Is the IAX protocol safe to use connected directly to the internet?
I have had a fanvil c58 and a cell phone running Zoiper connected to my soon to be production box and haven’t seen any attempts yet. I do have it behind a firewall and only opened up the IAX port. my need is to have my sales and support guys that use cell phones and call customers to use an extension on the system so they don’t give their cell numbers out.
Enable the responsive firewall for IAX and you should be okay:
https://wiki.freepbx.org/pages/viewpage.action?pageId=52068495
thanks, Got that turned on and since i have several static IP’s i have set up one on my fortigate as virtual and have it pointed at my box, and filtered to only pass the IAX port. so far so good. for this anyway.
Although IAX is less interesting for hijackers but its always safer and in most cases cost effective to use an SBC (session Border Controller) at your edge, it might add some hundred bucks at the installation time but can save thousands later. If you miss a single trick and your lines hijacked for only a couple of hours, you will be disappointed of your savings today. People at Sangoma can offer you small SBCs with a very reasonable prices.