Musarano Posted July 15, 2019 Report Posted July 15, 2019 Hi. This is also what i have in windows firewall, if you can give us an advice on this too, we will appreciated it !! We are also using RDPGuard windows app software, to try to block some more attacks too. Hope this helps. -M Quote
Musarano Posted July 15, 2019 Report Posted July 15, 2019 Hi The two of the list are for the VodiaPBX Firewall i have as settings. Quote
Vodia PBX Posted July 16, 2019 Report Posted July 16, 2019 I would just whitelist the pbxctrl.exe with the Windows firewall. Then you don't have to list each separate port. While you are on it, I would delete the FTP port (unless you want to use Polycom phones in the LAN) and possible also delete the TFTP port unless you want to use option 66 in the LAN. Quote
Musarano Posted July 18, 2019 Report Posted July 18, 2019 Thank You Sup! One more question: By having a domain name instead of the localhost, will i be avoiding this kind of attacks from passing forward vodia and at the same time WEBRTC keep working still? Thank You Quote
Musarano Posted July 18, 2019 Report Posted July 18, 2019 I also mean, im having this kind of attacks and many other combination of it now : <sip:a'or'3=3--@localhost> <sip:00148223071956@localhost> But i have an IVR not allowing to go directly to a far end extension to make someone getting crazy there. Extensions are behind another remote PBX, im using Pattern and CallerId Pattern together to make the webrtc call be responded unless it comes directly from the webpage. (i presumed), so i wont exhaust the remote PBX available lines limitation. Will this functionality would keep going if i use a domain name other than localhost one? Thank You Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Hi, Nevermind the prev. question. im already testing the modality. One question i have is, that after i created a new Domain+Account+Extension, This is how it looks at the rightmost side under VMail+Status after Default2 1 (Warning Logo) HTTP I been looking all over the configs but not luck yet. Any ideas? Thank You Quote
Support Posted July 22, 2019 Report Posted July 22, 2019 That means they override a default value. You might have set another password atop of the default one. Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Thank You. I havent been able to locate that default value, that i have no idea where can that be I did the same to other accounts under extensions, and that hasnt show to the rest of them. Only this one in particular.. All using the same dialPlan and same Trunk. Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 if i can be provided with a hint, for what to look or where to look? Will be greatly appreciated. Scenario: I did created a new Domain, with same information as the localhost content had. Once i done with each domain, i deleted the previous one. I created a defaultxxx new dialplan, and applied to the new Trunk and its account extensions All other Account/extensions were identical created and modified, but only that one in part is giving me the HTTP Warning. Should i delete the whole account or renamed? Thank You Dalton Quote
Support Posted July 22, 2019 Report Posted July 22, 2019 Your license does say "webRTC support" on it on this page /reg_status.htm right? Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Correct. i have the hosted version. Additional license information: Domains: 3/1000, Calls: 0/1000, Alerts: 0/0, Adhoc Recording, CSTA, Lync Connectivity, UHLL support, CRM support, WebRTC support, Barge, Listen, Whisper, Trunk Accounting, Prepaid, Automatic Recording, Fax2Email Quote
Support Posted July 22, 2019 Report Posted July 22, 2019 In that case, can you send us the http login for your PBX. We will test it here. Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Oh Sorry, i didnt open a new case/post/thread The section that is doing this weird thing is not in Trunks, but in Extensions. Thats where the warning is poping up. WEBRTC is working like a Charm. But i never seen this warning before.. I could try to delete it and recreate later tonite.. and get back to you. unless you think something else is causing this behavior. There is no signs yet, of secondary effects because of this... But i will love to get rid of any Flag causes like this one. -M Quote
Support Posted July 22, 2019 Report Posted July 22, 2019 What do you mean the extensions are causing issues? Can you please elaborate or attach screenshots if you can? Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Im reffering to the status of the stations bellow, where all of them were created the same way, and all of them are using the same Trunk and Dial Plan. No really an idea what could be causing the "Default2 % ^ HTTP" situation of flag. Can you address me where to look for it? Or where to look, to find out what could be showing this up? Thank You! -M Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Hi, and in another kind of matter under same theme. This line here bellow, should i answer "Yes" to agree with the question? or leave it in NO(Default), to make it like no, do not accept it... I ask, because, for me is a little confuse Don't accept SIP routing changes in dialog YesNo Thank You Quote
Musarano Posted July 22, 2019 Report Posted July 22, 2019 Humm Noticing something here. By creating another domain name other than localhost, make the WEBRTC functionality stop from working when hitting Make a Call button? Because, i did this and what used to work stopped from working..(localhost) and now, neither the newest created domain+webrtc or localhost works. I had a SSL that pointed to that server where Vodia is running, and there was the localhost domain created. Do i need to do something else, or need a different kind of SSL Certificate? Thank You Quote
Musarano Posted July 23, 2019 Report Posted July 23, 2019 Sorry, and nevermind. For the Previous last post : (Moderator, you can delete this two last posts) prev & this one. The XIAOMI MI MAX 3, where testing this time, was set to default MI Browser.. Nothing related to VodiaPBX! Thank You! Quote
Musarano Posted July 23, 2019 Report Posted July 23, 2019 15 hours ago, Musarano said: Hi, and in another kind of matter under same theme. This line here bellow, should i answer "Yes" to agree with the question? or leave it in NO(Default), to make it like no, do not accept it... I ask, because, for me is a little confuse Don't accept SIP routing changes in dialog Yes No Thank You Morning.. any comments on what would be the implications on this? I found not much info for this particular item. Thank You Quote
Musarano Posted July 24, 2019 Report Posted July 24, 2019 On 7/22/2019 at 5:26 PM, Musarano said: Im reffering to the status of the stations bellow, where all of them were created the same way, and all of them are using the same Trunk and Dial Plan. No really an idea what could be causing the "Default2 % ^ HTTP" situation of flag. Can you address me where to look for it? Or where to look, to find out what could be showing this up? Thank You! -M This has been fixed by, disabling the account and after that, deleted, then re-created the same account. The warning never showed back again. Thank You -M Quote
Vodia PBX Posted July 24, 2019 Report Posted July 24, 2019 The warning sign tells you that the HTTP password is not secure. Just set a good password... Quote
Musarano Posted July 24, 2019 Report Posted July 24, 2019 Thank You.. for the information G-M. Will keep this information for future use.. One question? Is it a post/thread where the fail-over discussion is taking place, so i can join it to set this feature and another VodiaPBX instance for redundancy? Thank You -M Quote
Vodia PBX Posted July 24, 2019 Report Posted July 24, 2019 12 minutes ago, Musarano said: Is it a post/thread where the fail-over discussion is taking place, so i can join it to set this feature and another VodiaPBX instance for redundancy? Just open a new one - does not cost anything Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.