Trying to connect a remote Patton fxs to 3CX PBX both on different subnets via VPN

Discussion in '3CX Phone System - General' started by motu, Aug 31, 2017.

Thread Status:
Not open for further replies.
  1. motu

    Joined:
    Aug 31, 2017
    Messages:
    2
    Likes Received:
    0
    Hello!

    I have some trouble to connect a Patton 4114 FXS to may 3CX. The Patton is properly provisioned but don’t show up in the 3CX “phones” section. After a while 3CX blocks the IP of the Patton for “too many failed authentications”.

    I captured the communication between the Patton and 3CX and what I can see is that the Patton performs “REQUEST: REGISTER SIP: 172.31.X.X:5060 SIP/2.0” and 3CX answered with a “STATUS: SIP/2.0 407 PROXY AUTHENTICATION REQUIRED” there are now other packets captured.

    Network layout:

    - Patton sits in 192.168.5.0/27 subnet

    - 3CX sits in a 172.31.16.0/20 subnet

    - Both subnets are connected together via VPN

    Does someone know how to solve this problem? If you need further information please let me know.

    Thank you!
     
  2. leejor

    leejor Well-Known Member

    Joined:
    Jan 22, 2008
    Messages:
    10,374
    Likes Received:
    231
    Not sure if this "fix" will work in your case, but an interesting solution to a similar problem.

    http://forum.snom.com/index.php?showtopic=7153

    If you are using VPN, can the Gateway not be on the same subnet, at least to see if that is the cause?
     
  3. nb

    nb Support Team
    Staff Member 3CX Support

    Joined:
    Jun 7, 2007
    Messages:
    2,097
    Likes Received:
    142
    That part of the log is a challenge for authentication. I do not see a network issue here. They are communicating.
    I would focus on how you provisioned the fxs. Is this manually configured or via provisioning?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  4. nb

    nb Support Team
    Staff Member 3CX Support

    Joined:
    Jun 7, 2007
    Messages:
    2,097
    Likes Received:
    142
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. motu

    Joined:
    Aug 31, 2017
    Messages:
    2
    Likes Received:
    0
    I used exactly the configuration guide on the 3CX page you mentioned and provisioned the Patton withe script generated by 3CX. I added just some lines to allow connection thru the Network (3 Routs and the local DNS server which is the VPN Router) and 2 lines of code for the time offset and daylight saving time.

    Here is the configuration script generated by 3CX I used. Just add the things mentioned above (additions I made are marked with ++, IP’s are censored with X’s, extension numbers with Y1 to Y3):

    Code:
    #########################################################
    #
    # For Patton 4 to 32 FXS
    # Supported firmware versions R6.x
    #
    # Author: Tommaso Missoni
    # Support Contact: support@patton.com
    #
    #########################################################
    
    clock local default-offset +01:00 ++
    clock local dst-rule DST_SUMMER +02:00 from 02:00 mar last sunday until 03:00 oct last sunday  ++
    timer CONFIG_UPDATE now + 2 minutes every 10 minutes "provisioning execute CONFIG"
    dns-client server 192.168.5.XXX ++
    
        webserver port 80 language en
    
        sntp-client
    
        sntp-client server primary pool.ntp.org
        
        system
    
        ic voice 0
            low-bitrate-codec g729
    
        profile ppp default
    
    
        profile call-progress-tone defaultDialtone
          flush-play-list
          play 1 1000 425 0
    
        profile call-progress-tone defaultAlertingtone
          flush-play-list
          play 1 1000 425 -7
          pause 2 4000
    
        profile call-progress-tone defaultBusytone
          flush-play-list
          play 1 480 425 -7
          pause 2 480
    
        profile call-progress-tone defaultReleasetone
          flush-play-list
          play 1 240 425 -7
          pause 2 240
    
        profile call-progress-tone defaultCongestiontone
          flush-play-list
          play 1 240 425 -7
          pause 2 240
                
    
        profile tone-set default
    
        profile voip default
            codec 1 g711alaw64k rx-length 20 tx-length 20
            codec 2 g711ulaw64k rx-length 20 tx-length 20
            codec 3 g729 rx-length 20 tx-length 20
            ced net-side-detection re-negotiation
                fax transmission relay t38-udp
            fax redundancy low-speed 2 high-speed 1
    
        profile pstn default
    
        profile sip default
            no autonomous-transitioning
    
        profile aaa default
            method 1 local
            method 2 none
     
        profile provisioning CONFIG
            destination configuration
            location 1 tftp://$(dhcp.66)/${system.mac}
            activation reload graceful
    
        context ip router
            route 172.31.16.0 255.255.240.0 192.168.5.XXX 0  ++
            route 10.0.0.0 255.255.255.0 192.168.5.XXX 0     ++
            route 0.0.0.0 0.0.0.0 192.168.5.XXX 1            ++
    
        interface IF_IP_WAN
            ipaddress dhcp
            tcp adjust-mss rx mtu
            tcp adjust-mss tx mtu
    
        interface IF_IP_LAN
            ipaddress 192.168.5.XXX 255.255.255.224
            tcp adjust-mss rx mtu
            tcp adjust-mss tx mtu
    
        context cs switch
     
        routing-table called-e164 RT_DIGITCOLLECTION
            route .T dest-interface IF_SIP MT_EXT_TO_NAME
    
