Hello. Sorry this isn’t a pithy tl;dr type post, but I figured giving more context information in the beginning would save a lot of “yeah I already tried that” since I’ve literally been at this now for days with no solution…
I have FreePBX installed (for experimentation purposes; nothing for actual Production yet) on a Linode. The Linode has a static IP address exposed to the Internet by default, and I have installed the latest stable distro of FPBX from their site. The install goes fine, but around the time it turns on the Firewall, and then the Responsive Firewall, I completely lose connectivity to the server. This means the web page GUI dies, and even if I try to SSH into the server, my session dies if I’m already in, and refuses to connect if I try after all this starts.
At first I thought the whole Linode was dying (e.g. server crashed / locked up) since there we just no signs of life all of a sudden. After using their internal “LISH” console however, I discovered taht I actually could log on to the terminal, but it was just refusing anything from outside. I could ping from my Windows machine to the server, but once this starts I would get "Reply from my.ip.address.here: Destination port unreachable.
I’ve seen people suggesting to turn off the firewll with fwconsole firewall disable, which does indeed turn off the firewall, but it didn’t seem to fix this problem. Ultimately, I tried the more extreme move of fwconsole ma delete firewall, which (after a reboot) worked. Reinstalling the package from within the GUI system and pacakges update screen immediately locked me out all over again. Again going to LISH (the only way to get back onto my machine at this point), fwconsole ma delete firewall and I am once again back in the machine-- GUI, SSH, and my phones (once set up) are connecting.
I did run iptables -L and, although I don’t entirely understand everything I read in there, I don’t see anything related to my IP address that woudl indicate that I’m being blocked. I obviously don’t want to wire this thing up to my SIP trunk with the firewall completely ripped out, but I do not understand why it’s doing this… and BTW, with the firewall installed, my public, external IP address from my machine here is in the whitelist.
Any suggestions as to how I can determine what’s going on here/ It seems odd that this thing would so drastically ban you right out of the box on install. I’m obviously grateful for the security but I need this to work without just unplugging stuff until it does. Thank you anyone for your help here!