FreePBX Firewall - Remote Office Blocked one morning

Is there a way to find out why a remote office (which has worked for two weeks without issue), have no phones working in the morning? I went into the FreePBX firewall and noticed that their IP was blocked. Unblocked (hit the red X) and all is good.

They are using a DSL line which may have rebooted/power outage over night… I am trying to figure out how to make sure it doesn’t happen again or more specifically why… I would think the devices would have registered successfully… without failure… There are about 6 phones.

I have contacted the DSL vendor to see about static IP options, but I don’t think it is an option.

Would appreciate any advice.


You didn’t mention if you are using Adaptive Firewall?

Yes, sorry, adaptive firewall built into FreePBX.


From what I understand (and there are lots of people here that know more) if the phone(s) from a specific IP address register and deregister more than a certain number of times (like, maybe 5), the firewall flags the address as ‘suspicious’ and blocks it.

There should be a log that tells you why the firewall flagged your host.

Thanks, that is what I suspected probably happened… all phones tried to register at once, and it thought was suspect?.. wonder if threshold can be changed… or adjusted to allow this to be resolved.

Lorne (@lgaetz ) might have some additional insights, but it seems to me that the ruleset is pretty locked down.

Adaptive firewall is better suited to single extensions registering from many different IP vs multiple devices registering from a single IP. There is no way to adjust the threshold for this, but there is a fairly simple fix. Use a Dynamic DNS service to update a FQDN for your dynamic IP, then whitelist the FQDN in firewall. That will bypass adaptive altogether.

Thanks I will do that instead.