Problem: After attempting to add an IP range (xxx.xxx.0.0/16) to FreePBX firewall whitelist, the entire system became inaccessible via web GUI. Apache2 service fails to start with error “Cannot define multiple Listeners on the same IP:port”. Phone calls continue to work normally (Asterisk core unaffected).
Environment:
-
FreePBX 17 on Debian 12
-
Installed via official GitHub installation script
-
Commercial System Admin module installed
Symptoms:
-
Cannot access FreePBX web GUI
-
systemctl start apache2fails -
Error in logs: “AH00526: Syntax error on line 15 of /etc/apache2/ports/ports.conf”
-
Error: “Cannot define multiple Listeners on the same IP:port”
Root Cause: FreePBX’s automatic configuration regeneration (triggered by firewall changes) incorrectly appends a duplicate “Listen 80” entry to /etc/apache2/ports/ports.conf instead of replacing the existing configuration. This appears to be a bug in FreePBX 17’s Debian 12 integration.
Solution:
- Verify the problem:
cat /etc/apache2/ports/ports.conf
Remove one of the duplicate “Listen 80” lines (keep the first one, delete any duplicates).
- Start Apache:
systemctl start apache2
systemctl status apache2
- Verify GUI access: Navigate to
http://your-server-ip/admin
Prevention:
-
Avoid using FreePBX’s built-in firewall interface for IP blocking
-
Use
iptablesdirectly for IP range blocking instead: -
iptables -I INPUT -s xxx.xxx.0.0/16 -j DROP
Note: This issue appears to be specific to FreePBX 17 on Debian 12 and is likely related to the systemd-networkd vs networking.service conflicts in this environment. The problem occurs because FreePBX’s configuration regeneration process gets confused during network changes and creates duplicate port configurations instead of replacing them properly.
Credit: Issue resolved through community troubleshooting. This is a FreePBX 17 bug, not user error.