Firewall problems

bksales · June 8, 2018, 10:47pm

There’s something weird going on here. My IP must have changed the other day and none of the PBXs are picking up the new IP from DynDNS, or at least not properly storing them. What happens is that navigating to the PBX GUI via HTTP externally only half works, in that it never fully loads the dashboard or any other modules (if I get it to load far enough to see the other modules). If I VPN into somewhere else that’s allowed through the firewall I get right in. Shutting off the firewall provides the same result.

When I wait 5 minutes or so for it to load enough of the dashboard to be able to navigated to the firewall at the top it tells me that

"The client machine you are using to manage this server (XXX.XXX.XXX.XXX/32) is not a member of the Trusted zone. "

which got me thinking there maybe a bug in the firewall. If I ping my URL from the PBX it resolves to my current IP. Another data point: after adding my URL to the networks list it wont show up in iptables until I manually stop and start the firewall. In most cases even once I get it to appear in iptables I still cant get in. I’m also whitelisted and not banned.

This is happening on machines on 10.13.66-20, 10.13.66-22, and 12.7.5-1805-2.sng7.

I also called the ISP who did the usual bunch of nothing
-restart modem
-restart router
-run a speed test
-tell me that every website that doesn’t work is at fault (which actually may be the case here)

Ive also changed routers and tried using the No-IP DDNS service that comes with the netgear router. Also tried plugging into the modem directly. All yield the same result.

Any ideas or suggestions?

bksales · June 8, 2018, 11:50pm

I’m thinking this is an ISP issue after all. I realized that there were several other non-pbx servers (DNS, Windows, and wireless access point) where we dont have an access control list that I was having a problem reaching. I hot spotted my phone and when connected to that my issues went away (other than being on a 4G connection). New modem has been ordered.

bksales · June 13, 2018, 6:06pm

Another update: after replacing the modem and the router the problem persists.

Also, when I go into a pbx with putty and do “fwconsole firewall trust myddnsurl.com” , which says successful but I need to restart the firewall for it to actually put my URL in the hosts lists. Once that happens I CAN access the PBX.

So this may be an issue with both the ISP and the firewall.

bksales · June 15, 2018, 2:04am

Another update: the ISP came out and found a bad coax splitter outside which fixed most of my issues. So far most of the PBXs are picking up my new IP and the ones that aren’t are on older versions of firmware. I’ll upgrade a few of them over the weekend and see if that makes a difference.

system · June 15, 2019, 2:05am

This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.