Outside access from the internet - Admin login not possible

Weird situation

Let’s start off with the fact that nothing has changed recently. Everything is working as expected in repsect to https. Currently I have 2 https ports open to the internet for certain purposes like the UCP or a very limited admin control.

Both https ports work internally 100% but external only the UCP https port works ! The admin panel https port used to work, but not any longer. If I call the port internally on the server, everything is fine which would conclude that this is not an Freepbx issue. But since I did not change anything in the router, I’m stll want to re-assure that Freepbx is not the cause.

Any ideas anyone ?

Can you check log files with router to determine all is as expected?

Ok, just continued my analysis.

I have 2 ports exposed. 1 is currently accessible from the internet in this case the UCP services. I used that working services to test my portforwarding in my router. In other words, both forwarding rules for the different ports end up at the UCP http port. Conclusion → Modem is not the problem.

Turned of my FreePBX firewall… and admin panel is working again. How can I restore this within the firewall of FreepBX?

I found the culprit but I don’t understand it.

After changing the firewall eth0 setting from internet → trusted network the admin panel was accessible from the internet. The UCP was always accessible from the internet via https://

Freepbx is running as a VirtualMachine on a fixed-ip address in my network, which is then connected to the router.

Can someone explain what the freepbx firewall difference is between internet/trusted and why this blocks/unblocks the Admin Panel ?

Maybe you’ve got something disabled in the menu Services on the right of page.
But, I will be you, I will not use a direct access for your system. Maybe prefer any VPN access.
Just an idea like that.

Brush up on the firewall basics:

I don’t recommend allowing untrusted access to the admin Gui ports.

Thanks for this hint. I was afraid that my answer would not be in the video, but you pointed out the “services” setting in the firewall which maybe deserves a more visible place. Not used to extra functionality in a hamburger menu on the right :wink:

My issue is resolved with your help and now using Internet (Default Firewall) again.

This very complaint is the primary reason why this GUI change has been implemented New GUI setting for Flyout (r-nav) menu on right

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.