• V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

Remote Connection Log

Status
Not open for further replies.

Wayne Goldsmith

Joined
Jan 12, 2017
Messages
6
Reaction score
3
Howdy folks! 3cx sends me a notification every time a remote IP is black listed for too many unsuccessful authentications.

Where can I see a log that shows the successful remote authentications?

Thanks!
 
In the Management Console, in the "Phones" node, you can see all endpoints that are successfully authenticated (the ones in not-bold text). you an also see the IP they are authenticated from too.
 
Aha!, Ok, that's very good, thank you. Now what if I wanted to see who/what had made a successful connection over the weekend while no one is here? Is there that kind of a log available? I am just curious about this as we are getting hammered with outside IP's trying to connect to the 3cx box and it is blacklisting IP's all day. I just want to be able to verify that some outside IP didn't actually make a connection.
 
If possible - make all your clients use "the tunnel" (5090) and restrict who can connect to the server on Port 5060, via your Router. We have 1 remote location that is allowed by their Static Address - and just 3 phones. You may have SBC's deployed.
No more Blacklisted IP's in 3cx.
 
  • Like
Reactions: NickD_3CX
In general, what @craigreilly said is the best practice, To what you asked, there is not really a log of the devices that registered that is easy to read (there is always the activity log), but you could of course run a call report. If someone did manage to register, you can bet they started making calls.

You could also enable the "The registration status of an extension changes" email notification that will dispatch an email every time any extension registers/de-registers, but that may cause quite a few email coming your way that are false-positives.
 
Ah thank you both for you answers! So, to speak to Craig's suggestion to restrict access to port 5060, if I have no remote locations, can I restrict port 5060 to all? When I look in my firewall I see that the contractor has set up port 5060 as unrestricted on both TCP and UDP... and they have named the rule 3cx Phone System (SIP)... Not knowing what traffic is passed on what ports I just want to be careful about how i restrict this port!
 
I have opened 5060 to my providers IP's as well on the inbound.
I have a little traffic from Twilio and Flowroute on 5060-UDP - which are 2 of my providers, but nothing on VoIP.ms which is my 3rd in line provider.

On 5090, 9000-10999, 5061, 80, 443 (TCP) I have no source restrictions. All IP's are allowed.
 
Status
Not open for further replies.

Getting Started - Admin

Latest Posts

Forum statistics

Threads
141,405
Messages
747,492
Members
144,370
Latest member
Imperial Treasure
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.