Dismiss Notice
We would like to remind you that we’re updating our login process for all 3CX forums whereby you will be able to login with the same credentials you use for the Partner or Customer Portal. Click here to read more.

Restricting inbound traffic

Discussion in '3CX Phone System - General' started by WireDan7, Dec 20, 2017.

Thread Status:
Not open for further replies.
  1. WireDan7

    Joined:
    Oct 12, 2017
    Messages:
    3
    Likes Received:
    0
    Hello all,

    I'm hoping I can set a firewall rule that will enable me to restrict inbound traffic from the 3cx pbx public ip addresses (for ports 9000-9500) to only allow the 3cx traffic to be forwarded to my internal network.

    Having read the set up instructions it looks like 3cx have said to open this up for any and all traffic?
    https://www.3cx.com/docs/manual/firewall-router-configuration/

    Does inbound traffic come from a single IP address or is there any other way to do only allow 3cx traffic?

    Thanks for any replies,
    Dan
     
  2. eddv123

    eddv123 Well-Known Member

    Joined:
    Aug 15, 2017
    Messages:
    1,418
    Likes Received:
    187
    Hi WireDan7,

    This is for a hosted deployment or on-premise ? please confirm.

    For security purposes I would probably just use an IP Authenticated SIP trunk and only restrict inbound traffic from the providers Public IP.
     
  3. WireDan7

    Joined:
    Oct 12, 2017
    Messages:
    3
    Likes Received:
    0
    Thanks for the reply. This is on premise - I've set up the 3CX system on a virtual machine.

    Ok, I will look further into an IP authenticated SIP trunk and try to learn a bit more about those.
     
  4. eddv123

    eddv123 Well-Known Member

    Joined:
    Aug 15, 2017
    Messages:
    1,418
    Likes Received:
    187
    You can do this also for registration based providers "if" you know the IP that the calls are being sent from.

    I personally use IP authenticated as they also offers benefits of restriction of outbound calls from PBX IP as well.
     
Thread Status:
Not open for further replies.