how to make extension in any where of the internet?

Discussion in '3CX Phone System - General' started by jetronic, Aug 27, 2007.

  1. jetronic

    Joined:
    Jul 22, 2007
    Messages:
    11
    Likes Received:
    0
    Here's my condition:
    I'm using ADSL to access the internet in my office, which is based on PPPOE method. And my switch will do all these part of connection. My PC is in the LAN and I can maping all my port to the switch.

    and in my home there's another LAN quite the same. The question is how can I make it to have my home extension registered in my office 3cx phone system?
     
  2. 5qg4

    5qg4 Active Member

    Joined:
    Jan 31, 2007
    Messages:
    643
    Likes Received:
    0
    Office side:
    - Bind those extension to media server

    - Enable those extension as external extension

    - If not fixed IP for your router WAN port, you may in need to apply dynamic DNS sub-domain for your 3cx Phone System (sip838.ath.cx).
    http://www.dyndns.org for apply DDNS (free for 5 sub-domain)

    - Configured your router to forward all default ports to 3cx Phone System.
    http://www.3cx.com/forums/viewtopic.php?t=1697

    - Make sure the your STUN setting can resolved the WAN IP

    Home side:
    All the setting almost the same as at office.
    eg. for Eyebeam, Extension number 567

    Account Tab
    Display Name: MyHomeSoftphone
    User Name: 567
    Password: ******* (password for extension 567)
    Authorization user name: 567
    Domain: sip838.ath.cx or your office router WAN IP

    Topology Tab

    Firewall Traversal
    IP address: Select "Discover global address"

    STUN Server
    Use specified server: stun.3cx.com
     
  3. Ryandc

    Joined:
    Aug 13, 2007
    Messages:
    70
    Likes Received:
    0
    Another alternative, if you have a Windows 2003 Server or 2000 Server box in your office.
    Set up RAS and enable VPN.
    Use the VPN connection from home to work.
    If you have only one device, and it's a softphone or USB phone, you can plug it straight into your home computer and register your computer to the 3cx server. They'll be on the same subnet if your RAS server is on the same subnet as your 3cx server.
    If you have multiple devices, then you'll have to go with external extensions OR have a machine that has two network cards at your home handle routing (namely, plug all your phones into a switch, which then is plugged into the computer, and the other card establishes the VPN connection to your office).

    I've found that for single-phone telecommuters, using VPN is a lot easier than having to deal with NAT, STUN, and all the other difficulties with external extensions.
     
  4. nickybrg

    nickybrg Well-Known Member
    3CX Staff

    Joined:
    Jun 7, 2007
    Messages:
    1,621
    Likes Received:
    15
    Is PBX public?

    Question? Is the PBX at your office on a Public IP accessible from the internet? Or is it on the internal network?
     
  5. pwhayes

    Joined:
    Aug 14, 2007
    Messages:
    4
    Likes Received:
    0
    VPN connection

    I am testing 3CX for our office at the moment and have one extension on a remote network connected by VPN so I can confirm that this works. However there are some issues to consider. For the connection from my main office I have a Vigor 2950 router and have set bandwidth control(QoS) so that VOIP has a guaranteed part of the available line speed. With this the call quality is very good.

    Routing the extension through the VPN I cannot do the same because using QoS with VPN is problematic. The call quality is therefore not very good.

    I am therefore going to try a variation on the option above to call through the public ip address to see if I can improve the quality.

    I see from the 3CX manual that 3CX uses ports around 7000 for internal calls. If I open these on my router and direct them to the server hosting 3CX can I just configure the phones as normal but substituting the WAN ip address for the internal one
     
  6. nickybrg

    nickybrg Well-Known Member
    3CX Staff

    Joined:
    Jun 7, 2007
    Messages:
    1,621
    Likes Received:
    15
    Hi Pwhayes

    I'm sorry I didnt really understand what you wanna do. Could you make a sketch or network diagram for me? If you want to send it privately you are welcome. You can send me IP address scheme to - better.

    Where is the 3cx Phonesystem installed at the moment?
    With reference to the phones - what are they? And are they internal or external?

    With ports 7000 all you have to do is open them. The forwarding has to be done with care on the 9000 range because those have to be forwarded in such a way that when an rtp stream arrives at the router on ports 9000 range, they are forwarded to the computer / phone / ip address they are destined to. Of course the information in this post was directed towards Jetronic's problem. Yours seems to be a different issue.

