Sorry for a basic post. I know firewall ports questions comes up a lot, but unfortunately I have managed to comfuse myself somewhat and need some pointers in the right direction.
I set up Freepbx a few months ago. I pretty much closed everything down on the firewall to just allow users/extensions within my local network access to the freepbx or via VPN.
I wanted to see if I could easily allow external users to gain access without the need for a vpn to try and simplify things and not worry about VPN connection drop outs etc.
First I should give a bit of background info…please let me know if you need more.
Free pbx is installed behind a draytek router/firewall. I have a static IP address for my internet connection. My SIP provider provides authentication on my IP address, not other authentication is required. I initially opened up the ports in my draytek router from 10002 - 20000 to allow access from from just my sip trunk providers IP address. I also opened up port 5060 for just the sip trunk provider - although I am unsure if this is necessary? I have also set up the freepbx firewall using the wizard. The Sip trunks are PJSIP. Extensions are PJSIP.
I have an old version of the Bria phone app installed on my mobile. Today I tried opening up the ports 10002 - 20000 on my router/firewall to all traffic as well as the port 5060. The Bria app would occassionally register and would allow me to make calls, other times it wouldn’t register at all even with the same settings. So I installed the Zoiper free lite app. This connected instantly and worked as expected. After aproximately 30 mins to an hour, I started getting what appeared to be internal calls from extension 1001, but I don’t have extension 1001 set up.
At this point alarm bells were ringing so I decided to shut down the open ports in my Draytek back to how they were set up previously. Unfortunately the calls kept coming. In the end I shut down the router and restarted it, but the calls kept coming. I unplugged the modem connection and then calls stopped. After 15 mins or so I plugged the modem back in and so far haven’t had any more calls from extension 1001. Does it take a while for Draytek to shut a port down in its firewall or is it instant?
Would it seem that in the timeframe set out above, that someone was trying to access my system?
Does my sip trunk provider require access to port 5060 to make / set up the SIP calls?
I have read that it is best to change the port that telephones use from 5060 to another port…but this is where my confusion comes from… do both telephones and my sip trunk provider require the use of port 5060 or is it just the telephones?
Sorry for the long post, but I am struggling to get my head around the ports used as it has been a little while since I initially set it all up.
I have closed of 5060 to my sip trunk provider on the draytek firewall and I am still able to make and receive calls, but I am wondering if this is to do with the fact that there maybe a delay in the draytek, or is it not required? I was certain that I needed it open to the sip trunk provider when I originally set up freepbx, and that I couldnt make calls until I had opened this port to the sip trunk provider?