Firewall Help Required - New Install

Discussion in '3CX Phone System - General' started by davidstanton, Feb 25, 2008.

Thread Status:
Not open for further replies.
  1. davidstanton

    Joined:
    Feb 25, 2008
    Messages:
    5
    Likes Received:
    0
    I have setup my system to run internally on two PC's running the windows client, i have registered to landline VoIP numbers and these route ok.

    The plan is to get IP phones, two in one location (server side) and one off site and this is where my trouble starts!

    the information i think i need...

    Firewall config
    - What ports need to be open on the internal side
    - What ports need to be open on the external side
    - Also TCP / UDP

    Should i be using STUN (read these don't work very well) or a Tunnel ?

    What are the settings required?

    I've tried many settings and at one stage i could call from external to internal on extension but not other way round.

    Network info
    - VoIP Phone System = 192.168.16.101
    - WAN = 87.127.112.32

    - External site WAN = 84.45.143.173
    - PC IP = 192.168.1.5

    Also does anyone know if a 3Com NBX 2101will work?

    thanks in advance

    David
     
  2. RobLloyd

    RobLloyd Member

    Joined:
    Oct 13, 2006
    Messages:
    481
    Likes Received:
    0
    These are all in the docs but you need:
    (All UDP) - 5060, 3748, 9000-9015 (9000 & 9001 for call #1, 9002 & 9003 for call #2, etc.)
    Open these on your firewall pointing to your 3CX box and all should be well.
    Internally you will also need the same ports but also 7000-7015.

    This is without tunnels or anything else. Just regular VoIP phones.

    Not sure on the 3com phones. hopefully someone will answer that for you.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. davidstanton

    Joined:
    Feb 25, 2008
    Messages:
    5
    Likes Received:
    0
    Hi and thanks, i had read different docs and seem to tell different stories with what ports are required and if they are TCP or UDP - the only one i think i didn't have is 3748 and other were mostly TCP not UDP

    I'll test this out again later tonight (GMT)

    David
     
  4. davidstanton

    Joined:
    Feb 25, 2008
    Messages:
    5
    Likes Received:
    0
    hi, i've added these port (UDP) to my inbound rule/s (router firewall)

    i've managed to get the phone registered

    A bit of info before i carry on;

    - VoIP Phone System = 192.168.16.101
    - WAN = 87.127.112.32
    - Extension = 10

    - External site WAN = 84.45.143.173
    - PC IP = 192.168.1.5
    - Extension = 12

    Extension 12 can call extension 10 and be answered (haven't tested audio), 12 has no extension/s listed (unlike 10)

    Extension 10 can't call extension 12 although registered.

    As far as i understand i only need to add rule/s to my firewall, correct? (using STUN)

    Do i need to add any outbound rule/s ?

    Also, using the 3cx client, do i need to change any default port? the IP/FQDN, should this be my WAN address? (any :ports req'd?)

    I did also see;

    Other options <<
    This section allows you to configure other options for this extension. More >
    Extension is external. Enable the "Extension is External" option if this extension is located outside of the corporate network or resides on a different subnet.

    But nothing to tick/select, is this required?

    Can you please help !! i really want to get this working over the WAN as this will make a big difference to starting my own company shortly.

    Thanks
     
  5. landfiets

    landfiets New Member

    Joined:
    Jul 17, 2007
    Messages:
    242
    Likes Received:
    0
    No you also need to forward those ports in NAT. So only firewall is not enough.
    Do portforwarding like you can do in any router/modem.
    Otherwise you keep problems like this.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  6. davidstanton

    Joined:
    Feb 25, 2008
    Messages:
    5
    Likes Received:
    0
    hi, yes this is where i've added the ports, in my routers firewall.

    so i must be missing something some where, my side ??

    do i have to tell 3cx extension 12 is external ??
     
Thread Status:
Not open for further replies.