The Mikrotik company releases very flexible and inexpensive devices of routing under the general name Mikrotik Routerboard long ago. Despite extensive line of these devices, they are integrated by single operating system? Mikrotik RouterOS. Setup of routers of Mikrotik with 3CX Phone System is absolutely not so difficult for work as can seem at first sight. Let's consider setup on the example of RB2011UiAS-2HnD-IN router Wi-Fi. This router perfectly will be suitable for the organization of access to the Internet for small and medium-sized company.
Attention! The different Mikrotik models can have different presets. In particular, models for SMB segment are preset so that with the minimum settings to provide Internet connection through the first port of router of Eth1. We will take this advantage.
Basic setup of router for Internet connection
If you have new router, load the utility of Winbox and be connected to the device to the address 192.168.88.1 with admin user name. After connection click in the upper left corner of the Quick Set menu.
- Updating of firmware of router. From it it is necessary to begin and continue after reset of the device.
- The Wi-fi settings of the module of router (if your model has it).
- Settings of Internet access. In this case PPPoE access through Ethernet1 port is used.
- Settings of local area network and DHCP server. Attention! The DHCP setup of the server demands the additional actions described further.
- Password of access to router control interface.
Settings are rather obvious. After installation of parameters click Apply or OK.
DHCP setup of the server
Pass into the section of the menu IP> DHCP Server> Options.
Here it is necessary to create new DHCP option 66 and to specify by its value the HTTP link for autotune of your IP phones. This link needs to be copied from the section of Setup> Autotune of phone of the console of management 3CX. Thus the line needs to be taken in single quotes, for example, 'http://192.168.0.2/provisioning/hwz44ph6o9'.
For completion of setup come into the section IP> DHCP Server> Networks and tune up the DHCP server. In this example the DNS server, domain name, time server and the option 66 created earlier DHCP are installed.
Shutdown of SIP ALG
In order that you had no problems in work of remote connections in 3CX Phone System, it is necessary to disconnect SIP Application Layer Gateway which is built in router. For this purpose pass into the section IP> Firewall Service Ports and disconnect the SIP ALG service, having clicked with red dagger on top.
Creation of rules of the network screen and NAT
To implement in router of Mikrotik Full Cone NAT, or, in other words, to publish on external the interface necessary ports of the 3CX Phone System server, it is necessary to create rule set of the firewall. All rules are created uniformly.
Pass into the section IP> Firewall> NAT and press plus image button for adding of the new rule. In this example rules for two SIP providers with IP addresses 22.214.171.124 and 126.96.36.199 are created. Rules for external connections of HTTPS (port 443 are also created? statuses of ext. of number, indication of presence of clients 3CXPhone and remote administration of the server) and rules for 3CX Tunnel (port 5090 UDP and TCP).
Rule for the SIP server
Parameters are established in the General and Action tabs.
- Direction of action of the rule
- Foreign address for which this rule is effective. In this case, it is IP the address SIP of provider. Attention! The traffic only for necessary IP addresses, but not for all Internet is recommended to resolve the external entering SIP and RTP!
- Protocol type
- Port of service which is published
- The interface for which this rule is effective. In this case, it is PPPoE the interface of connection of router to Internet service provider
- Action which executes the rule
- Local address of the 3CX Phone System server
- Local port of the published service
Rules for 3CX Tunnel and HTTPS
Rules are configured similarly, but the address of source is not specified. That is, the rule works for any host in the Internet.
Optionally: setup of time server of NTP
If you want that Mikrotik router was also time server for IP phones in your network, it is necessary to load and set the packet starting the NTP server in router. The archive of packets for the current RouterOS version can be loaded (actually only for RouterOS 6.24 here!). After loading unpack archive and drag the ntp-6.24-mipsbe.npk file in the File List window caused by the side Files menu.
Attention! Load the file of packet into root of file system. After that overload router in the menu System> Reboot.
After reset turn on the NTP server in the menu System> NTP Server.
In the menu System> NTP Client set the IP address of the preferred NTP server in the Internet for installation of exact time on router.
Also it is recommended to determine the current time in the menu System> Clock.
On it setup of router of Mikrotik for work with 3CX Phone System is complete.
Of course, routers of Mikrotik have set of other important settings which can be used in your network, however their consideration is beyond this article.
This article is a translation of the original post at habrahabr.ru/post/257643/
If you have any questions regarding the material covered in the article above, please, contact the original author of the post.
If you have any complaints about this article or you want this article to be deleted, please, drop an email here: firstname.lastname@example.org.
We believe that the knowledge, which is available at the most popular Russian IT blog habrahabr.ru, should be accessed by everyone, even though it is poorly translated.
Shared knowledge makes the world better.