3CX IP PBX with Twilio Elastic SIP Trunking Interconnection Guide Hello and welcome to our guide on how to set up a 3CX IP PBX for use with Twilio s Elastic SIP Trunking service. This guide covers the minimum setup provided: it does not tell you how to set up a complete, secure PBX nor is it intended to replace the core 3CX documentation. With that in mind, let s get started! We re going to cover the following. Set up Twilio Elastic SIP Trunk Adding a Termination URI Creating an Origination URI Assigning a number to the trunk Set Up the 3CX IP PBX Set up the machine or virtual machine Download and Install the Software Configuring the PBX Configuring X-Lite to register with 3CX Set up Twilio Elastic SIP Trunk We ll assume here that you already have a Twilio account and one or more Twilio numbers. Log in to your Twilio account at twilio.com, open the drop down and go to the SIP trunking portal.
Click on Configure at the top of the page and then on Create SIP Trunk Give your new trunk a friendly name and click Create at the bottom of the page. Adding a Termination URI Navigate to the Termination tab and give your trunk a Termination URI. Exactly what this URI is doesn t matter as long as you can remember it and it is unique. Twilio will help you out with the second one, telling you if someone has already used that URI. You will give this URI to your PBX as a way of connecting to Twilio.
At the bottom of the same tab, you can create an ACL. This will cause the trunk to only accept calls from certain IP addresses, reducing the chances of fraudulent use. Since we haven t created your EC2 instance yet, we don t know what its IP address is. Come back and do this bit when you do. Click on the Create IP Access Control List, give your ACL a name, add the public IP address of your EC2 instance and give that a name, too. Then click Create ACL. Creating an Origination URI Again, you will have to come back and do this bit once your EC2 instance is up and running. Navigate to the Origination tab and click Add an Origination URI. In the popup, enter sip: followed by the public IP address of your EC2 instance and then click Add. You should end up with something that looks like this. Assigning a number to the trunk Finally, we need to assign a number to your trunk. If someone calls this number, Twilio will send the call to your PBX. Click on the Numbers tab and then on Add a number to this trunk. Select one of the numbers you have available. It s that easy.
Set Up the 3CX IP PBX If you already have a 3CX IP PBX, you can skip this section. The Windows server used here was on AWS but the instructions should be valid whether you are using some other cloud service or a local Windows server. Set up the machine or virtual machine Supported operating systems for the 3CX IP PBX are listed at http://www.3cx.com/docs/supported-operating-systems/ and hardware requirements are listed at http://downloads.3cx.com/downloads/3cx_phone_system_operating_system_specifications.p df For the purpose of testing, the PBX was installed and configured on an AWS EC2 instance with the following settings: t2.medium instance Microsoft Windows Server 2012 RTM 64-bit Locale English Base AMI provided by Amazon (Windows_Server-2012-RTM-English-64Bit-Base-2015.07.15 (ami-5b57556b)) The security group needed many ports opened, as per http://www.3cx.com/blog/docs/ports-used/ Download and Install the Software A free version of the PBX can be downloaded from http://www.3cx.com/phonesystem/download-phone-system/ Once the download is finished, run the executable then: Read and agree to the EULA. Click install to begin installation When the popup arrives, click Finish Choose if you want to register online (I skipped online it) You will then be presented with a series of popup windows to guide you through installation. My progress through these windows is documented and explained below. The PBX needs a web server. I was installing on Windows Server so I went with the recommendation of using IIS.
Ports 80 and 443 were not being used by any other web server on my Windows instance so I used those ports for the 3CX.
I didn t have any DNS set up on the private LAN so I used the private IP address of the server as the internal FQDN but Amazon did provide me with a publicly resolvable FQDN for the external IP address. I just chose a password I could remember for the certificate password.
I configured the PBX to use English as it s main language. I got the public IP address for my EC2 instance from the EC2 management portal. My instance only has one (virtual) NIC, so I chose that one for the PBX to use.
I m creating a new PBX.
For me, the number of digits in an extension was an arbitrary choice. It may not be for you so pick the option that makes the most sense.
I decided not to set up an SMTP server because I wouldn t be using one for my testing so I left this section at default values. If you have an SMTP server and want to integrate the 3CX with it, enter the appropriate details here.
