I’m playing around with the FreePBX firewall to learn more about it. I installed the FreePBX Distro on EC2 and followed the wiki on firewall configuration. Things work for a time, but I keep getting locked out of the instance and want to understand why.
Any ideas on what I’m missing / doing wrong? If you need more information, please just ask.
TIA.
General outline of what I’ve been doing:
Launch new EC2 instance from an AMI (copy of new instance already configured for SIP/PJSIP)
Register FreePBX instance
System Admin Module
Add my ip to the whitelist. Hit “restart”
Firewall GUI:
Run firewall wizard
Under “Interfaces”, change “eth0” to the “Internet” zone
Under “Networks”, add my ip to “Trusted” zone (xx.xx.xx.xx/32)
Confirm “Safe mode” is enabled
Firewall CLI:
Run “fwconsole firewall list trusted” confirm my IP is trusted
Testing
Register two sip client: one from “trusted” ip and the other from mobile ip
Yes, I created a security group to grant myself access via the GUI and SSH via.
FWIW, I’m also running a 2nd instance, with an older version of FreePBX. It uses the same security groups and I’m able to connect to it via GUI and SSH just fine, no lockouts.