Unable to prevent ip from getting banned

firewall
Tags: #<Tag:0x00007f702690bf08>

(Volkswagner) #1

Even after adding the remote endpoint public ip to the “Trusted Networks” in the responsive firewall, it still gets banned. I suspect there is some sort of internet issue at the remote location, perhaps sending incomplete packets with the pjsip password,

Is there any definitive way to actually whitelist an IP so it NEVER gets banned?

I’m using hostname in the Firewall > Networks > “trusted zone”.
The IP gets blocked by Fail2Ban.

Is there a way to whitelist it in Fail2Ban? I’ve had Spectrum Internet out at the remote site several times and they claim there are no problems. What can I do to permanently whitelist this IP? Do I need to add a custom Firewall rule?

I’m running Distro = FreePBX 14.0.13.40


#2

Admin -> System Admin -> Intrusion Detection -> Whitelist. After making changes, click Restart.


(Volkswagner) #3

Thank you @Stewart1

I should’ve known that!

Cheers!


(Volkswagner) #4

Has the whitelist been moved?
When running FreePBX 14.0.16.4
I go to
Admin > System Admin > Intrusion Detection (I’m then redirected to “Connectivity > Firewall”).

I no longer see the whitelist option.


(David Johnson) #5

I believe its because the new firewall incorporated the whitelist and ban list into the connected intrusion detection system. You have to enable the new “whitelist” sync option to automatically add extensions that authenticate to the whitelist but I still occasionally get whitelisted IP’s banned. I opened a bug ticket in freepbx. Re: Whitelisted IP get added to Blocked list .

connectivity->firewall, intrusion tab. To enable click the sub menu on the right and then click advanced. then advanced settings. Near the bottom enable " Intrusion Detection Sync Firewall". Now you can not only auto add IP’s that authenticate properly to the whitelist, if an IP ends up o nthe ban list you can individually unban them instead of unbanning all IP’s.