Multiple 3CX Debian possible? pfSense router troubles

Discussion in '3CX Phone System - General' started by Peter Richardson, May 3, 2017.

Thread Status:
Not open for further replies.
  1. Peter Richardson

    Peter Richardson New Member

    Joined:
    Apr 6, 2017
    Messages:
    219
    Likes Received:
    9
    Hi all,

    I'm installing my second 3CX Debian and I am using pfSense for my router. Very simple network, one router, one switch, two 3CX machines.

    The problem I have is that the firewall test keeps failing, stating that:
    testing port 5062... failed
    testing port 5062... unmatched mapping (59908)
    testing port 5091... failed
    testing port 5091... unmatched mapping (43685)
    testing ports [9000..9255]... failed
    testing port 9000... unmatched mapping (37861)
    testing port 9001... unmatched mapping (25567)
    etc etc

    I have indeed forwarded port 5062 to the second 3CX machine, as well as 5091. So I'm not sure why this is happening. I'll post a screenshot of the firewall rules and NAT rules.

    Another problem is that I need to change the ports used in 3CX from port 9000 - 9255 as these are already in use by the first 3CX machine, but I can't find the settings for this in 3CX.

    Has anyone set up multiple 3CX Debian V15 within the same premises? Do you need multiple public IP addresses? Or is it possible to do it all with NAT?

    Edit: I've just messed around with the firewall rules and managed to break the 1st 3CX machine too...now firewall test fails for this one too. Please help!!
     
    #1 Peter Richardson, May 3, 2017
    Last edited: May 3, 2017
  2. accentlogic

    accentlogic New Member

    Joined:
    Nov 14, 2013
    Messages:
    174
    Likes Received:
    75
    We are doing multiple 3CX on Debian behind pfSense, but we are using dedicated public IPs for each instance so we don't have to do NAT Magic. I suppose it can be done, but I'd rather not.
     
  3. Peter Richardson

    Peter Richardson New Member

    Joined:
    Apr 6, 2017
    Messages:
    219
    Likes Received:
    9
    What sort of magic did you use to make it work with multiple IPs? Did you use virtual interfaces in pfSense? I have never had more than one static IP before, so this sounds terribly difficult!
     
  4. Peter Richardson

    Peter Richardson New Member

    Joined:
    Apr 6, 2017
    Messages:
    219
    Likes Received:
    9
    And does anyone know how to modify the RTP ports? Usually 9000 to 9500, but how do I specify different ones for the second machine running 3CX?
     
  5. Peter Richardson

    Peter Richardson New Member

    Joined:
    Apr 6, 2017
    Messages:
    219
    Likes Received:
    9
    So I have been trying every different possibility for ports, NAT, firewall, etc with pfSense...going on 5 hours now, and I think I'm ready to give up. I don't think that it is possible for 3CX to communicate on any port other than:

    5060 (sip)
    5061 (secure sip)
    5090 (tunnel)
    5001 (web interface)
    443 (HTTPs / presence)
    9000-9500 (rtp)

    It seems that even if you are a NAT magician, it just WILL NOT work, probably something to do with the Debian firewall, or wrong port origination, agreed?
     
Thread Status:
Not open for further replies.