IP going automaticlly to an sip-auth-ip chain

Status
Not open for further replies.

Roiboi

New Member
Mar 29, 2023
4
0
1
26
Hey All,
When i try to connect phones they are going automatically to the sip-auth-ip chain.
i dont know what causing this but my configuration is :
External ip as domain
Pfsense after the server.
 

whut

Member
Dec 23, 2022
228
22
18
ip address as a domain is a big security risk and overall is not allowed. Create a domain name and try again. newcustomer.roiboi.com where roiboi.com is the URL of the server with active ssl certificates installed, and newcustomer is the domain name of the customer (or your test domain).

You could create a Customers ACL with default of deny and add the cidr notation ip address of the customer to this ACL. Make sure to reload ACLs on sip status page after making any acl changes. But do not use IP address based url and domains. Always use a fully qualified domain name.

You will also want to delete the customer's ip addresses (or your ip addresses in test case) from the event guard page. Also check ip tables and remove any incorrect entries that have been blocked there if removing from event guard application did not remove the ip tables entries. You could expect to still have ip tables entries if fail2ban is adding the entries to ip tables.

I would also check the fail2ban jail configuration for the findtime, bantime, maxretries in the sip-auth-ip chain jail. This jail will be disabled in a newer installation in favour of event guard controlling the banning for that jail.
 
Status
Not open for further replies.