Sangoma Connect Server Daemon adding entries to IP address to the firewall

Today we reviewed my firewall networks, we found 7 ip addresses added to my firewall relating to Sangoma Connect. We do have a two licensed Zulu accounts. which work fine with or without Sangoma Connect. At the same time we are also now seeing and lot of fail2ban notifications from the usa, Israel, and Ukraine since the update added these to our firewall settings. I’m more inclined to add UWF and define who can come in and ban the rest.

So the question I ask
1, do you publish a list of IP address that we know and safe and we can trust
2, why does Sangoma Connect add entries to local Freepbx server firewall as trusted
3, Should we just disable the module or is required to be run.

1. The list of Sangoma Connect IP addresses that need inbound SIP access is here: https://wiki.freepbx.org/display/CONNECT/Technical+Details+and+Limitations#TechnicalDetailsandLimitations-FirewallSettings

2. They are added as trusted because that is the only Zone known to have access to PJSIP. If you’ve defined the Local Zone (or any other firewall zone) to have PJSIP access, you can manually change the zone to Local.

3. If you are not using Sangoma Connect, you can disable the module. You may have to remove the firewall entries manually.

Hi Vasman,
1- Those IP are part of the SC cloud services that your PBX need to connect to. That’s why they are added to your firewall networks as trusted as well. List of IP -> https://wiki.freepbx.org/display/CONNECT/Technical+Details+and+Limitations (firewall settings)

2- They are automatically added since the module needs them to work with push notifications. SC use these cloud services as ‘proxies’ to get to SC clients.

3- If you are not planning to use it, yes you can just disable it. In fact, on latest releases the module is not enabled by default.

Have a nice one.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.