Port Forwarding for Softphone

[chadharrelson]

Hello!  We have a few workers that use softphones to connect to our 5000, but in order for them to function they have to be logged into our VPN.  I'd like to set up port forwarding so they wouldn't have to be on our VPN 24/7 in order for their softphones to work.  Can anyone point me in the direction of a guide/manual to do this? 

[Tech Electronics]

Chadharrelson,

You need to specify which softphone you are using.

Is it the 8601 or 8602?
Is it the UCA Softphone?
Is it a SIP Softphone?

Thanks,

TE

[chadharrelson]

Sorry for the delay.  I'm using a 3CX SIP Softphone. 

[chrismitel]

Hi,

We don't allow it without the use of MBG.

I really wouldn't recommend doing this due to a very high risk of toll fraud.  Stick with VPN.

Regards

[Tech Electronics]

Chadharrelson,

You can make this happen as the 5000 does not require the Mitel Border Gateway (MBG) to make this work; unlike the 3300.

Now, that being said there are some concerns as Chrismitel's answer suggested that there could be issues of Toll Fraud if it isn't implemented correctly and security isn't foremost in its design.

Your best bet is to open only the ports necessary for the 5000 to work with all of your remote applications and in the case of the SIP phone only allow specific MAC addresses to utilize those ports when going through you firewall. Also make sure that the password associated with your SIP phones are not the same as the extension and do not coincide with any numbers associated with the phone or the 5000 in general.

If you need to know specifics on the 5000 side after reading this then just post back.

Thanks,

TE