Remote user access issue (makes me go HMMMMMMM)

I would describe this issue as “things that make yu go hmmmm”

I was using a paid cloud based server and decided to go on my own got a Free PBX.
the paid service uses alternative ports, and so do my Free PBX. I have gone through installation difficulties changing ports issues and my router setting issues, finally when I think I am winning, I get stuck again.

My PBX is running fine, I have remote access users using this, from three locations Location A, B and C. Location A,B are working well with no issues.

Location “C” is where port 5060 is blocked and alternative port has to be used. My problem is that I can use port 8080 on the paid cloud based service with out any problem but from the same location my own free PBX user cannot login, even though I have configured the same port. (works with VPN though and this may suggest that its a remote location firewall issue??)

I am sure the free PBX is working well, and I have the IP tables configured as I am using port 8080 without any difficulty in remote location A&B, its the Location “C” where my PBX remote user cant log in.

Any tips on what I have do, which this paid service has thought of and I haven’t, same port, same blocks , same asterisk, he gets it to work and I cant.

Thanks for the help and as usual the help will be much appreciated.

I assume that you have bindport set to 8080 and are using that as the only local port for Asterisk. If you are playing games with port forwarding to allow users to connect on alternative ports, that won’t work with some clients.

Otherwise, use sip debug to see whether Asterisk is receiving any REGISTER requests from C and what replies, if any, are being returned. If nothing is coming in, treat this as any networking problem – capture traffic at various points along the path to see where the blockage is. Start with tcpdump on the Asterisk machine and work backwards from there.

Stewart thanks for the reply, yes I am using binding port 8080. With the limited knowledge, I have clicked on Debug 3cx phone. here is what i get.

Translation file OK
Attempting to connect
Phone got as local port 52777
Jabra not connected
RTP engine OK
SIP engine OK
Sound mic device OK []
Sound ring device OK []
Sound speaker device OK
Sending STUN request
Phone connection failed, PBX not responding

sip show peers does not show anything?

Could this be a local firewall which is blocking the UDP traffic, if yes do just open the ports??

I know nothing about 3cx phone. Does that log mean that it is sending a STUN request to the PBX? Of course, that will fail because you are not running a STUN server. If you have nat=yes for the extension, you shouldn’t need STUN. If you can turn it off in the 3CX config, try that. Or, if you can specify an alternate STUN server, try .

If the above doesn’t help, run Wireshark on the PC running 3CX and see whether REGISTER requests are going out to the PBX IP address, port 8080. If so, and no responses are returning, you’ll have to find out where the packets are getting blocked. To start, run tcpdump on the Asterisk machine to see whether any requests are coming in (it’s possible that if they are somehow corrupted, Asterisk may be ignoring them).

Have you tried with another softphone? E.g. Zoiper, i think 3CX phone only works with 3CX sip servers

Hi, Sanjay thanks for the input. I have now tried Zoiper and can confirm that it is not working. What is more confusing; is that on VPN it does work. It is not the port as 8080 works on the paid asterix server, without the need for a vpn

Though I have not been able log in from location “C” I do have some updates.

I am unable to ping my IP from location "C"
For those of us who want to use to 3CX phone client, and have stun issues use the option i am in the office where you would put your Sip IP address. this will bypass any stun issues.

Having said the above I am unable to log in from location “C”. The Asterisk log is not picking up any attempt of an extension from location “C”. I do how ever can easily log in from Location “B” and location “A” which is LAN, with out any difficulty.

Any help will be appreciated.