Fail2Ban + Dynamic IP 4g + Softphone Groundwire

A

adrnandes

Member
Nov 19, 2024
32
0
6
39
Hi there,

In a scenario with FusionPBX 5.3, where there are users with Groundwire softphone, but they are being blocked by Fail2Ban when they are off the network, and using dynamic 4G IPs.

Maybe a proxy would solve the problem? If so, how could I do this?
Or adjust Fail2Ban so as not to block IPs where the username and password are correct?
Does anyone have any suggestions on how I could solve this?
I appreciate any help.
Thank you.
 
P

pbxguru

New Member
Nov 7, 2024
17
2
3
49
Before changing your solution, I would find out what is the trigger. There is no such thing as 4G IPs... What do you mean by going "off the network"? Have you checked the logs to make sure it's fail2ban blocking? Some mobile carriers are known to block SIP traffic. Also documentation says to register against FQDN and not server's IP.
 
K

koolandrew

Member
Aug 5, 2022
43
0
6
44
Go to acrobits website, find the ips they use for push messages and whitelist them. I don't know what they are offhand but I would bet that is the issue
 
A

adrnandes

Member
Nov 19, 2024
32
0
6
39
adrnandes said:
Hi there,

In a scenario with FusionPBX 5.3, where there are users with Groundwire softphone, but they are being blocked by Fail2Ban when they are off the network, and using dynamic 4G IPs.

Maybe a proxy would solve the problem? If so, how could I do this?
Or adjust Fail2Ban so as not to block IPs where the username and password are correct?
Does anyone have any suggestions on how I could solve this?
I appreciate any help.
Thank you.
Click to expand...
Hi, thanks for your reply, I had checked the logs, but I was having trouble finding the reason. But I added the Acrobis IPs to the Acl Control and also to the Fail2Ban ignore, and it seems that this resolved the problem. I will do more tests. Now when I am outside my local network, through a data carrier, my Groundwire is registering.
Thank you
 
A

adrnandes

Member
Nov 19, 2024
32
0
6
39
koolandrew said:
Go to acrobits website, find the ips they use for push messages and whitelist them. I don't know what they are offhand but I would bet that is the issue
Click to expand...
Hi,
Thank you very much for your help, it seems that the problem was solved after adding the Groundwire IPs to my Acl Control and also to the Fail2Ban ignoreip, I will do more tests.
Now I am trying to change the number dialed by the user, to an e164 format, the way my Twilio gateway expects to receive it.
Any help would be welcome.
Thank you.
 
D

dcitelecom

Member
Oct 20, 2021
153
3
18
61
I use Groundwire without issues, and you should not be whitelisting their IPs. Your problem is probably that you set Max Registrations to 1 in your extension settings, but Groundwire needs at least 2 registrations. It will sometimes register multiple times to your PBX, which will get your IP banned if this value is too low. Check your other post for the fusionpbx Regex number manipulation to Twilio format which you can probably also accomplish with Groundwire number rewriting.
 
A

adrnandes

Member
Nov 19, 2024
32
0
6
39
Hi dcitelecom,
Thanks for your suggestion. I checked the "Max Registrations" fields of my extensions, and they are blank, does that mean there are no limits?
I will do some tests, removing the Groundwire IPs from Whitelist Acl Control, and also from "ignoreip" from Fail2Ban, and see if it works.
Thank you!
 
You must log in or register to reply here.
Top Bottom