I am seeking out guidance for being able to auto whitelist remote IPs.
Here is my setup:
Cloud Hosted FreePBX
Built in Firewall Enabled. Intrusion Detection Enabled.
Two remote locations that use Starlink as their ISP.
For all that do not know, Starlink constantly changes the public IP address at these locations, so I am whitelisting the Network Zones for these remote locations daily. If I do not add these new IPs to the Trusted Network Zone, the phones are no longer able to dial out. However, all inbound calls to extensions remain in tact after the IP changes.
My intrusion detection works as expected and has the feature enabled to auto-whitelist IPs from extensions that successfully register. However, this does not work as a two-way sync between Intrusion Detection and Trusted Network Zones. Does anyone know of a setting or feature I can enable that will automatically trust the Network Zone of a remote location in which the extension successfully registers?
I went to my VOIP doctor and said " Everytime I accept UDP:5060-5099 I get hurt by floods of bogus calls", he answered “No Shit !”, so I said “So what can I do?” , and he said “Try not using that transport!”, so I didn’t and what do you know ? IT MAGICALLY STOPPED HURTING!!
We set up Wireguard on our remote site routers to a site with a static IP.
Then, we send voice traffic over then connection. Keeps the firewall list simple.
