Firewall Config Goodies are hidden


(Greg Snover) #1

Maybe it’s me (probably is) but I was setting up FOP2 for a customer and I could not figure out where to allow it through the Firewall - A little google-fu found this post:

Adding a custom port to the firewall - FreePBX / Tips and Tricks - FreePBX Community Forums

And then I finally noticed the Fly-Out - I didn’t think to click on it because of all the normal menu options that are displayed on the landing page - Maybe put a “Sparkle” on that fly-out? It’s just not obvious it’s there until you have been told it’s there.


(Greg Snover) #2

Self-Solving - See above.


(Jared Busch) #3

Assuming they are from a trusted IP in the first place, FOP2 should just work. I never need to add the port to the firewall specifically.

FOP2 is not written with security in mind. I would never allow it open to the public internet.


(TheJames) #4

I don’t think FOP2 was written with anything after 2005 in mind <.< >.> full disclosure last time I used it was in the trixbox days.


(Greg Snover) #5

Nope - using my lovely firewall, I only have it exposed to the customers office where they are accessing it.

I too played with FOP back in the Trixbox days and then ignored it because i9 and iSymphony were right up the street from me and so using that was simple.

Fast-Forward to today, and iSymphony does NOT want to work with Asterisk 18 - but FOP2 is quite nice, reasonably priced, and easy to set up.

Check it out again - I make no claims on it’s security (or lack thereof) but if you restrict access to it, its quite nice.


#6

You could change fop2 to use secured access to AMI , a couple of changes to /usr/local/fop2/fop.cfg and /etc/asterisk/manager.conf

should be all you need.


(Greg Snover) #7

Nice - Thanks!


(system) closed #8

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.