    *********************************

    This all depends on whether the phones are external (on a different ip address range / subnet to that of the PBX). If the PBX IP address is example : 172.18.130.6, then the phones have to have that IP address configured both in the SIP SERVER and OUTBOUND PROXY fields. Just like we do normally. The difference comes from the PBX if the phone is external because you have to tick Extension is External in the Extension / other options checkbox. I think you better give me examples with IP addresses, They dont have to be your real ip's for privacy's sake. Just to be able to discuss your issue in a more concrete and realistic manner.
     
  7. pwhayes

    Joined:
    Aug 14, 2007
    Messages:
    4
    Likes Received:
    0
    Connecting external phones

    Hi,

    I tried what I was thinking of doing and it worked however I haven't ticked the box that you refer to so I will read up on that.

    Here is what I did:-

    1. PBX and most of my phones are on an internal 172.26.0.x network
    2. PBX is 172.26.0.10
    3. Router is set up on this network to forward ports 7000-7500 in addition to the normal SIP/RDP ones to the PBX
    4. The external phone sits on a network with a 172.25.0.x range
    5. The router on this network forwards the same ranges of ports to the phones internal ip address 172.25.0.100
    6. Phone is set up with the SIP and proxy addresses set to the public ip address of the office network

    Still having some troubles with call quality but I can work on that

    Thanks
     
  8. masilon

    Joined:
    Jul 6, 2007
    Messages:
    3
    Likes Received:
    0
    Hi,

    >The router on this network forwards the same ranges of ports to the phones internal ip address 172.25.0.100

    Does that mean I have to open ports also on phone side network ? What if I have to register from a Hotel room? Shoudn't NAT open the required ports for me since the SIP registration request comes from an inside local IP ?

    Thanks,
    Luca
     
  9. DerrickD2

    Joined:
    Nov 12, 2007
    Messages:
    8
    Likes Received:
    0
    was NAT not a solution?

    I have the same issue. I have a Cisco 7912 that I want to hook up outside the network, in another location.
    Here is my setup:

    Local network (A)
    - Modem with a public IP of 67.186.xxx.xxx
    - Internal router with a private IP of 192.168.4.1 (forwarded all needed ports to the 3CX sever)
    - 3CX server with a private IP of 192.168.4.10

    Remote Network (B)
    - Modem with public IP
    - Linksys router with local IP 192.168.1.1
    - Cisco IP phone gets a 192.168.1.x IP via DCHP on the Linksys and is set to register to the public IP of the other network (A) (67.186.xxx.xxx)

    The phone does find the server and it registers. I can make a call from the Cisco phone, and the receiving phone rings. But, I can't hear the other party. When I try to call the Cisco phone it does not ring (it's part of a ring group so it rings when the main number is called). I have "Extension is external" checked in the settings.

    The Cisco phone works great when it is on the same network as the 3CX server. All I did was change the SIP server in the Cisco phone so it registers through the public IP instead of the private IP.

    I suspect port forwarding or IP routes have something to do with it.
     
  10. DerrickD2

    Joined:
    Nov 12, 2007
    Messages:
    8
    Likes Received:
    0
    pwhayes states: "5. The router on this network forwards the same ranges of ports to the phones internal ip address 172.25.0.100"

    I will try this, but I assume that means only one phone can be used at any given remote location since it will dominate all the ports needed.

    Or...a seperate 3CX phone server could be put in place at the remote location and it's VOIP provider can be set to register with the primary remote location.
     
  11. Philco

    Philco Member

    Joined:
    Nov 10, 2007
    Messages:
    364
    Likes Received:
    0
    I am very very new to the 3cx (only a matter of days) and have been carying out some configurations tests, and one of the things we wanted was a remote extension. The way we have done it is use a real (voip) telephone number for the remote extension (ours is proided by the same voip provider as the main office) asign a normal extension number ect in set up, but configure it to forward calls to that number when the device is not registered (which it wont be) to the external number. I will add that this remote number is on a seperate ring group, but calls from the main ring group forward to a second ring group (which the remote extension/number is on) on no answer.

