Jump to content

Securing the PBX


Recommended Posts



Following on from getting a number of external blocked IPs that I can't explain I'm looking to lock down our PBX as much as ppossible. I have outbound proxy addresses in place for all trunks, limited inbound access on the trunks to our ITSPs address, and am locking accounts to fixed IPs for the phones.


What I can't work out is how to block access to the PBX so that anything outside our local subnet and the trunks has no access. I've set the access to allow for 192.168.x.0/24 to allow, but unsure what to do to block all others. I'm assuming something like but not 100% sure and didn't want to lock myself out of the PBX!




Link to comment
Share on other sites

The way the PBX processes the list is by the netmask. It searches the more special entries first. So if you specify /0 netmark, this entry is processed last. So if you want to blacklist everything as a general rule, thats file. Just make sure that the subnet where you are coming from is already there when you add the general rule. If you screw it up, you can still go to the file system, remove the last added rule and restart the system.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Create New...