Ports and Firewall

Discussion in '3CX Phone System - General' started by RSCAustria, Dec 6, 2016.

Thread Status:
Not open for further replies.
  1. RSCAustria

    Joined:
    Nov 25, 2016
    Messages:
    4
    Likes Received:
    1
    Hi, we have been running v14 for a while and decided to upstate to v15 2 weeks ago, (give back WEBRTC) In v.14 everything was working perfectly as we have several of our operates that use the Android version of 3CX, after we updated to v.15 the connection was still there but we were having all phones trying to connect all the time while the phone was actually on hook and working but you lacked all information but your local address book, having gone through all port settings and changes in UDP now being UDP+TCP etc.. we could still not get it to work.. today in a desperation I opened for IP to the PBX server and suddenly everything was working.. this applies to both the v.14 client and the v.15 Beta client for android ... is there something I have missed out on ?? as I really do not want to have a open IP port in my firewall .....

    Cheers
     
    roadwings likes this.
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,368
    Likes Received:
    228
    If you ran the 3CX Firewall Checker it should show which ports it found closed, and therefore required "attention". I know that additional ports were required when moving from 12 to 14 (webRTC was one factor), but, I haven't looked into addition ports required when going to 15.
     
  3. RSCAustria

    Joined:
    Nov 25, 2016
    Messages:
    4
    Likes Received:
    1
    My Firewall checker was green as a Christmas tree no issues at all, and that makes me wonder.. and yes i have spent days digging through forums so any ideas would be helpful...
     
  4. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    4,443
    Likes Received:
    282
    Just a thought...what ports are you using in V15? 5000 and 5001? Maybe you were using 80 and 443 in V14? That are the only ports that the firewall checker does not check but matter if you have remote 3cx clients.
     
  5. RSCAustria

    Joined:
    Nov 25, 2016
    Messages:
    4
    Likes Received:
    1
    I am using the full setup from http://www.3cx.com/docs/3cx-phone-system-v14-ports/ (includes v15) I have temporary solved this by allowing IP directly to the system, but need to find a more long term solution for this.. this also solved some issues we had using the Webmeeting function.. so any feedback would be greatly appreciated ..
     
  6. roadwings

    Joined:
    May 16, 2015
    Messages:
    49
    Likes Received:
    14
    Strongly Agree - We tried V12.5 and were sold on the feature set that we tried and paid for and would appreciate those features that were so important and marketed highly, to return just as they were in previous versions.
    Agreed, you are wise.

    The common thing on the forum about this issue, and for us, is not opening port 5001 to the outside, as this allows access to the management console to the entire world. Previous, better versions, of 3CX allowed a network administrator to better control the holes punched in the firewall. I believe V15 is using port 5001 for 'Presence Information' and access to the management console. If V15 had all of the functionality and networking control that V14 had (customize ports, Local FQDN friendly, WebRTC are the big ones), I would be much happier.

    We left 5001 closed due to the security hazard. My firewall checker is green too. I'm not going to run it now because we are open and using the PBX, but it is currently green and 5001 is closed at the firewall. I don't think the firewall checker checks that port. We will not be allowing outside access to the management console at any cost. Our users using the 3CX app outside of the office need VPN for other reasons, so it is not that big of a deal, just a big inconvenience. Our users are abandoning the mobile app because shared parking is unbearable.
     
Thread Status:
Not open for further replies.