• V20: 3CX Re-engineered. Get V20 for increased security, better call management, a new admin console and Windows softphone. Learn More.

3CX v12 Security - Blacklist/Whitelist

Status
Not open for further replies.

west3

Joined
May 14, 2012
Messages
2
Reaction score
0
Hi,

Is there a way to whitelist my 2 x VOIP Provider IP addresses and blacklist everything else?
I have no external extensions (just LAN based)
I have seen the 3CX doco on blacklist/whitelist.

Also - Is order of rules important?
 
It sounds like a job for a router/firewall. If you did come up with something that blocked all, and other than 255 blacklists starting with 1.0.0.0 up to 255.0.0.0 with the appropriate subnet masks, I'm not sure how that would be accomplished. You would then have to become become more specific when it came to the IP that your provider uses.

If you did a blanket blacklist, I'm not certain that a whitelist will make it through, or if the order makes a difference, as it does in the outbound rules. But you can certainly try and report back.

3CX does a pretty good job of blacklisting anyone that tries to get way with anything falling outside the parameters that you have set. I've found that there have been about 20 IP's that I've had to change from a 250,000 second blacklist to permanent. You can have an email send when an IP is blacklisted so you don't have to keep going in and checking.

There is vigilant, and then there is paranoid. Just be sure that all passwords are extremely difficult to "guess".
 
Thanks Leejor,

My router for some reason doesn't have the feature set to restrict incoming...
I'm experiencing some call quality issues already on this new system and fear it is all the extra traffic generated by failed attempts to hack in. If I can block it, the they will eventually give up (hopefully).
My real question was - If I add whitelist entries - By definition (AFAIK) that makes everything else "blacklisted". Not sure if that is 3CX's implementation though.
 
If hackers are getting as far as the PBX then you should have logs showing the attempts. If someone is just "hitting" your router, not a VoIP call (port 5060) attempt, then your router would have to be set-up to take care of that.

From my experience, If i whitelist an IP or range, then even if there are failed registration attempts, it will not be added to the blacklist. I whitelisted my internal network a while back as some ATAs were being blacklisted for failed authentication, which should not have been happening.
 
Status
Not open for further replies.
Get 3CX - Absolutely Free!

Link up your team and customers Phone System Live Chat Video Conferencing

Hosted or Self-managed. Up to 10 users free forever. No credit card. Try risk free.

3CX
A 3CX Account with that email already exists. You will be redirected to the Customer Portal to sign in or reset your password if you've forgotten it.