And then I created an admin username and password. Remember what values you use here because you will use them, shortly, to log in to the PBX and continue configuration.
I m based in San Francisco, California, so I set up my 3CX accordingly.
I used the default of 100 for the operator extension and, because I will not be using my PBX for real world communications, just made up some nonsense information for the operator.
I don t want to allow calls from my PBX to any country other than the US. Because this is a test system, the potential for fraudulent use far outweighs the potential benefit of being able to call internationally. That may be different for you.
That was all the settings for now. I watched the installation progress and clicked Finish when it became available.
Configuring the PBX Once installation was done, the application automatically opened the management page for the PBX and invited me to log in. If this doesn t happen for you, open a web browser and navigate to https://localhost/management/mainform.wgx. The login credentials are the ones you just created.
Before you can build any trunks on the PBX, we need to run the firewall checker. This makes sure that all ports are open and being forwarded correctly on your firewall. If you have built your PBX on an EC2 instance and used the information at http://www.3cx.com/blog/docs/ports-used/ to configure your security group, you shouldn t have any problems with the Amazon firewall. You may, though, find packets being blocked by the Windows firewall. I had to follow the instructions at http://www.rackspace.com/knowledge_center/article/managing-the-windowsserver-2012-firewall to open the Windows firewall for TCP and UDP packets coming in for ports 5060 and 5090. To run the firewall checker, click on it in the left hand pane...
And then click Run Firewall Checker If all went well, you will get a list of green results. If some of the checks failed, the tool will report this to you. In that case, check your EC2 access list and Windows Firewall settings.
Now, we can connect the PBX to Twilio. Select VoIP Providers in the left hand pane and then Add Provider at the top of the center pane. You will then get a series of pages where you enter the details of your VoIP provider. Set Country to Generic and Provider to Generic SIP Trunk The SIP server hostname is the Termination URI you set up on your Twilio trunk, earlier.
The External Number is the number that you associated with your Twilio trunk, earlier. For now, we won t set an Authentication ID or Password. Twilio doesn t limit the number of concurrent calls you can have on a trunk so you should set Maximum simultaneous calls to some large number - perhaps 10x the number of phones you will have connected to the PBX or whatever your IP connection can handle. The PBX needs to know what to do with incoming calls from this provider. I chose to send them to my Operator. Now, we need to tell the PBX when it should send calls out of this trunk. I decided to congiure my PBX as a dial nine system - if a user dials any number starting with a 9, the system will assume that it is for an outside line and will send it across the Twilio trunk. Before sending the call out, we ll strip the 9 from the front of the dialed number and add a +1. Twilio only accepts calls to numbers in e.164 format. I am assuming here that the user dialed 9+10D for an outside line and am turning it into +1+10D.
Because I set up the 3CX on AWS, any phone I try and register with the system will be external to its LAN. Therefore, I have to update any extensions I create to allow this. The system has already created user 100 for me so I select it in the left hand pane. And then uncheck the Disallow use of extension outside of LAN option, under the Options tab.
Since people outside of the LAN can register to this extension, I want to secure it with a password. To do this, I go to the General tab, and enter one in the Password field. We also need to configure the 3CX to accept incoming call from Twilio. To do this, we select the VoIP Providers option in the left hand menu.
We then select the Twilio trunk, select Edit and go to the Source ID tab. Using the SIP Field and Variable option boxes in the middle of the screen, we can create rules to determine under what circumstances the PBX will accept an incoming INVITE. I decided to check that the User-Agent in the incoming INVITE is Twilio Gateway and that the phone number in the Request-URI is +15102543413.
Configuring X-Lite to register with 3CX Downloading and installing X-Lite is trivial so I won t go over how to do that. Once you have it installed and running, open the Preferences window (on a Mac, you access this via the X-Lite menu at the top of the screen).
Double click the account to access the account settings window. Then enter the following settings: User ID: set this to the extension on your 3CX that you want to register against. I set up my 3CX to direct all incoming calls to extension 100 so I registered my X-Lite with that extension. Domain: set this to the public IP address of your PBX (or EC2 instance). This should match the Static Public IP you used when setting up your PBX. Password: This is the password you set up on the extension.