mcbsys Posted March 7 Report Share Posted March 7 I'm running Vodia 68.0.26 on Azure. I like to use the Azure firewall to protect the PBX as much as possible. For 3CX, this meant: Allow SIP (5060 TCP/UDP) _only_ to/from the the trunk provider. This means no one else can send SIP traffic. (I also set up the trunk provider to restrict SIP traffic to only the PBX's IP address.) Allow RTP media (UDP) from anywhere. Allow 3CX tunnel (5090 TCP/UDP) from anywhere. This is used by the on-premises Session Border Controller client, running on a Windows computer, and by the various apps (Windows, cell phones). Allow the web app (443 or 5001 TCP) from anywhere. Used by the admin interface and web client. I'm trying to wrap my head around how this is going to work in Vodia without #3 to tunnel SIP and media from the customer site to the server. I assume that I need to additionally open 5060 to the customer's IP address for their desk phones? And the phones will automatically negotiate and connect whatever audio ports they need without additional configuration on my side? The apps don't need 5060? I've already configured "private public" at System > Settings > SIP > Settings > IP routing list, which I guess is what Vodia calls an SBC? Or do I need to set up a VPN? Thanks, Mark Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.