The web GUI shows error “Default Asterisk Manager password used”.
I found this thread: http://www.freepbx.org/support/documentation/faq/changing-the-asterisk-manager-password
However, the procedure described there is outdated, because it only applies if the authentication is stored in files etc/amportal.conf and etc/asterisk/manager.conf , while the FreePBX v.2.5 stores the authentication in the database. Extract of amportal.conf:
AUTHTYPE: authentication type to use for web admin
If type set to ‘database’, the primary AMP admin credentials will be the AMPDBUSER/AMPDBPASS above
valid: none, database
AUTHTYPE=database
What is the proper way to change the default Asterisk Manager password in this case?
Thank you Mikael, however this procedure does not apply to FreePBX 2.5, because it does not store the password in these files. In 2.5 the password is stored in the database (see my description in the beginning of this thread). I am looking for proper way to update the default Asterisk password when it is stored in the database.
Asterisk Manager password is NOT stored in a database. It is located exactly as I pointed out in my reply.
The user admin however, for accessing the FreePBX portal, is stored in a database together with the password. You change that in the section Administrators in FreePBX setup.
I got it (finally : ) . The warning refers to Default Asterisk Manager password, which has nothing to do with the default username/password for accessing the FreePBX portal.
Anyway, I followed the above procedure and the warning disappeared (thank you Mikael). Sure enough, this had no impact on the default username/password for accessing the FreePBX portal - it still works (freepbx/fpbx). Anyone knows how to change this password or disable this account?
Here’s the problem which I don’t think the developers have taken into account.
Yes the passwords are located in the amportal.conf and manager.conf however they also exist hard coded in the Admin files /var/www/html/admin/functions.inc.php, /var/www/html/admin/modules/framework/htdocs/admin/functions.inc.php, and /var/www/html/admin/modules/core/agi-bin/user_login_out.agi so you need to change them there as well otherwise the freepbx admin interface fails to logon using the manager.conf password.
*** BIG CAVEAT here *** if you upgrade your framework those AMPMGRPASS(s) will again go back to the default amp111 and you lose connection all over again.
Hey FreePBX developers please parse the manager.conf or amportal.conf to get the current passwords so the admin interface doesn’t fail after an upgrade.
I think you may be confused. There is a default set in /var/www/html/admin/functions.inc.php which is used if nothing exists in amportal.conf.
users_login_out.agi has it commented out. It obtains the user and password from the globals set in the current executing channel, and those are obtained from the same place as above.
The functions.inc.php from framework are irrelevant and the same as the above, that is simply the copy from the module that gets installed to the above location.
If you are finding hard copies elsewhere, then you either have an old version of FreePBX (probably pretty old) where this was an issue, or you need to file a ticket with the specific information so it can be tracked down. Checking the mentioned files in the latest releases, I don’t see it hard coded. It is parsed.
I am new to Asterisk and this forum, any assistance on the following items would be appreciated
I have just completed a new installation of AsteriekNOW 1.7.1. I launched my web browser to its IP address and attempted to connect to FreePBX Administration, but I do not know the default USER NAME or PASSWORD.
At the same time I would like the LocalHOST loggin credentials also.
When I refer to a DMZ I am not talking about consumer grade firewalls that use the term DMZ to indicate a host that all outside traffic is forwarded to.
When I refer to a server DMZ I am speaking of a protected VLAN that contains only devices that need to expose services to the untrusted network (typically the Internet). NAT is used to forward only required traffic to the hosts in the DMZ.
In the closed source world Cisco ASA’s and Juniper Netscreen devices have this capability.
pfSense can also create multiple security zones and is open source.
It seems that most firewalls (at least the cheaper ones) don’t allow me to enable a DMZ server without NAT. Are there any problems with using NAT to access the server? If so, can you recommend a firewall that allows you to specify a an IP for the DMZ server that is in the public domain (and not on the LAN)?