Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

AWS Lightsail Advanced Firewall Settings

Discussion in '3CX Phone System - General' started by Andyshawn, Jan 12, 2019.

  1. Andyshawn

    Joined:
    May 1, 2018
    Messages:
    38
    Likes Received:
    6
    I've been playing with 3CX on AWS Lightsail, but the firewall settings that I have access to is limited. I would like to be able to allow access not only by ports, but also by source IP.

    Does anyone know if this is possible?

    I like the fixed pricing model, but it seems a bit too restricted and I'm a bit of an advanced user, so I was just wondering if anyone else have this same issue?
     
  2. cobaltit

    cobaltit Well-Known Member

    Joined:
    Mar 22, 2012
    Messages:
    1,773
    Likes Received:
    278
    If you are an advanced user then go do AWS which is what was designed for advanced users. Lightsail is named that for a reason. You don't mention what you want to restrict access to (console, SIP, etc) but if you really must push the envelope you can do advanced things like iptables and edit the nginx config.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. Andyshawn

    Joined:
    May 1, 2018
    Messages:
    38
    Likes Received:
    6
    I have several 3CX instances running on AWS, but Lightsail offers additional saving as they have a couple instance type that you can choose from which looks pretty attractive for a couple small client deployment.

    https://www.3cx.com/blog/news/host-pbx-phone-system-amazon-lightsail/

    When i create regular AWS instances, you have security group and this allows you to allow access to certain IP address on specific ports, 5060 for example. However, in AWS Lightsail you either Allow ALL or Block ALL, so i was just wondering if anyone found a workaround solution to this?
     
  4. cobaltit

    cobaltit Well-Known Member

    Joined:
    Mar 22, 2012
    Messages:
    1,773
    Likes Received:
    278
    The work around is a full AWS instance. It's pretty clearly covered in the product descriptions.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Lee Cramman

    Lee Cramman New Member

    Joined:
    Jul 9, 2018
    Messages:
    184
    Likes Received:
    21
    I suppose you could mess around with iptables if you want to get your hands dirty...

    Or go for Google... Yes, it's more expensive but the first year is effectively free.

    edit: I've just checked out the difference in cost between Lightsail and AWS. It doesn't look to me like Lightsail is much of a saving... so, as suggested, just go for an AWS instance.
     
    #5 Lee Cramman, Jan 14, 2019
    Last edited: Jan 14, 2019