Please help config 3CX for Server2003 with ISA2004

Discussion in '3CX Phone System - General' started by vaohama, Mar 6, 2007.

  1. vaohama

    Joined:
    Feb 21, 2007
    Messages:
    6
    Likes Received:
    0
    Dear: All Please help
    How can i config in the ISA server :( can not

    Please advice
    Thank you sir
     
  2. npiersma

    Joined:
    Dec 30, 2006
    Messages:
    55
    Likes Received:
    0
    vaohama,

    What would you like to accomplish?

    I would be able to help you out, saying "allow all, any to any" would fix the problem. But I am sure that's not what you want.

    But this may help (assuming, 1xNIC on your LAN, 1xNIC on the Public Internet).

    Make a new publishing rule that publishes your UDP ports from the Public Internet NIC to you 3CX server. (SIP ports! Can be configured from 3CX)

    Then also allow the return traffic from the 3CX server to the internet.

    If you use a Voip provider, only allow the voip providers IP as source address (just to be safe).

    regards
    Niels
     
  3. vaohama

    Joined:
    Feb 21, 2007
    Messages:
    6
    Likes Received:
    0
    Thank you

    I'll try to do

    Thank again krab, (krab= sir of Thailand lang)
     
  4. Anonymous

    Anonymous Guest

    ISA :lol:

    Ok

    I am using 2006 ISA server and I am very happy with it. It supports SIP so that is good.

    In basic it comes down to how and where you put your ISA Server.
    Edge Configuration
    3 Leg Configuration
    Front and Back end configuration
    and single network card.

    I use the edge configuration and have 3 Nics
    DMZ on nic using 172.16.x.x
    External Network on nic using 192.168.1.x
    Internal Network on nic using 192.168.0.x
    You see all internal "private" addresses (non routable).

    3cx sits on the Internal Network (same machine as the ISA Server). My ATA (gateway) sits on the external network, this means all traffic will go through the ISA server.

    My access rules are:
    Allow ALL traffic (this means all protocosl) to external. THis should be enough because all traffic originated from internal to external automatically is allowed to receive a response. (not the other way :)) So for your VOIP/SIP that will work.

    I have no rules/filtering set on my gateway.

    If you run into troubles check your ports.

    SIP UDP 5060
    RTC UDP 10000 - 20000
    STUN UDP 3478

    But allow all internal to external should do the trick.
     
  5. 3CXsupport

    3CXsupport New Member
    3CX Support

    Joined:
    Aug 21, 2006
    Messages:
    193
    Likes Received:
    0
    Great to hear we have ISA users having success ! :)

    I am not certain you needed to open such a wide range though 10000 - 20000 (RTP). As I am sure you know externaml calls happen on a special range which can be modified.
     
  6. Anonymous

    Anonymous Guest

    True, I am just lazy by nature and found in general this range works. But if you want real security I guess you can bring it down to a few ports per phone. :p
     
  7. vaohama

    Joined:
    Feb 21, 2007
    Messages:
    6
    Likes Received:
    0
    Thank you

    Thank you all
    Now i'm re-install for my server (2003) do not install for ISA but i'm install ZoneAlam-Antivirus before install 3CX same problem can not call out from server can call from user to server i'm try to looking for new problem i'll be back to report to team

    :lol: :lol: :lol:

    Danai,
     

Share This Page