Firewall check failing

Discussion in '3CX Phone System - General' started by ITSteve, Sep 13, 2017.

Thread Status:
Not open for further replies.
  1. ITSteve

    Joined:
    Sep 13, 2017
    Messages:
    22
    Likes Received:
    0
    Recently tried FreePBX, and now I am trying out 3CX to compare. I have installed the Debian ISO and ran thru the config wizards, set up the firewall (WatchGuard), but the firewall check is failing:

    testing 3CX SIP Server... failed (How to resolve?)
    • stopping service... done
    • detecting SIP ALG... not detected
    • testing port 5060... full cone test failed (How to resolve?)
    • starting service... done
    • testing 3CX Tunneling Proxy... failed (How to resolve?)
      • stopping service... done
      • testing port 5090... full cone test failed (How to resolve?)
      • starting service... done
    The only thing unusual is we have multiple static IP addresses pointing to our firewall, so I have the SNAT forwarding the ports from 204.xx.xx.243 to the 3CX ip address.

    I also used the 3CX FQDN, but that did not resolve, so I am using the local.IP.address:5001 to access.

    On the firewall, when running the Firewall Check, I see several port 5060 attempts coming from the other static addresses, but not from the .243 address:

    2017-09-13 14:03:47 Deny 158.xx.xxx.90 204.xx.xx.241 5070 5060 6-CenturyLink Bridge Firebox Denied 797 117 (Unhandled External Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"
    2017-09-13 14:03:47 Deny 158.xx.xxx.90 204.xx.xx.242 5070 5060 6-CenturyLink Bridge Firebox Denied 797 117 (Unhandled External Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"
    2017-09-13 14:03:48 Deny 158.xx.xxx.90 204.xx.xx.246 5070 5060 6-CenturyLink Bridge Firebox Denied 798 117 (Unhandled External Packet-00) proc_id="firewall" rc="101" msg_id="3000-0148"

    Any pointers?
     
    #1 ITSteve, Sep 13, 2017
    Last edited by a moderator: Sep 14, 2017
Thread Status:
Not open for further replies.