A firewall is your computer or network’s security guard; it controls what traffic is allowed in and out and only allows authorised data packets to get through. Firewall ports are specific doorways, called numbered channels, each leading to a different destination or service within your system. Each of these ports, or numbered channels, has a unique identifier, ranging from 1 to 65535, and is associated with a specific program or service. For instance, port 80 is typically used for HTTP traffic, the foundation of internet communication, while port 22 is associated with secure shell (SSH) for remote access.
In this article, we introduce you to 3CX, a business communication solution and the ports you need to open in your firewall to use it effectively. So, let’s introduce you to 3CX firewall ports.
What is 3CX?
3CX is a software-based private branch exchange (PBX) that provides unified communications solutions for businesses. It allows organisations to set up and manage their own communication system, including voice calls, video calls, messaging, and more. The software operates on an IP (Internet Protocol) network, enabling users to make online calls instead of traditional telephone lines.
3CX Features
3CX boasts a wide range of features designed to facilitate communication and collaboration for businesses of all sizes. The software offers organisations a range of features that cater to their communication need. These features include:
Unified Communications
3CX is an all-in-one platform; it combines voice, video, chat, web conferencing and more into a single, easy-to-use interface. When you check the its website for its pricing, you will find that up to ten users can use the software for free and enjoy basic features. If you have more than ten users, you can choose any of the other three subscriptions, whichever suits your needs best.
Call Management
When you install 3CX, you can benefit from call management features. These features include advanced call routing based on caller ID, time of the day, skill-based routing and other criteria. You can benefit from Interactive Voice Response (IVR), which lets you create automated menus to direct callers to the right person or department. Moreover, you can manage call flow efficiently with queues and distribute calls among available agents.
Video Conferencing
When you’re using 3CX, you can host video meetings alongside 250 participants without any time limits, even in the software’s free edition. The software is also web-based, meaning participants don’t need to download files or plugins; they just need a web browser. Another video conferencing feature allows you to share your screen or record meetings for later reference.
Collaboration Tools
This handy software includes more tools to enhance collaboration between your team members. These tools include instant messaging to chat with your colleagues one-on-one or in groups. You can see if your colleagues are available online and share files directly within the 3CX platform.
Mobility
If you’re on the go, you can use the software on your smartphone or tablet to make calls, send messages, receive messages, and join video conferences. This integral feature will allow your employees to work from anywhere with access to the 3CX system.
Security
When you use 3CX, you needn’t worry about your communication security. The software uses end-to-end encryption, which is a military-grade encryption method. You can also block unwanted calls and utilise the software’s spam filtering capabilities.
Integrations
3CX has CRM integration capabilities, where you can connect it with your CRM system to manage customer interactions seamlessly. If you have existing productivity tools installed, such as Microsoft 365 and Google Workspace, you can integrate 3CX with them.
Additional 3CX Features
There are various other features to add here. 3CX allows you to add live chat functionality to your website to chat with visitors in real time. You get advanced call centre features for managing inbound and outbound calls. Moreover, there is a business SMS feature to send and receive business SMS messages directly from the 3CX platform. If you need to make any adjustments or customisations, the software’s dashboards and reports allow for a seamless experience.
3CX Firewall Ports: Which Ports Do You Need and For What?
To operate your 3CX, you need to open several firewall ports to allow the software to work efficiently and for your communications to remain seamless. There are several essential 3CX firewall ports to use and other ports for specific features. Here’s a breakdown of which ports you need and why.
Essential 3CX Firewall Ports
The essential ports 3CX needs for operation include four inbound and outbound communication ports. These ports are as follows:
- 5090 (UDP and TCP, inbound): This is the core 3CX tunnel and is used for remote applications and Session Border Controllers (SBCs) to connect to your system. It’s crucial for basic operation and remote access.
- 443 (TCP, inbound): This port handles HTTPS traffic for presence and provisioning, allowing your devices to register and receive updates from the system.
- 443 (TCP, outbound): This port is used for Google Android Push notifications, ensuring your Android devices receive call and message alerts.
- 48000-65535 (UDP, outbound): These ports are the dynamic range used for audio and video communication during calls and conferences.
Optional 3CX Firewall Ports
The optional ports are ports you can open if you need them. As long as you’ve customised the main ports, these additional ones are customisable by need.
- 5001 (TCP, inbound, HTTPS): This is an alternative to port 443 for HTTPS traffic related to presence and provisioning.
- 443, 2197, and 5223 (TCP, outbound): These ports are necessary for Apple iOS Push notifications on your iOS devices.
- 9000-10999 (UDP): These ports are typically used for communication with your VoIP provider, but only if your provider requires them or you’re using a non-standard setup.
We must stress that you only open the ports you need based on your specific 3CX configuration and features. Unnecessarily opening ports increases your security risk, so contact your VoIP provider if you’re unsure which ports they require for communication.