    
        routing-table called-e164 RT_TO_FXS
        route Y1 dest-interface IF_FXS_00
        route Y2 dest-interface IF_FXS_01
        route Y3 dest-interface IF_FXS_02
        route  dest-interface IF_FXS_03
        mapping-table calling-e164 to calling-name MT_EXT_TO_NAME
        map Y1 to " "
        map Y2 to " Extention 1"
        map Y3 to " Extention 2"
        map  to " "
    
        interface sip IF_SIP
            bind context sip-gateway GW_SIP_ALL_EXTENSIONS
            route call dest-table RT_TO_FXS
            remote 172.31.XXX.XXX 5060
            local 172.31.XXX.XXX 5060
            trust remote
    
        interface fxs IF_FXS_00
            route call dest-table RT_DIGITCOLLECTION
            subscriber-number Y1
            caller-id-format etsi
    
    
        interface fxs IF_FXS_01
            route call dest-table RT_DIGITCOLLECTION
            subscriber-number Y2
            caller-id-format etsi
        
        interface fxs IF_FXS_02
            route call dest-table RT_DIGITCOLLECTION
            subscriber-number Y3
            caller-id-format etsi
        
        interface fxs IF_FXS_03
            route call dest-table RT_DIGITCOLLECTION
            subscriber-number
            caller-id-format etsi
    
    
        no interface fxs IF_FXS_04
        no interface fxs IF_FXS_05
        no interface fxs IF_FXS_06
        no interface fxs IF_FXS_07
        no interface fxs IF_FXS_08
        no interface fxs IF_FXS_09
        no interface fxs IF_FXS_10
        no interface fxs IF_FXS_11
        no interface fxs IF_FXS_12
        no interface fxs IF_FXS_13
        no interface fxs IF_FXS_14
        no interface fxs IF_FXS_15
        no interface fxs IF_FXS_16
        no interface fxs IF_FXS_17
        no interface fxs IF_FXS_18
        no interface fxs IF_FXS_19
        no interface fxs IF_FXS_20
        no interface fxs IF_FXS_21
        no interface fxs IF_FXS_22
        no interface fxs IF_FXS_23
        no interface fxs IF_FXS_24
        no interface fxs IF_FXS_25
        no interface fxs IF_FXS_26
        no interface fxs IF_FXS_27
        no interface fxs IF_FXS_28
        no interface fxs IF_FXS_29
        no interface fxs IF_FXS_30
        no interface fxs IF_FXS_31
    
        context cs switch
            no shutdown
    
        authentication-service AS_ALL_EXTENSIONS
            realm 1 3CXPhoneSystem
            username 01 password *****
            username 01 password *****
            username 01 password *****
            username  password
    
        location-service LS_ALL_LINES
            domain 1 172.31.XXX.XXX
    
        identity-group default
    
        authentication outbound
            authenticate 1 authentication-service AS_ALL_EXTENSIONS
    
        registration outbound
            registrar 172.31.XXX.XXX 5060
            lifetime 300
            register auto
    
        identity 80 inherits default
    
        identity 36 inherits default
        
        identity 37 inherits default
        
        identity  inherits default
    
        context sip-gateway GW_SIP_ALL_EXTENSIONS
    
        interface LAN
            bind interface IF_IP_LAN context router port 5060
    
        context sip-gateway GW_SIP_ALL_EXTENSIONS
        bind location-service LS_ALL_LINES
        no shutdown
    
        port ethernet 0 0
            medium auto
            encapsulation ip
            bind interface IF_IP_LAN router
            no shutdown
    
        port ethernet 0 1
            medium auto
            encapsulation ip
            bind interface IF_IP_WAN router
            no shutdown
            
        port ethernet 0 2
            medium auto
            encapsulation ip
            bind interface IF_IP_WAN router
            no shutdown
            
        port ethernet 0 3
            medium auto
            encapsulation ip
            bind interface IF_IP_WAN router
            no shutdown
    
    
        port fxs 0 0
            use profile fxs etsi
            encapsulation cc-fxs
            bind interface IF_FXS_00 switch
            no shutdown
    
        port fxs 0 1
            use profile fxs etsi
            encapsulation cc-fxs
            bind interface IF_FXS_01 switch
            no shutdown
            
        port fxs 0 2
            use profile fxs etsi
            encapsulation cc-fxs
            bind interface IF_FXS_02 switch
            no shutdown
            
        port fxs 0 3
            use profile fxs etsi
            encapsulation cc-fxs
            bind interface IF_FXS_03 switch
            no shutdown
     
  6. nb

    nb Support Team
    Staff Member 3CX Support

    Joined:
    Jun 7, 2007
    Messages:
    2,097
    Likes Received:
    142
    Yes but if you touched it. And if you touch a template (adding 3 lines) which in fact are the breaking lines, then I won't look at it sorry.
    Why don't you contact patton?

    I look at default config's only and supported scenarios only.

    I can help you in the following way if you like:
    Reset the device.
    Bring the fxs device in the lan as the pbx as it is tested to work. FXS Gateways in the same network as the pbx.
    Provision it using 3CX.
    Then it will work. Then I know it has to work.

    Did you do this? If yes, then you know its the 3 lines you added and your network. So go and post this to patton support and ask them to check your config.
    Everything should be sorted by elimination.

    Also I think all you need is 1 command that tells the patton to trust the 3CX Network. Thats all. You need to check that with patton.

    So in essence, it IS a network problem.. leejor was right.. Please specify these important details from the beginning. Like this you can be guided in the right direction.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
Thread Status:
Not open for further replies.