FreePBX Distro (IAX default settings) security issue (?)

I have two installations of the FreePBX.

  1. FreePBX Distro (FPBX-1) with Asterisk 11.6.0, PBX Firmware: 5.211.65-1, PBX Service Pack:, (physical server)
  2. FreePBX as 5.211.65-1 Script (FPBX-2) with Asterisk 11.7.0, PBX Firmware: 5.211.65-1, PBX Service Pack:, (vps).

Both of them have the default Asterisk IAX Settings.


On the FPBX-2, I configured an IAX2 Trunk (without username, without password, context=from-internal) with following parameters:

Trunk Name: FPBX-1 Outgoing Settings

PEER Details
host=17X.XXX.XXX.XXX (FPBX-1 IP)

Incoming Settings
USER Context: empty
USER Details: empty

Register String: empty

On the FPBX-2, I configured the outbound route “all external calls to the trunk FPBX-1”.

Now it is possible to place external calls from the FPBX-2 through FPBX-1 in accordance with the outbound routes of the FPBX-1 without the FPBX-2 registration on the FPX-1.

Setting of one or two fixed IP-addresses as “Bind Address” in the Asterisk IAX Settings of the FPBX-1 does not help to avoid the placing of external calls from unregistered FPBX-2.

There is no registration or another information regarding unregistered IAX2-trunk of the FPBX-2 in the “Reports - IAX info - IAX2 Peers” of the FPBX-1.

Any comment?

sir i have to establish a trunk between 2 asterisk servers, one is having elastix and in other server i m having freepbx installed.
i want to make trunk between these two. the server having freepbx has ip like this 1xx.xx.xx.xx:8080. can this IP be used when we are making trunk?