I am puzzled by this one. On one installation of FreePBX/Asterisk 13, in the Asterisk Info Peers report, I notice that all remote SIP peers are indicating Host as the PBX server IP address instead of reflecting their WAN IP source, from where they are connected (refer enclosed picture). The registrations and calls are working perfectly. However, since every remote connection is presenting PBX IP, Fail2Ban is going for a toss - as every hack attempt is also reflecting with this IP hence, all remote users get banned enmasse. Adding the PBX IP to whitelist will make the whole IP security futile. I am curious to find why is this happening in the first place. Have compared config-to-config line by line for all config files esp pertaining to NAT, but cannot make out the cause for this. Is it possible the Router behind which the PBX currently sits may be presenting this IP instead of the source IP?
Appreciate some guidance. Thanks.