    This is not quite an extension in the true sense but does exactly what we want at present and it means the remote number(extension) is not depended on a VPN etc so its portable. Calls back into the office are simply transfered to the person required. Works great. We are going to try his live this week.

    Phil
     
  12. tjabaut

    tjabaut New Member

    Joined:
    Jul 24, 2007
    Messages:
    138
    Likes Received:
    0
    I am also having the same problem.

    With a Grandstream GXP-2000 I cannot even register.

    With an X-Lite softphone, I can register and call internal extensions, but no one can hear me and I cannot hear them.

    I am also curious about the post with the ports.

    List of default ports used by the 3cx phonesystem:
    5060 (stanard sip port) TCP/UDP
    5061 (secondary sip port) TCP/UDP
    5480 (portgre) (only on local machine)
    5481 (apache) (only on local machine)
    5482 (media server) (only on local machine)
    3478 (STUN Server) TCP/UDP
    7000-7500 (Default port for internall calls) (only on local machine)
    9000 - 9003 (ports for external calls through VOIP Gateway) UDP
    10000-20000 (RTP ports) (Used if no stun available for audio)


    Why would we need to expose Postgres and apache to the world. I thought we should only need to expose SIP as it manages the connection andthe client would then dynamically open ports for RTP. The client should not need any openings as for most firewalls, anything that originates on the trusted side is allowed outbound, and it would then open ports in the 900x range. Am I correct.

    5qg4 -

    I am also curious about hte Bind Extension to Media Server. I have been using 3CX for a couple of months now and have never gotten a good explanation as to what this does. I would think that it I want to bypass 3CX handling the actual translation I would not want to bind to medai server; for instance if I am talking IP phone to IP phone and want to use G.729 (which 3CX does not support, but every IP phone does) I would not want ot use the media server as 3CX cannot transcode to G.729 as it is not licensed, but rather just have 3CX handle the SIP proxing (the tearup and teardown of the call).
     
  13. archie

    archie Well-Known Member
    3CX Staff

    Joined:
    Aug 18, 2006
    Messages:
    1,309
    Likes Received:
    0
    Yes, you need to expose only SIP port (5060) and RTP range of ports (9xxx). Range depends on how many simultaneous external calls do you expect (2 ports per call). You are not obliged to bind external extensions to media server, but it is recommended because too many phones can not deliver RTP to external addresses. Moreover, you need than to open RTP port for that specific IP which phone has. In the case of Media Server in the middle - you need to make mapping only for one IP -one's of MS.
     
  14. tjabaut

    tjabaut New Member

    Joined:
    Jul 24, 2007
    Messages:
    138
    Likes Received:
    0
    Archie,

    What do you mean you by the quote? Where are you exposing the RTP ports. The 3CX side, or the clients side?
     
  15. archie

    archie Well-Known Member
    3CX Staff

    Joined:
    Aug 18, 2006
    Messages:
    1,309
    Likes Received:
    0
    You need mapping in both direction. It doesn't matter if port number is changed during that mapping as long as STUN client can resolve it. Also, mapping rule should not depend on destination's ip:port. For the incoming RTP traffic you need to map incoming traffic on RTP range of ports to media server.
     
  16. tjabaut

    tjabaut New Member

    Joined:
    Jul 24, 2007
    Messages:
    138
    Likes Received:
    0
    Archie, thanks for your help. I got it working.

    Here is what I found out to clarify:

    If I have an IP phone that is located outside of my trusted network (i.e. at my home) and DO NOT have a VPN in place; then I can simply setup the extension using STUN.

    STUN does not reside on my 3CX server at all, as it is an outside service. From my corporate firewall I need to allow PORT 3478 (STUN) In/Out to facilitate sync with phone outside.

    Ports 9000-9xxx these are also known as RTP ports. You need to have 2 ports available PER ACTIVE CHANNEL (or voice call); therefore if you need 3 simultaneous calls and 2 calls to voicemail you would need to open 10 ports (9000-9009).

    You ALWAYS need to expose SIP Port 5060

    The Media Server PORT 5482 only needs to be exposed if you have enabled Bind to Media Server in the options for an external Extention.

    Thats it. I was able to get calls working fine.

    Now onto why I cannot get my audiocodes mp-114 fxo to work outbound.
     

Share This Page