Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Tunnel problem?

Discussion in 'Windows' started by benne30, Mar 5, 2008.

Thread Status:
Not open for further replies.
  1. benne30

    Joined:
    Mar 5, 2008
    Messages:
    1
    Likes Received:
    0
    Hope you can help. Have just discovered 3CX and we're amazingly impressed.

    Within an hour had a functional internal system running and then after buying a "line" from Sipgate had internal/external working.

    The problem we are having is with using the 3CX Software in "Out of Office" mode via the tunnel.

    Am I right in saying that with the tunnel enabled the connection settings when we are connecting from outside the office and inside the office are exactly the same? I presume the idea is that the tunnel stops the need for complex firewall modifications.

    I have opened up port 5090 on our Netgear router as TCP/UDP and when we are external the tunnel shows as being connected but we can't actually log in.

    Are we doing something daft here?

    Robin
     
  2. mandev

    Joined:
    Feb 27, 2008
    Messages:
    35
    Likes Received:
    0
    Same issue, no answers.

    I have openned this up in the general section as well.

    Client works fine for me without Tunnel.

    Les
     
  3. commplete

    Joined:
    Feb 29, 2008
    Messages:
    17
    Likes Received:
    0
    The 3CX is indeed a superb product, however I also have the exact same problem with the tunneling.

    I my settings look ok, so having read these other replies I am now starting to wonder whether this may be a software issue.
    For the moment we are going to use Windows VPN for the remote connectivity.

    John
     
  4. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    Personally, I don't use the Tunnel but do tunnel with Windows PPTP VPN. That work's wonderfully. It's quite nice to dial a three digit extension and speak with one of our employees 2500 miles away. Very slick.

    Darrell Chapman
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. mandev

    Joined:
    Feb 27, 2008
    Messages:
    35
    Likes Received:
    0
    Yes we could use windows VPN and it looks very much like I will have too.

    This really does take away much of the gloss of the Client becuase it adds complexity and we could use any old softphone then.

    I am disappointed nobody could get this working.
     
  6. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    mandev,

    I'm not saying that the Tunnel client doesn't work. A few people have gotten it to work; Its just that there was no reason for us to use it since we already had users connected thru VPN. If all you need is the tunnel for the VoIP Client, then yes, the Tunnel Client would make the most sense however you could really use any tunneling or port forwarding method or even connect to the server via it's public IP address.

    Keep in mind the VoIP Client is still in beta, and with any software, there will be bugs that need to be worked out.

    Darrell Chapman
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  7. mandev

    Joined:
    Feb 27, 2008
    Messages:
    35
    Likes Received:
    0
    Daredell,

    Well I checked Windows VPN and yes its 100%, great audio. BUT most 3CX servers are XP not Server 2003 and hence I think there is a single user restriction on the VPN clients, is that correct? 3CX does NOT perform well at all on a 2003 server using TS that is loaded, things like the DR suffer badly, I found it much better on XP with a fanless PC that runs forever.

    Also I appreciate that using the windows VPN is right for you but lets understand what the real target market for this is. Its people, sales reps, on the run in hotel rooms or on wireless, so you need MULTIPLE incomming and you don't have control over the routers. That means Port 1723 is blocked and Type 47 GRE records are also blocked - game over for Windows VPN.

    I think the 3CX client is one of the best around, far better than x-lite for me, works fine locally or with UDP's port fowarded but I cannot get the 3CX tunnel to work and I cannot see a single case in this forum of anybody else getting it to work. Also I have NO server panels for it at all, none and no bridge references, all I can do is read .ini's and see the processes and logs.

    I think we need a new Beta.

    By the way a real plus of Windows VPN is the transfer appears to work, on Server 2003 all must be well but why use the Tunnel if you can port forward the remote router?
     
  8. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    mandev,

    I agree with you on most items. We really do need a new beta. There are just too many problems with the client that's holding everyone back. I bet they'll be one very soon.

