• V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

Separate network connection for SIP trunk

Status
Not open for further replies.

banditos300

Joined
Oct 11, 2017
Messages
2
Reaction score
0
Hi!
I would like some advice regarding configuring a second network card to handle only SIP traffic to the provider.
Currently the PBX has a single network connection to our voice/data network and uses a common internet uplink shared with all other devices.
I want to add a separate NIC and connect it to another LAN that has a dedicated ISP connection.
What would be the best way to configure the system for this?
I read the supported network configurations, but can't find the exact match for my requirements...
Thanks
 
MultipleInternetGateways.png

Pretty close? NIC 2 is connected to the gateway or interface that connects to the VoIP networks of the ISP.
 
Nothing special in your configuration or requirement.
Configure a second LAN card with IP address and mask only, without gateway and add static routing to the provider via this card.
The IP address configured to LAN card must be expected by the provider and should be specified and used into SIP trunk settings (SDP).
This is valid both for Windows and Linux. Please comment, if you need examples how to configure these settings.

If address on the provider is a public one, not in the private ranges (i.e. 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16), you may need to add that network to localsubnets parameter in parameters settings menu, otherwise 3CX PBX will NAT the traffic on this card too. If address of the card and address of the provider are in the private address ranges, you don't need to define anything.
 
Last edited:
Purchase a router with two or more wan ports - this way you get the router to route the SIP traffic down the required ISP link

If one ISP fails, you can configure the router to switch down another route if your SIP provider allows it (requires username and password)
 
Purchase a router with two or more wan ports - this way you get the router to route the SIP traffic down the required ISP link

If one ISP fails, you can configure the router to switch down another route if your SIP provider allows it (requires username and password)

Depends, whether ITSP authorizes the PBX by IP address, if so, you need a second LAN card definitely, the router will not do the job (except using SIP ALG on Cisco routers / ASA, most other brands will not handle SIP ALG properly).

In most cases where providers authorize the PBX by IP address, that address is usually a private one, available via separate connectivity to the provider, either VLAN or VPN, not through public internet.

By the way, on Linux is quite easy to add a VLAN interface (as second LAN connection), if needed.
 
Last edited:
This is what I have in mind, please let me know if it should work.

The subnet with the phones (let's call it PHONE subnet) is 10.1.1.0/24
PBX IP is 10.1.1.10
Gateway is set to 10.1.1.1

Subnet with ISP connection (let's call it ISP subnet) is 10.2.2.0/24
PBX IP is 10.2.2.10
As suggested no gateway on this. The actual gateway on the subnet is 10.2.2.1

There is 1:1 NAT on ISP subnet, with PBX having a public static IP assigned.

The ISP uses public IP for registration.

So according to the suggestions, I just need to add a static route on the PBX to route traffic for ISP IP towards 10.2.2.1 and also make sure I have the PBX public IP configured in the SIP trunk settings.

Am I correct?

Thanks
 
The LAN with your phones is 10.1.1.0/24 -- OK, the address of the PBX cannot be changed after installation of 3CX.

On second interface to your provider, try it this way, depends which address sees the provider, either internal (10.2.2.10) or public one -- this must be specified into SDP field of the SIP trunk. NAT 1:1 may do or may not do the job, as it replaces addresses of the packets only, not the addesses in the SIP messages inside the packets. For this, if needed (test it first), you need a SIP ALG capable router (not all work properly). Depends on provider which address is important (of the packet, as result of NAT, or from SIP messages).

If you have troubles (like one-way voice or no incoming calls or not hanging up), better put the public IP directly on the second LAN card, no gateway, define static routing to the provider and don't use the router, except as a firewall. The address of the provider or better his whole network may be defined as localsubnet in settings | parameters menu. Try it first without adding to parameters. If you still experience problems with voice or calls, add it, this will eliminate NAT. Still the public address of the second LAN card needs to be defined in SIP trunk configuration. You must restart 3CX services.

You may wireshark the traffic, if any problems continue. Later today I can help you with Teamviewer, if necessary. Send me a private message.
 
Status
Not open for further replies.

Getting Started - Admin

Latest Posts

Forum statistics

Threads
141,635
Messages
749,001
Members
144,754
Latest member
deanhbs
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.