Firewall rules not working

I have a fresh PBX that I have configured and is live. I am trying to expose provisioning to the internet for remote phones. I am using the sysadmin pro module to add username/password. However the firewall isn’t working as I expected. I would prefer that I just whitelist all the remote IPs but in this case they are dynamic. I have the main interface set to internet, and have set the services to “Internet”. If I set my test IP as Trusted or Internet, it works as expected. I thought all traffic that came in on the interface would be marked as “Internet”. Am I wrong?

To test: If I remove my IP address from the networks list I get no response:
[root@dev ~]# curl x.x.x.x:84

If I add my IP to the networks list as trusted:

[root@dev ~]# curl x.x.x.x:84
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<html><head>
<title>401 Unauthorized</title>
</head><body>
<h1>Unauthorized</h1>

This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.

Interface:

Services page:

Versions:
FreePBX 16.0.40.11
iptables-1.4.21-34.el7.x86_64
firewall module: 16.0.57.6

I have tried rebooting, updating modules, etc.

I was able to use a different server and got the desired results. Something has to be wrong with this server. One of the things I noticed is the interface is labeled as “dynamic” in the firewall module but the interface should be called eth0?

A server is always static and not dynamic.
The interface needs to be in the Internet zone with a static IP address.
Maybe there were a bug when you installed the server and the interface were dynamic and next you configured it on static.

Check the name of this interface with ifconfig
On Sysadmin, check the config of this interface too.

A provisioning using HTTPS is safe. If you can avoid to use HTTP…

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.