    I do see the need for the Tunnel. My point about VPN is that if you don't get the 3CX tunnel working, you can still tunnel in but with a different method. There are many free VPN solutions out there that can be implemented quite easily and many broadband routers are actually integrating VPN services in to their devices. We just happen to use Winows RAS on another server so that's what I commented on. Can't tell you about what effect TS has on it, we run 3CX only on that machine. VPN RAS access is another machine.

    3CX Server on Windows 2003 has been working outstanding though. If was actually recommended as the OS in another post. Much better than when I had it on XP Pro. Although, I was running an earlier version of 3CX at the time.

    I would be interested to learn of your "fanless" setup. Something like a mini-itx board in a little box? How about Windows XP-E?

    Darrell Chapman
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. mandev

    Joined:
    Feb 27, 2008
    Messages:
    35
    Likes Received:
    0
    Darrell,

    Yes mini ITX with a high reliability WD 160GB drive and XP Pro, no screens, UPS, no keyboards. Clone Backup machines. These machine are over three countries running 3CX, NCH and TRIXBOX. Remote extensions using wireless broadband in the UK, Australia and Europe.

    Phones are SNOM 360, Linksys and plenty of DECT Unidens. You can easily run many extensions if you use a PSTN gateway and configure so local's don't use the media server (set same Codec). VOIP is call out only as it tends not to be as reliable as PSTN and there are 3CX issues with VOIP still.

    Les.
     
  10. philfarey

    Joined:
    Mar 19, 2008
    Messages:
    4
    Likes Received:
    0
    Hi guys

    Ive been having kind of the same problem here.... Ive created a PTPP much the same as some of you, but how did you connect to your 3cx server? in Xlite, i could not enter the local IP address of the server (which i could ping, once connected to the VPN) instead i needed to enter the Internet address of the 3CX server in the domain section (or the ADSL router address), this way it works.

    Thing is, if all my internet traffic is going through the VPN surely the VoIP traffic is encrytped? But im not convinced, because i used another computer to monitor the traffic over the link, and its not encrytped :cry:

    How do you guys set your Softphones to connect via the VPN?

    Thanks!

    Phil
     
  11. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    PPTP is encrypted. It's encrypted from point to point (client machine to VPN server). After that it's the responsibility of the VPN server to unpackage the datagram and deliver it to the LAN. Once the traffic is on the LAN, it is no longer encrypted and behaves just as it had originated from your LAN. If you cannot use the local IP address of your 3CX server then I would check two things:

    1) that the 3CX server is as accessible from your VPN server
    2) that there is no routing issues preventing you from accessing your 3CX server (this is actually quite common)

    If you use a publicly available IP address for your 3CX server, traffic to this machine will not go through PPTP and won't be encrypted (unless you have the option set to use Remote Gateway for Internet in VPN)

    Please let us know what you find out.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. philfarey

    Joined:
    Mar 19, 2008
    Messages:
    4
    Likes Received:
    0
    Hi thanks for the reply....

    The problem seems to be sorted now....I think it was a problem with the server not excepting the registration from the client.

    I dont restart the server very often, but this time it seems to have solved the problem.

    It had me confused because i could ping the Local address of the server, but yet the client VoIP software wouldnt connect to it.

    Thanks again

    Phil
     
  13. darrellchapman

    Joined:
    Nov 26, 2007
    Messages:
    268
    Likes Received:
    0
    Phil,

    I'm not sure if this is related but I had a very similiar problem when I first configured Windows RAS VPN. I had to keep restarting the RAS service because I could not reach a certain internal ranges of IP addresses after a period of time. Turns out I had to add a static route to Windows so that it would "remember" what network the computer was on.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  14. philfarey

    Joined:
    Mar 19, 2008
    Messages:
    4
    Likes Received:
    0
    Hi Darrell

    Thats very interesting, i think i might add the static route any way, just incase....

    To reply to the post on the other thread...

    I tried breifly to use RAS, but instead im just using the basic setup..... Im still playing around with the system to be honest, because its working to a basic standard, i think im goin to try RAS today. Im using windows VPN for simplicity reasons :oops:

    Thanks

    Phil
     
Thread Status:
Not open for further replies.