NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
3CX Phone Server, Secondary Addresses and PortForwarding
Hi, all- a small quandry. I am attempting to set up a 3CX phone server for a customer. The WAN's primary IP is already established at xx0.xx0.xx0.241 255.255.255.248. The client has a few more IPs at...
Hi bearbeatz,
Welcome to the community! :)
Kindly try to configure an Inbound LAN WAN Rule for the 3CX phone server. Be sure to select the secondary .242 WAN IP Address on the WAN Destination IP Address. Check if same problem occurs. If necessary, reboot the SRX5308.
Kindly read pages 149-151 of the SRX5308 reference manual here on how to create an IPv4 LAN WAN Inbound rule.
Regards,
DaneA
NETGEAR Community Team
DaneA- thanks for the welcome and reply.
The recommended solution given was one I had already tried; i.e., I set WAN->LAN inbound rules to forward traffic specified by 3CX from the WAN1 secondary .242 address to the phone server.
Will have my client recycle both firewall and ISP modem later today. Fingers crossed. On a side note, are there advantages to recycling the net devices? Does this, for example, clear or refresh certain tables?
Thanks again,
bearbeatz
Hi bearbeatz,
I apologize for that. However, kindly try to configure an Outbound LAN WAN Rule for the 3CX phone server since when you run its built-in FW checker, it sends a request outbound.
About doing a reboot on a device, there are time that it somehow helps.
What is the current firmware version of the SRX5308?
Regards,
DaneA
NETGEAR Community Team
No apologies necessary. Am grateful for the sounding board, Dane.
So, I'll try to submit a bit more info:
Firmware Version: 4.3.1-22
So, I have LAN WAN rules shaped for both outbound and inbound traffic.
A sample Inbound and Outbound row using one Service. In this case, TCP port 5090 for the 3CX Tunnel-->
Inbound configuration:
1. Service Name: 3cxtunnelT
2. Filter: ALLOW always
3. LAN Users: 192.168.4.13 (Phone Server)
4. LAN Users: [empty]
5. WAN Users: Any
6. QOS Profile: NONE
7. Destination: xxx.xxx.xxx.242 (Secondary IP assigned to WAN1 [with assigned primary xxx.xxx.xxx.241])
8. Bandwidth Profile: NONE
9. Log: Never
Outbound configuration:
1. Service Name: 3cxtunnelT
2. Filter: ALLOW always
3. LAN Users: 192.168.4.13
4. WAN Users: xxx.xxx.xxx.241-xxx.xxx.xxx.242
5. QOS Profile: NONE
6. Bandwidth Profile: NONE
7. Log: Never
*8. NAT IP: xxx.xxx.xxx.242 (WAN1)
I run the 3CX Phone Server FW Checker and this is what transpires...
Testing SIP Port 5060 using STUN server: stun.3cx.com:3478
Resolving STUN server stun.3cx.com ... Resolved to: [198.50.247.220]
[Test1] Reachability test ... Resolved Public IP: 96.95.157.241:5060
STUN server stun.3cx.com has second address 198.50.247.219:3479
[Test2] One on One Port Forwarding ... FAILED.
No response received or port mapping is closed. Firewall check failed. This configuration is not supported.Note: The 3CX Phone Server is pretty simple with the networking options. configured for the .242 as the Static Public IP and the 192.168.4.13 as the selected NIC. DNS yields correct name server lookup and address, too...
Regards,
bearbeatz
oops. #3 in Inbound should be titled "LAN Server IP Address"...
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
