Hello everyone,
I’m looking for the best-practice method to configure the FreePBX Firewall to work alongside an existing Docker setup on the same server.
My Server Setup
- OS: Debian 12
- Installation: Fresh install using the official FreePBX 17 script.
- Existing Services: The server runs multiple Docker containers.
- Web Proxy: One of these containers is Nginx Proxy Manager (NPM), which handles all web traffic.
- Traffic Flow: The intended flow is: Internet/Cloudflare → NPM Container (on port 443) → various web applications. FreePBX is intended to be separate for handling calls.
- SSH: My SSH daemon is configured to run on a custom, non-standard port.
The Problem
After installing FreePBX and enabling the FreePBX Firewall module, I’ve run into two main issues:
- Docker Port Conflict: My Nginx Proxy Manager container fails to start. The Docker error is an
iptablesfailure (iptables: No chain/target/match by that name), which suggests the FreePBX Firewall is removing theDOCKERchain that the container needs to bind to port 443. - Access Lockdown: The firewall has also restricted all access (including SSH) to my personal IP address only, which I’ve added as a “Trusted” source.
My Question
What is the recommended way to configure the FreePBX Firewall to allow my Nginx Proxy Manager container to function correctly on port 443, while still securing the PBX? My goal is to keep the NPM/Cloudflare setup for web traffic and have FreePBX handle telephony, all on the same machine.
I’m finding it difficult to create a simple “allow port 443 from the Internet” rule, as the interface seems to be zone-based and I can’t find a clear “Services” or “Ports” configuration area.
Thank you for any advice you can offer.