Deep Dive Guide

3CX v20 SBC branch estate incident response playbook with evidence capture and decision trees.

An incident playbook for triaging failures quickly, preserving useful artifacts, and guiding operators toward repair, rollback, or escalation.

Search Deep Dive Topics Back to Deep Dive Index
Primary GUI Locations

Anchor the deep dive to the exact 3CX v20 screens you are likely to touch.

These are the main 3CX interface locations tied to this topic. Use them to shorten navigation time before you move into host, DNS, firewall, or provider-side checks.

  • Web Client > switch to Admin Console for system-wide telephony changes, trunks, users, call handling, and integrations.
  • Admin Console > Users > select the user > IP Phone to provision, reassign, or review phone settings.
  • Admin Console > Voice & Chat > + Add SBC, then return to Users > IP Phone to bind phones through that SBC.
1. Scope And Success Criteria

Define the boundaries before production starts moving.

Modernization work has to reduce risk, not simply move it around. Sequence the change so each milestone leaves the environment more observable and easier to recover.

  • Inventory every dependency touching SBC, including hidden dependencies such as service accounts, forwarders, trusts, certificates, or delegated admin workflows.
  • Freeze unrelated high-risk change during major milestones so the signal stays clean.
  • Write success evidence in operator terms: sign-in works, name resolution is stable, management is reachable, and rollback remains viable.
  • Assign clear stop points where the team can pause if Branch Office validation fails.
2. Discovery And Preconditions

Baseline the current state before introducing change.

Capture health and inventory first. The baseline is what lets you tell the difference between expected coexistence noise and a real regression.

  • Export current configuration, ownership, and topology for SBC and adjacent services.
  • Measure present-day health for Branch Office, logs, alerts, and operator runbooks before starting the move.
  • Document exceptions, unsupported integrations, and any legacy dependency that still relies on Provisioning behavior.
  • Prepare pilot scope, rollback path, maintenance windows, and evidence collection locations.

Command path:

  • sudo systemctl status 3CX* --no-pager
  • sudo ss -tulpn | egrep ':(5060|5061|5090|5001|9000|9001)'
  • sudo journalctl -u 3CX* --since '-2 hours' --no-pager
  • certutil -urlfetch -verify certificate.cer
  • openssl s_client -connect service.example.com:443 -servername service.example.com
  • tracert target.example.com

GUI path: 3CX Admin Console > open the owning area for trunks, users, call handling, storage, backup, reports, or integrations before changing host-side dependencies.

3. Implementation Sequence

Sequence the change so dependencies remain testable.

Use tight sequencing. Every state change should have an immediate validation step before the next dependency moves.

  • Build the target path for SBC alongside the current path where coexistence is supported.
  • Shift one authority plane at a time: service binaries, configuration, identity bindings, name resolution, then client or workload targeting.
  • Keep old and new control paths observable until Branch Office proves stable across more than one test path.
  • Record every manual change so rollback does not depend on memory during a tense cutover.
4. Validation And Testing

Testing has to cover behavior, not just status lights.

Operator-ready testing includes positive flow, negative flow, failure injection, and recovery checks. Green dashboards alone do not count as signoff.

  • Test from at least two user or workload paths and one admin path so SBC is validated from different failure domains.
  • Confirm Branch Office behavior under normal load, after a restart, and after a forced rediscovery or cache flush event.
  • Run failover, referral, replication, or reconnection tests where Provisioning makes the difference between stable and fragile.
  • Document exact commands, UI checkpoints, and evidence artifacts required for final acceptance.

Command path:

  • sudo systemctl status 3CX* --no-pager
  • sudo ss -tulpn | egrep ':(5060|5061|5090|5001|9000|9001)'
  • sudo journalctl -u 3CX* --since '-2 hours' --no-pager
  • certutil -urlfetch -verify certificate.cer
  • openssl s_client -connect service.example.com:443 -servername service.example.com
  • tracert target.example.com

GUI path: 3CX Admin Console > open the owning area for trunks, users, call handling, storage, backup, reports, or integrations before changing host-side dependencies.

5. Cutover And Rollback

Plan the move back before you plan the move forward.

A real cutover plan defines what changes, what stays stable, and what triggers immediate stop or rollback. That discipline keeps the team from improvising under pressure.

  • Choose the lowest-risk cutover point, then pre-stage DNS, client targeting, monitoring, and communications around it.
  • Define rollback triggers in terms of observed user impact, replication health, queue depth, auth failure rate, or management loss.
  • Keep the old path read-only, isolated, or otherwise protected from accidental split ownership during coexistence.
  • Capture post-cutover evidence before decommissioning anything that would make reversal harder.
6. Operations Handoff

Finish by making the new state supportable.

The project is not done when traffic moves. It is done when the operations team can monitor, back up, troubleshoot, and recover the platform with confidence.

  • Update monitoring, backup, alerting, and audit coverage for SBC and all new dependencies.
  • Refresh operational runbooks, breakglass access, and access reviews for teams that own Branch Office.
  • Retire stale records, abandoned automation, and outdated references that still point at the replaced service path.
  • Schedule a post-change review to turn the migration evidence into a reusable operating standard.