Sidebar Sidebar
  • V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

Public IP's, Firewalls and VoIP Phones

Status
Not open for further replies.

cjammer

Free User
Joined
Dec 21, 2006
Messages
108
Reaction score
0
Has any one used a VoIP phone at home to connect to a IP PBX elsewhere?

I have tried with a hard phone and a softphone. I have set my firewall to allow inbound and outbound traffic on ports 5060, 7000-7500 and 9000-9003.
When ever I try, I get a device time out error.

I have something like this

Home network to internet to internal network.

What else and I missing?


Cjammer
 
Did you check "Device is External" in the extension setup?

You may need a NAT policy for the home router.

Is the IP address on the PBX server publicly accessible?

Do you put in the correct IP address for the proxy in the phone?
 
for me it was easy,

Router configure 5060 to forward to internal softphone ip.
In the softphone, fill in a stunserver (google for public stunserver to find one in your country)
did not need to make extension external, no need to bind to mediaserver all registers and works as a charm.
 
I have done everything listed except set the extension to external.

I will check that and then verify everything else.

The 3CX IP PBX server has a private IP, but the Firewall should pass the info to it Via NAT from a public IP. I did not put the IP in both places Server and Proxy.

It sounds as if I have a series of small mistakes on my part.

Cjammer.
 
Help Dakhalli

Hi dakhalli, please could explain better step by step how did you configure your home laptop to see your 3Cx server in the office, are you using a public IP in the server?

You said in another post that no use vpn just a port forward, i tried for many ways but no sucess...

My 3CX server has a router IP and cannot configure my home IP phone to see it.

thanks for any light...
 
Still No worky

I made the changes on the external Extension, checked my firewall at the office and checked them at home...added 5060 to be forwarded at home also. it still does not work. I am suspicious that my NA translations are not working well or I am just not working well...LOL.

Anyone have more suggestions to try.

Cjammer
 
cjammer: have you tryed a STUN server yet (xlite softphone (i use) i can put in at the sip account settings) This WILL resolve any nat related problems.

@ mujalli:

Server side has all correct ports (5060 etc) forwarded to the pbx box.
also put in a local public stun server in the voip gateway settings.

On my laptop i have downloaded the x-lite softphone (havent tryed with another yet) and added the account details i had.

So: server: public ip of my pbx
sip login details
To get audio to work: STUN server adress

Extension is bound to mediaserver but NOT set to external. All works perfectly.

Oh i forwarded port 5060 on my home router to my laptop ipadress too.
 
your hard and soft sip phones also use an rtp port you may have to foward them at both sides as well
 
added that one to my list, checked my NAT policy and it still wont work.

Cjammer
 
I have been able to do this. But the only way I was able too solve this issue is a publicly addressable IP on the 3cx side of things. Once I did that all my issues where resolved. I have even successfully got 2 network interfaces too work with this configuration. So all my phones on my private network could access the 3CX system local and the remote ones can access it from the public network side


Thank You,
Erich Richker
 
I think I am going to split this problem. I am going to put the phone on a public IP and see if it will work. From there I will at least have a Idea of which way to work the problem. I may have a problem on both ends. fixing either, but not both will give me the same problem.

Time to think this thing thru. I am missing something simple I bet.

Cjammer
 
i made a firewall faq, maybe you can check the configs again to see if you missed out any ports.
 
I brought my phone in and put it on a public address and it still does not work.

I have another firewall I am going to try to configure and see if it may be a brand issue or a ID 10 T issue I am having. I figure it is the later. I have a call in to the Mfr to have them walk me thru it to see if I have missed anything.

I have port 5000-5100, 7000-7500, and 9000-9003 opened and forwarded. Thats a big enough hole to drive a Trojan through.
That should cover RTP, SIP, internal and External call ports.

Cjammer
 
What brand of routers are you dealing with? On some of them you need to specify TCP or UDP ports to forward, have you checked that?

Just a thought.
 
cjammer said:
I brought my phone in and put it on a public address and it still does not work.

I have another firewall I am going to try to configure and see if it may be a brand issue or a ID 10 T issue I am having. I figure it is the later. I have a call in to the Mfr to have them walk me thru it to see if I have missed anything.

I have port 5000-5100, 7000-7500, and 9000-9003 opened and forwarded. Thats a big enough hole to drive a Trojan through.
That should cover RTP, SIP, internal and External call ports.

open up 3478 aswel for STUN traffic might solve all problems.


Cjammer
Click to expand...
 
I have a Zywall and a Adtran Router
 
I have Adtran and Zywall Routers.

I added the other port and still no.

Check my default gateway on the pbx and the phone.
Verified No Firewall on the PC was enabled
I have STUN configured on the phone and on the PBX

Then I told it to forward ALL UDP ports and it still wont work.

It about time to drag out the big hammer...LOL


Cjammer
 
strange very strange, you sure theres no other sw or hw firewall in between, maybe your providor is blocking certain ports, some providors do that you could check up on that.
 
I am the provider, everything is local to me.

In my last experiment the only thing between my phone and the PBX was the firewall with a public IP. the phone is on the same public subnet as the firewall/Router.
So today I have moved the phone on the inside to see if it will ever register on the account, it does, I also down graded the firmware to resolve that registration issue (Thanks for finding that problem). The phone seems to be working. So I am fresh out of Ideas.

There has got to be something I am missing.....

Cjammer
 
if the only thing in between you and the phone was the firewall somehow
it HAS to be the firewall, how else you explain the registering on the lan without problems?
 
Status
Not open for further replies.

Getting Started - Admin

Latest Posts

Members Online Now

Total: 510 (members: 31, guests: 479)

Forum statistics

Threads
141,919
Messages
751,161
Members
145,346
Latest member
TheRealEdo
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.
Verify your Email

Check your inbox!

We’ve sent you an email. Click on the button in the email body to verify your email address – (if you can not find it, check your spam folder).

Upon verification you will be directed to the 3CX setup wizard.

Top Bottom
Back