Today we reviewed my firewall networks, we found 7 ip addresses added to my firewall relating to Sangoma Connect. We do have a two licensed Zulu accounts. which work fine with or without Sangoma Connect. At the same time we are also now seeing and lot of fail2ban notifications from the usa, Israel, and Ukraine since the update added these to our firewall settings. I’m more inclined to add UWF and define who can come in and ban the rest.
So the question I ask
1, do you publish a list of IP address that we know and safe and we can trust
2, why does Sangoma Connect add entries to local Freepbx server firewall as trusted
3, Should we just disable the module or is required to be run.
They are added as trusted because that is the only Zone known to have access to PJSIP. If you’ve defined the Local Zone (or any other firewall zone) to have PJSIP access, you can manually change the zone to Local.
If you are not using Sangoma Connect, you can disable the module. You may have to remove the firewall entries manually.