What Protocol Does 3CX Use?
A protocol is a set of rules and guidelines that govern how two or more entities (such as computers, software programs, or devices) communicate and exchange information. It’s like a common language or set of instructions that ensure all parties involved understand each other clearly and efficiently. The software uses the following protocols in conjunction to create a seamless and secure communication experience, adapting to different network conditions and providing a wide range of features.
SIP (Session Initiation Protocol)
This is the primary protocol for call signalling and setup. It establishes, modifies and terminates voice and video calls between devices. The protocol also governs call features like hold, transfer, forwarding and conferencing.
RTP (Real-time Transport Protocol)
For 3CX to ensure real-time transmission and synchronisation of audio and video streams, it operates through this protocol, which carries the actual voice and video data.
HTTPS (Hypertext Transfer Protocol Secure)
For secure communications for web-based access and management, the software utilises this port, which operates the software’s web management console, web client and provisioning services.
WebSockets
WebSockets enable real-time, bidirectional communication between web browsers and the 3CX server. It is used for features like instant messaging, presence and live call notifications.
STUN (Session Traversal Utilities for NAT)
This protocol helps devices behind firewalls and NAT (Network Address Translation) communicate effectively. It also facilitates the establishment of direct communication paths for voice and video calls.
TURN (Traversal Using Relays around NAT)
This protocol relays media traffic when direct communication isn’t possible. It is used as a fallback when STUN fails due to strict firewall restrictions or certain NAT configurations.
3CX Tunnel Protocol
This is the proprietary protocol for secure remote access and communication. It encrypts traffic for remote apps, SBCs (Session Border Controllers), and remote extensions.
Additional Protocols
Besides the integral ports the software needs to operate, it utilises numerous additional protocols to serve various goals. We can conclude these as follows:
Transmission Control Protocol (TCP) and (UDP) User Datagram Protocol
Depending on the specific requirements of each function, 3CX uses these ports for various network communication tasks.
SDP (Session Description Protocol)
This protocol describes the media capabilities of devices and negotiates media parameters for calls.
TLS (Transport Layer Security)
This protocol is useful for encrypting SIP and HTTPS traffic for security and privacy.
Is 3CX a VoIP or PBX?
Before we discuss what firewall ports 3CX needs, primary and additional ones, we’re answering the question of whether this software is VoIP or PBX. Let’s explain each term briefly before answering.
VoIP
This technology, known as Voice over Internet Protocol, lets you initiate and receive calls over the Internet instead of using regular phones. Each word of the term refers to a more specific function.
- Voice: This refers to the actual audio content of the call, your voice and the voice of the person you’re talking to.
- Over: It indicates the medium used to transmit the voice data. In this case, it’s not the classic copper wires of traditional phone lines but the internet itself.
- Internet Protocol (IP): An IP is a group of rules commanding how data is transmitted over the Internet.
VoIP technology translates your voice into digital packets that travel over the internet using these rules, just like other types of data, like emails or web pages.
PBX
PBX stands for Private Branch Exchange. It’s a type of telephone system businesses and organisations use to manage their internal and external communication. Think of it as a mini-telephone network within your company. Here’s what a PBX does:
Internal Communication
The PBX system allows employees to make and receive calls within the company using extensions instead of individual phone lines. Think of dialling 123 for accounting instead of a long external number. Moreover, it offers call features like call forwarding, call transfer, conferencing, and voicemail, enabling intercom communication between departments or buildings.
External Communication
PBX connects the company to the public telephone network through limited external lines for external communication. This saves money compared to having individual lines for each employee. It also provides features like auto-attendants, which can reroute callers to the appropriate department or individual. The PBX system can integrate with CRM systems to display caller information and route calls accordingly.
So, is 3CX VoIP or PBX?
3Cx encompasses both functionalities; it uses them for different purposes to ensure efficient and seamless services. You can tell whether 3CX is a VoIP system or an IP PBX depending on the specific aspect you’re focusing on. We can explain the relationship between 3CX and VoIP/PBX can be explained in two ways:
Functionally
3CX functions as a VoIP system because it uses internet technology to transmit voice calls instead of traditional phone lines. This lets you make and receive calls over the internet on compatible devices like computers, smartphones, and IP phones. On the other hand, 3CX acts as a PBX system when it offers advanced call management features like routing, voicemail, extensions, call recording, and more. These features typically fall under the umbrella of a PBX system, allowing businesses to manage internal and external communications efficiently.
Technically
3CX is classified as an IP PBX. This means it’s a software-based PBX system that operates over an internet protocol (IP) network. Traditional PBX systems use hardware switches and analogue phone lines, while IP PBXs utilise software and VoIP technology.
Remember, when opening 3CX firewall ports, open the ones you absolutely need to prevent any security issues.