Incoming call problem on public IP

Discussion in '3CX Phone System - General' started by mrclassic, Sep 20, 2007.

  1. mrclassic

    Joined:
    Sep 20, 2007
    Messages:
    35
    Likes Received:
    0
    I run the 3CX server on a public IP (in DMZ, behind a firewall, no NAT). My two test client phones (SNOM300 and Linksys SPA921) are in the LAN (with NAT).

    My problem is that incoming external calls are not working properly. Sometimes they come through and the phone rings but most of the times nothing happens. The line status does not move and also there are no entries in the log.

    Outband calls and internal calls work fine.

    I see a lot of info about opening ports in this forum. It's unclear to me in what direction they need to be open. What ports do I need to open for incoming traffic? Do I need to open any port at all? Did I miss some other configuration setting? The 3CX server looks a bit like it's not made to run in a public network without NAT.

    BTW: I have a SIP voicemail application running on a different server in the same network, also public IP. For this I did not need to open any incoming ports and it works fine.


    Cheers,
    Reto
     
  2. Mirzab

    Mirzab Member

    Joined:
    Jul 22, 2007
    Messages:
    400
    Likes Received:
    0
    I don't like DMZ myself partially because it leaves open the possibility of two machines vying for the same ports. I would suggest though disabling firewall for a limited time for testing since I suspect it is blocking some ports.
     
  3. mrclassic

    Joined:
    Sep 20, 2007
    Messages:
    35
    Likes Received:
    0
    Well, of course the firewall is blocking ports. It actually blocks all ports except for http. But this is for *incoming* traffic, no ports are blocked for outgoing traffic. Therefore my question if I really need to open a particular port for incoming voip traffic. How is the VOIP gateway server contacting my 3CX server for incoming calls? On what port?
     
  4. Mirzab

    Mirzab Member

    Joined:
    Jul 22, 2007
    Messages:
    400
    Likes Received:
    0
  5. mrclassic

    Joined:
    Sep 20, 2007
    Messages:
    35
    Likes Received:
    0
    It's a productive firewall, I cannot just turn it off. I'm aware of the thread you are referring to but the list of ports does not specify if they need to be open for incoming and/or outgoing traffic.

    I'm pretty sure no one is opening port 5481 for incoming traffic unless he wants to invite hackers to play with the 3CX server.
     
  6. Mirzab

    Mirzab Member

    Joined:
    Jul 22, 2007
    Messages:
    400
    Likes Received:
    0
    You are a hard sell.
    Thry these inbound.
     
  7. ktikoft

    Joined:
    Jun 22, 2007
    Messages:
    59
    Likes Received:
    0
    Some SIP phones work up to higer UDP ports than 5060 ie 5062,

    You will also see in the general settings the other UDP ports used are in the general settings, internal calls are UDP 7000 ot 7500 and the default external ports are 9000 to 9004 only you need to increase this to twice the number of ports in use ie 10 calls 9020.

    Perhaps you need to run a wireshark trace and see what is happening in the call itself.
     
  8. mdeerfield

    Joined:
    Jul 30, 2007
    Messages:
    27
    Likes Received:
    0
    3CX Ports

    No Need to open the 7000 range on the firewall inbound - these are for internal extension calls on the local LAN.

    Also - depending on the Windows OS - you may need to open up these ports on the Windows Firewall on the server running 3CX as well. Easiest we've found is to do it by application, not protocol/port.

    For remote admin - if you're not comfortable opening up 5481 for web admin - then you can use RD.





     

Share This Page