Separate names with a comma.
Discussion in '3CX Phone System - General' started by vaohama, Mar 6, 2007.
Dear: All Please help
How can i config in the ISA server can not
Thank you sir
What would you like to accomplish?
I would be able to help you out, saying "allow all, any to any" would fix the problem. But I am sure that's not what you want.
But this may help (assuming, 1xNIC on your LAN, 1xNIC on the Public Internet).
Make a new publishing rule that publishes your UDP ports from the Public Internet NIC to you 3CX server. (SIP ports! Can be configured from 3CX)
Then also allow the return traffic from the 3CX server to the internet.
If you use a Voip provider, only allow the voip providers IP as source address (just to be safe).
I'll try to do
Thank again krab, (krab= sir of Thailand lang)
I am using 2006 ISA server and I am very happy with it. It supports SIP so that is good.
In basic it comes down to how and where you put your ISA Server.
3 Leg Configuration
Front and Back end configuration
and single network card.
I use the edge configuration and have 3 Nics
DMZ on nic using 172.16.x.x
External Network on nic using 192.168.1.x
Internal Network on nic using 192.168.0.x
You see all internal "private" addresses (non routable).
3cx sits on the Internal Network (same machine as the ISA Server). My ATA (gateway) sits on the external network, this means all traffic will go through the ISA server.
My access rules are:
Allow ALL traffic (this means all protocosl) to external. THis should be enough because all traffic originated from internal to external automatically is allowed to receive a response. (not the other way ) So for your VOIP/SIP that will work.
I have no rules/filtering set on my gateway.
If you run into troubles check your ports.
SIP UDP 5060
RTC UDP 10000 - 20000
STUN UDP 3478
But allow all internal to external should do the trick.
Great to hear we have ISA users having success !
I am not certain you needed to open such a wide range though 10000 - 20000 (RTP). As I am sure you know externaml calls happen on a special range which can be modified.
True, I am just lazy by nature and found in general this range works. But if you want real security I guess you can bring it down to a few ports per phone.
Thank you all
Now i'm re-install for my server (2003) do not install for ISA but i'm install ZoneAlam-Antivirus before install 3CX same problem can not call out from server can call from user to server i'm try to looking for new problem i'll be back to report to team
:lol: :lol: :lol: