.
Purchasing a router may sound like a pretty simple task. This however can become somewhat challenging when VOIP comes into play.
There a couple of core functions that your choice of router needs to perform so as to simplify your configuration for use with 3CX.
Outbound Traffic Control – The PBX must be able to send outbound packets to ANY external location.
Static Port forwarding – As inbound traffic reaches the router, the port forwarding rule functionality must have the ability to forward packets as follows;
Traffic reaching WAN on | Send Traffic to | Scope |
TCP on port 5000 | LAN IP of PBX on port 5000 | Remote HTTP |
UDP&TCP on port 5060 | LAN IP of PBX on port 5060 | SIP |
TCP on port 5061 | LAN IP of PBX on port 5061 | Secure SIP |
UDP&TCP on port 5090 | LAN IP of PBX on port 5090 | 3CX Tunnel |
UDP on ports 9000-9049 | LAN IP of PBX on ports 9000-9049 | RTP Streams |
UDP on ports 10000-10009 | LAN IP of PBX on ports 10000-10049 | T38 Streams |
Application Layer Gateway – An ALG or SIP ALG is also a common function on routers. However, such functionality is not always implemented in the same way across different brands and models. A SIP ALG will in any case modify the inbound and outbound traffic and will in MOST cases break the SIP exchange. We therefore STRONGLY recommend that you look for a device without a SIP ALG, or one that allows you to fully disable such functionality. Note that even though most devices provide an interface control to disable the SIP ALG functionality, the functionality sometimes still runs in the background.
IP based restrictions – For a proper and secure implementation, you should use a device that can allow or disallow traffic from specific IP addresses or ranges. This will allow you to stop unwanted traffic from reaching your PBX and block these unwanted connections at the WAN side of the router.
Optional Functionality
QOS Tagging – If the device has QOS functionality this will allow you to tag VoIP traffic to manage bandwidth utilization and ensure voice quality remains unaffected by other bandwidth intensive applications.
Links to known working routers
The following are links to guides for some routers known to work with 3CX. It is important to note that different hardware / firmware versions of the devices may generate different results. Please do not consider this an official list – lab testing and a familiarity with the device remains a pre-requisite.
Sonicwall – http://www.3cx.com/blog/voip-howto/sonicwall-firewall-configuration/
Draytek – http://www.3cx.com/blog/voip-howto/draytek-firewall-voip/
Linksys – http://www.3cx.com/blog/voip-howto/linksys-router-configuration/