Hey, a new freePBX user here. These forum pages have been of great help in my various installation attempts, and I am grateful.
I have a query though on the network configurations. I have installed FreePBX 13.0.1942.2 with Asterisk13.12.1, in a VMWare as a test environment for use as a VoIP PBX. The guest machine has a bridged network working with it, who’s IP is 1_92.168.1.x,_ The Host machine’s IP is 192.168.1.y-basically on the same subnet.
What I was wondering is, when deployed in a live environment, where does FreePBX derive it’s IP from? Is it from the “manual configuration” that one is prompted to enter during the initial stages of installation? If so,
Moreover, in this test environment, the IP range is 192.168.1.0/24, what happens when I change networks and the IP range is different? How could I still possibly access the WebUI? or does the FreePBX change addresses just as the host machine would take up any new addresses? Especially if it is different subnet…
This is where routing gets involved, presumably through a router(?) or a machine that is acting as your default gateway device and can route traffic to these other networks.
How is your network setup? Is this a home based test network? Or are you in more of a corporate environment with firewalls and routers?
Sorry for the late reply…
this is a home environment, I am learning, hoping that one day I may be able to learn and deploy FreePBX professionally.
The set up is, currently, there is a router that dissipating the IPs, which are used by the host machine as well as other devices on the network, like my phone and brother’s laptop.
What I am wondering is, do I have to put a router between the host machine and say a SIP line provider or I can take the incoming line (say fibre or copper twisted pair) to terminate at the host machine directly and input the IPs.
You would be better off putting the router between your ISP (fiber internet) and your PBX. I wouldn’t recommend directly attaching the PBX to the internet, You would want your router to filter out the script attacks that are done to IPS looking for vulnerabilities to systems. You would then port forward the traffic ports that you need for FreePBX to the server IP hosting the system. Then additionally (assuming you are using the FreePBX distro which I would highly HIGHLY recommend) you would use the FreePBX firewall mechanism to provide further attacks that would come across the port forwarding SIP ports. This firewall wall, along with Fail2Ban process does a really good job.
Ah, that is commendable idea to do. Thank for that. Let me gather some cash and get a small time router for this use.
Thank you @dickson for that.
By the way @dickson, I have a question, what of an instance where you put the SIP line directly into your device(which you have not recommended), what would be the best configuration setup.
I am thinking of exploring using DD-WRT or open-WRT of Security onion in a virtualized guest machine to do the monitoring for now. I believe it is not a big deal for now, since I don’t have a SIP trunk incoming as of now.
Honestly you can do whatever you want. I have providers that give me a dedicated SIP line for their service that doesn’t come across the internet, and I plug those right into my PBX without issue and just use the freePBX firewall system to keep things in order. If the provider is giving you a SIP line and its on a connection that has internet activity I would always firewall that.
Minimize your risk of somone breaking in a possibly running up huge toll fraud. Or worse…calling an airline on your callerID and you making it on CNN in a bad way.
Hehehe, I get your concerns. Thanks Sir.
This topic was automatically closed 365 days after the last reply. New replies are no longer allowed.