it down wan2 but you are going to reply via wan 1. There is a disconnect and their systems will believe there is a "man in the middle" attack and ignore it.

But, the server that sends that initial invite call for that did will always send it and will always have the same ip. Find that ip and add it to your wan2 rules and it will work.

You may be lucky and get it from the pbx otherwise you can run a wireshark and capture the ip on that initial invite.
 
How about you keep everything very simple and use 2 sip trunk providers that authenticate based on IP (no registration). This way all you need to do is modify the routing table based on the destination subnet.

Turn off stun, on the VoIP provider tabs just do NOT require authentication.

The ideas above suggestions (especially dual NIC) are terrific to overcomplicate the process and get poor results. 1 LAN IP, 1 MultiWAN router, 2 PUBLIC ips, 2 specific routing table entries, make sure that you have port fwd for BOTH extrnal IPs to the 3CX LAN IP.
 
Status
Not open for further replies.

Getting Started - Admin

Latest Posts

Members Online Now

Total: 340 (members: 12, guests: 328)

Forum statistics

Threads
141,939
Messages
751,302
Members
145,385
Latest member
nick_bag
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Top Bottom
Back