Responsive Firewall

I’m trying to get the responsive firewall to work.

My edge firewall is allowing ports 5060-5061 and 10000-20000 through to my PBX. There is a single interface in the PBX.

I can register my extension, but it does not show as registered in the firewall. I can also see other traffic to 5060 from unknown address, and they do not appear to be blocked.

Am I doing something wrong?

You are looking at Firewall Status? If the IP you’re registering from is white listed in Networks, then it’s bypassing the responsive firewall and will not show in the Status menu. Responsive only acts on packets that would otherwise be blocked. This video touches on responsive: Open Source Pro Tips #2 - Firewall Basics

Thanks Lorne. Interface was misconfigured.
For our clients, we currently whitelist IPs allowed to get to the admin GUI at the firewall. If the FreePBX firewall is on, am I correct in assuming that I also need to whitelist those IPs on the FreePBX firewall?

If I understand what you’re asking, yes you need a rule for each firewall to allow access from any specific source IP.

You do understand correctly. Whitelist to let them through the edge firewall and whitelist to let them in FreepBX. Sounds good to me. Belt and suspenders.

You sir are a prince.

Thank you.

1 Like

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.