Trouble configuring system firewall

I recently implemented the FreePBX system firewall. It has a few bugs I can’t seem to get worked out.

  1. I need people to access the UCP from the internet. I have selected “Internet”, “local”, and “other” under UCP in services but it is not accessible via the internet. I am using the address [WAN IP:Port/UCP] to access UCP

  2. I am also seeing the error on my system status “A new, unconfigured, network interface has been detected. Please assign interface ‘eth0’ to a zone.”

I have adding eth0 to “Internet” in the settings. Am I ok to ignore this warning?

Do you have the SysAdmin Pro module? If so, I’d recommend using the DDNS services that are built in. Also, make sure that particular IP is set to ‘Internet’ zone under the Networks tab.

Thanks for the rely. I do have DDNS on and even using the DDNS address I still can’t login to UCP with the firewall on. If I disable the firewall I can login using the DDNS address.

I don’t follow on adding the IP to the internet zone. I tried adding “eth0” to the internet zone and tried the PBX’s local IP but that did not correct it. You may have to dumb it down a little for me.

You are browsing to the admin interface not the ucp interface. Check system admin for your ucp port and browse to it. You may want to set the ucp port to 80 instead of admin.

1 Like

Thanks lgaetz. That was the problem. It always worked before with the admin port, so I assumed that’s what I needed to use.

The firewall blocks untrusted access to the admin port by default which is how you want it.

Issue #2 is known issue. Fixed in latest EDGE release of Firewall 13.0.45. It will be available in GA after testing is verified by the devs, or you can enable EDGE in your advanced settings and download it early.

You can also easily upgrade individual modules from edge using fwconsole like:

fwconsole ma --edge upgrade firewall

By default, the UCP port is 81. Check any firewalls to make sure traffic is allowed to that port.