Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Linux 3CX behind Sophos UTM-9 Firewall in a VLAN

Discussion in '3CX Phone System - General' started by Shizuxx, Apr 6, 2017.

Thread Status:
Not open for further replies.
  1. Shizuxx

    Joined:
    Apr 28, 2016
    Messages:
    9
    Likes Received:
    1
    Hello,
    We currently have a Problem with our 3CX. As soon as we start it it generates about 900+ mb/s of traffic. And the CPU usage of the Firewall goes to 90+%.

    My 3CX is using the built-in web server, configured for ports 5000 / 5001.
    Sophos: SG210 Firmware version: 9.411-3
    3CX: latest Debian build


    any advice and suggestions would be gratly appreciated


    We configured everything as described in this post:
    https://www.3cx.com/community/threads/3cx-behind-sophos-utm-9-firewall.40813/

    Thanks
     
  2. smario

    smario Support Team

    Joined:
    Dec 14, 2016
    Messages:
    21
    Likes Received:
    2
    Hello,

    It's important to be able to correctly identify what type of traffic this is, and which process/service is generating this traffic. This is key to diagnose what your problem could be. You should be able to see the traffic with a traffic sniffer such as wireshark or tcpdump on the PBX itself.

    What exact version of 3CX are you using?
    What Linux are you using? Specifically, are you installing from our ISO or a stock debian?
    What other services/processes run on this system other than 3CX?
     
  3. Shizuxx

    Joined:
    Apr 28, 2016
    Messages:
    9
    Likes Received:
    1
    V15
    Debian your ISO
    None
     
  4. smario

    smario Support Team

    Joined:
    Dec 14, 2016
    Messages:
    21
    Likes Received:
    2
    Are you able to identify what type of traffic is being generated?
     
  5. Shizuxx

    Joined:
    Apr 28, 2016
    Messages:
    9
    Likes Received:
    1
    Not really I only see that traffic is generated from our 3CX
     
  6. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,379
    Likes Received:
    84
    The only thing I can think of, although still 900mb/s is not attainable, is if this happens during the very first log into the Management Console as it downloads the prompts the first time (~80MB).

    Regardless though, the way you are describing it though you see a constant flow of traffic of ~900mb/s, so while the server is up, run apt-get install bmon, then run bmon on the 3CX Server to check if you see the same numbers at the top (send a screenshot). You may also want to sent us the output of command netstat -tunp46 to check the established TCP connections.
     
Thread Status:
Not open for further replies.