FreePBX firewall blocks all remote extensions

Hi, a FreePBX server with the FreePBX Firewall module enabled blocked all the valid extensions until I ran # service iptables stop at which point all the extension registered immediately. This happens whenever an endpoint becomes unreachable for some reason.

During the time no extensions were able to register, in cli> there was no attempt shown to register. But that makes sense since the firewall is blocking.the reg packets.

Could get to the FreePBX Gui without any issue. FreePBX firewall did not block the ports (80,443)

The FreePBX server is remote to all endpoints. In the Network tab of Main, only added my IP address as ‘Trusted Excluded from Firewall’ Did not add the remote IP address of the endpoints because where the endpoints are, their IP address is DHCP and does change periodically.


Services tab have the defaults:

Extra Services are default:

What I don’t get is why SIP would be local when all endpoints are remote. My thoughts are SIP should be in Internet zone. But apparently my thinking is incorrect. However as stated at the beginning. All endpoints cannot register.

For the time being, have removed FreePBX Firewall from modules and installed our iptables script.

Perhaps someone out there has a better understanding to get FreePBX Firewall to let endpoints re-register when they go UNREACHABLE.


This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.