Intrusion Detection not allowing whitelisted IP's in PBX17

Hello,
I was wondering if anyone else is having issues with the Intrusion Detection Module still blocking IP’s even after it is put on the whitelist?

For our setup, we have a security platform that will scan all the computer devices in our company and identify security risks. We add the IP of the scanner into the Intrusion Detection whitelist, but every week, we still see where fail2ban will block the connection.

Correct me if I’m wrong, but there is a direct correlation between what is entered on the whitelist GUI and entries seen inside of the /etc/fail2ban/jail.local file. From what we have seen, on PBX version 17 systems, this list is not being updated when the whitelist is changed in the GUI. What we have seen is that on older Version 16 PBX’s, this seems to be working properly.

So my question would be, is there something that I’m not doing correctly to whitelist an IP, or could this be a bug in version 17?

Hi Leel, this is a known issue and it’s already reported to our devs.
I will let you know as soon as we have a fix.

Thanks!

1 Like

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.