Configuring Failover with 3CX
The Failover feature in 3CX allows you to create a replica of your PBX. In the event that your PBX fails, your replica PBX will become active minimizing downtime and data loss. Below are the steps required in order to activate this functionality.
3CX uses a form of active - passive failover where by the passive system takes the role of the monitoring host and initiates the switch to itself in case of a failure of the active system.
One Enterprise (ENT) license key is required. With an ENT key, failover will be performed after 120 seconds. Failover also works with a Professional (PRO) Licence key - however you will need 2 3CX PRO keys (one for each server) and services will be fully functional after 30 minutes.
Before configuring or enabling 3CX failover on your 2 servers, the 3CX Installations need to have a specific configuration.
- One 3CX Cloud PBX (with Public IP) to another 3CX Cloud PBX (with it’s own Public IP) both installed with external FQDN
- Both Servers should each be installed with identical settings, including FQDN, SSL Certificate, SIP, Tunnel, web server ports and web server type.
- When you install 3CX, you need to select 3CX FQDN.
- The IP Phones Provisioning dropdown, need to have the Select interface set to the FQDN (NOT IP)
You can have other variants like Custom FQDN, with one server in the LAN and another in the Cloud. However, for these configurations you will need to add complex scripting to update your DNS and FQDNs when failover occurs. See bottom of this article for more info.
“Overview of how it works:”
Step 1: Configure ACTIVE SERVER
- Go to Server 1. We will assume that this is your production server where 3CX V15 is already pre-installed, with a configuration on it.
- All Extensions need to be configured to provision using the FQDN. Configure IP Phone extension provisioning > Phone Provisioning > “Select Interface” dropdown to your FQDN.
- Go to Backup and restore > Location and select Google Drive as the backup location. In this example we will store all backups in a Google Drive folder named “SIP3CXCOMBackups”.
- Click on Backup Schedule and configure what backup options you want to include in your backup and when the backup will be made. We recommend to do this daily and at night. In the above example, at 1:00 AM a backup will start and the backup will be uploaded to Google Drive named “3CXScheduledBackup.zip”. This is a hardcoded name for the latest backup. Press OK.
- Whilst still in the Backup and restore section, click the “Failover” button. Enable Failover checkbox and select “Active”. Press OK to save.
Active machine is successfully configured. Automatic backups will be made and stored in GDrive. Go to Step 2 to configure the Passive server.
Step 2: Configure PASSIVE SERVER
- Go to Server 2 and install 3CX Phone System using the same configuration settings as your active server.
- Whilst on server 2 click on backup and restore > “Restore Schedule”. Enable Schedule Restore and set a time when the restore should be applied. Check the option “Do not start services after restore”. Press OK to save.
- Click on the “Failover” button, check “Enable Failover” and select the radio button “Passive”
- Enter the IP Address of the Active server - in this example 188.8.131.52
- Select which services you want to monitor: SIP Server, Webserver or Tunnel Server.
- Select the interval you want the heartbeat checks to be made, (default 30 seconds) and configure whether failover should occur if one or all tests fail.
- Press OK to save the configuration and start monitoring.
When the Active server fails, the passive will detect and take over. The backup would be already restored and the failover action will trigger the DNS Change on the 3CX DNS Servers updating the FQDN to the IP Address of the now new Active server.
It is important that the EX-Active server is shutdown because if some services are still running, these might conflict with the server that just took over.
For users that want to use custom FQDN, and LAN to LAN or LAN to CLOUD scenarios, you will need to make use of advanced scripting and services like Active Directory to allow powershell scripts to run with elevation. You can find sample scripts here. Some scripts might need to run under impersonated user accounts. To achieve this you will need to follow additional steps documented here: https://www.3cx.com/docs/failover-script-user/