I have remote phones that are continually blocked by the firewall whenever there is a power outage. When I delete the auto defense they reconnect. All phones are provisioned with mac address but continue to get blocked. I would think that if the mac address is entered to allow them through they would always be allowed to connect no matter what inbound ip address they come from. Any suggestions to stop this from happening?
6 comments
-
Eric Jiang Hi Gary,
I think the best way is to whitelist the public IP of the phones in the PBX firewall.
-
John Dow Have you check Register Remotely in Extention -> Advanced?
-
Gary Thank you for the comments, I feel like you should be able to take the phone anywhere with internet and it should work without having to whitelist the ip address. As far as register remotely in advanced yes these are turned on. Like I said they register just fine after I clear the auto defense in the firewall until a power outage and they try to re-register then they get blocked again.
-
Eric Jiang If there are many phones that share one public IP address when power recover the PBX will receive a lot of requests from one public IP and regard that as an attack, you can whitelist the public IP in this case.
If you take one or just some phones to other places the amount of the request will not trigger the auto defense rules I believe.
-
Gary That makes sense, I will have to look into a dynamic ip. Thank You
-
John Dow Almost all Yealink or Grandstream phones have a built-in VPN client, I would implement such a scheme. You can also use Linkus. If you don't use the cloud, it's free.