3CX PBX in the Cloud
1 year FREE - no ties!
google cloud platform
3CX
Zero Admin
With the new Dashboard
3CX
Bulletproof Security
With SSL certs and NGINX
3CX
Install on $200 Appliance
Intel MiniPC architecture
3CX
New, Intuitive Windows Client
More themes, more UC
3CX
More CRM Integrations
Scripting Interface to add your own
3CX
Improved Integrated Web Conferencing
iOS and Android apps included
3CX
Run On-Premise or in the Cloud
Google, OVH, Windows & Linux
Fast & easy call management
With the 3CX Web Client

Guide on How to Configure a SonicWALL Firewall for Use With the 3CX Phone System

Guide on How to Configure a SonicWALL Firewall for Use With the 3CX Phone System

On this topic

Guide on How to Configure a SonicWALL Firewall for Use With the 3CX Phone System

Introduction

Requirements

Configuring your SonicWall if using Many-to-One NAT

Validation

Introduction

This document describes the configuration of Dell Sonicwall devices based on an TZ100, TZ100W, TZ105, TZ105W, TZ200, TZ200W, TZ205, TZ205W, TZ210, TZ 210W, TZ215, TZ 215W, NSA 220, NSA 220W, NSA 240, NSA 2400, NSA 3500, NSA 4500, NSA 5000, NSA E5500, NSA E6500, NSA E7500, NSA E8500, NSA E8510 for the use with 3CX Phone System. Configuration of the firewall will never be carried out by the 3CX Staff at any point and must be made by the System Administrator of the company.

Sonicwall NSA-Stack

Requirements

DELL Sonicwall firewalls require HotFix firmware or later

SonicOS 5.8.1.15o HotFix 152075

This guide is written for Sonicwalls that are configured as Many-to-One NAT, which is the most used configuration. If you have configured your firewall as One-to-One NAT its possible to use it with 3CX also but the configuration varies somewhat.

Configuring your SonicWall if using Many-to-One NAT

In order to configure the SonicWall you need to create the service objects for each Port or Port range that needs to be forwarded. To check the ports required, visit this link.

Then you place these service objects in a service group after which you have to apply the policies. To do this:

Sonicwall new img1

  1. Open the Web Management Console of the DELL SonicWall Firewall Gateway. Create Services objects for TCP/UDP ports for which 3CX needs Port Forwarding. Sonicwall new img2
  2. Create the Service Group “3CX Services” and add all of the above Service Objects as members.

Sonicwall new img3

3. Create the Address Object ”3CX PBX” with the internal IP address, for example 192.168.3.155.

4. Now Create NAT Policies for 3CX inbound and outbound connections. If using an interface other than X1 as the WAN interface, then the Outbound Interface needs to be changed accordingly.

Sonicwall new img4

Sonicwall new img4

5. Edit the Advanced TAB and make sure that “Disable Source Part Remap” is disabled.

Sonicwall new img6

6. Add a NAT policy for inbound connections to the 3CX PBX. If using an interface other than X1 as the WAN interface, then the Inbound Interface needs to be changed accordingly.

Sonicwall new img7

Sonicwall new img8

7. Create the “Firewall → Access Rule” to allow WAN to LAN access to the 3CX PBX. If using an interface other than X1 as the WAN interface, the Destination needs to be changed accordingly.

Sonicwall new img9

8. Ensure that SIP Transformations (The Sonicwall term for SIP ALG) and Consistent NAT are disabled.

Validation

Run the 3CX Firewall Checker to validate the setup from the “3CX Management Console Dashboard →  Firewall Check”. All tested ports must return a green done result.

Get 3CX Free for 1 Year Today
Download On-Premise Try in the Cloud