TryLearn More

Use SIP trunks, WebRTC & Apps

Slash your Phone Bill by 80%

Configuring a Kerio Control Appliance with 3CX

Configuring a Kerio Control Appliance with 3CX

Introduction

Step 1: Configure Services

Step 2: Configure Port Forwarding (NAT)

Step 3: Validating Your Setup

Introduction

In this post we describe the configuration of a Kerio Control appliance for use with 3CX Phone System. This configuration is based on version 8.3.0 build 1988. The Firewall features SIP and HTTP inspection where the functionality could not be determined. For SIP, the inspection is to be disabled, but the HTTP-Proxy/Content Filter rules may affect the connection to 3CX for updates and MyPhone connections (not part of this document).

Kerio Control Appliance logo

Step 1: Configure Services

  1. Use a web browser to open the Kerio Control Web Admin portal and navigate to “Definitions > Services”.
  2. Click “Add” and then “Add Service” to create a new service. To determine which ports need to be opened,review the list here. Specify the following information:

Configure Service Definition on Kerio Control Appliance.

  1. General:
  • Name: A short friendly name to easily recognise the rule
  • Description: A description of the port you are forwarding
  • Protocol: UDP and/or TCP - depending on the port you are creating the rule for
  • Protocol Inspector: None
  1. Source Port:
  • Condition: Any
  1. Destination port:
  • Condition: “Equal to” or “In range” depending on whether creating rule for single or range of ports
  • Port: enter the port or range of ports you are forwarding
  1. In “Definitions” > “Services”, press “Add” then “Add Service Group”.
  2. Specify:
  • Name: 3CX Phone System
  • Use “Add” to add all the services created in #2.
  1. Click “OK”, then “Apply” to save your configuration

Services summary page on Kerio Control Appliance.

Step 2: Configure Port Forwarding (NAT)

  1. From the Kerio Control Web Admin portal, go to “Traffic Rules”:
  2. Click the “Add” button to create a new rule.

Port Forwarding on Kerio Control Appliance.

  1. Select the “Port mapping” option and enter:
  • Host: Specify the LAN IP address of the 3CX Server (1).
  • Service: Click “Select” (2) and select the “3CX Phone System” Service group you have created earlier. Click “OK” (3) to complete.
  1. Click “Next” to finish the setup.

Traffic Rules on Kerio Control Appliance.

  1. The rule created must be placed at an appropriate position, so that its not in conflict with any other rule.

Step 3: Validating Your Setup

Log into your 3CX Management Console, go to  Dashboard > Firewall and run the 3CX Firewall Checker to validate if your firewall is correctly configured for use with 3CX.
More information about the Firewall Checker can be found
here.


Free for up to 1 year! Select preferred deployment:

On-Premise

for Linux on a $200 appliance or as a VM

Get the ISO

On-Premise

for Windows as a VM

Download the setup file

On the cloud

In your Google, Amazon, Azure account

Take the PBX Express