i have sucessfully configured dynamic based firewall, can access dialer with the hidden 81/asdasdad.php link only. but how can i secure SIP? it registered even without adding IP.. is it possible sip registers for only those who add their ip using dynamic :81/ link.
@@striker24x7 how to do it, please guide. It will be a huge favor currently the sip port is 7777 Waiting for your answer, kindly provide me the command to enter.
i have tried changing the port back to 5060, restarted server again, then again, with a new ip, web is not accessible , but sip is registering on a new ip without whitelisting it with default port 5060. please guide,.
Can you create video on port 5060. Some ISP block 5060 Port , then sip phone not registering but I seem some Dialer provider their DIALER working perfectly . How it can be possible can you guide me ? How to Bypass 5060
This depends on 2 different scenarios, 1st if only 5060 is blocked you can change it from services=> SIP , or if protocol is blocked, you need masking between server and clients
shit, I blocked myself from the admin page. My IP is not in the whitelist and I am not able anymore to visit the admin page. Do you know how to disable the whitelist in the vncviewer. Would be such a big help. The dynaportal opens and I can type in User and password. But problem is, although I typed in 6666 and the password, I get validated and then redirected to the phone log in. But in your video after typing in 6666 and your password you won´t get directed anywhere and you can visit the admin page without problem. So please help me btw I have vicibox 10.0.1
have followed this link for vicibox 10 www.striker24x7.com/2022/03/vicibox10-dynamic-portal-configuration-dynamic-ip-list.html in console type ipset --list -- check your IP is listed in respective IP set name
@@striker24x7 Thanks for your respond. After typing ipset list I could see that my IP is listet in dynamiclist but I still can´t visit the admin page. "Your IP Adress is not allowed: XX.XXX.X.XX: 6666 IPBLOCK. I will try your tutorial from the linke above now
@@striker24x7 I followed your tutorial you have linked above but still I dont get access to the admin page. I am 100% sure I did not enable the ipblacklist. I need a method to disable the whitelist via console or a method to put my ip adress manually into the whitelist via mysql
sed -i.orig 's/badips/blackips/g' /usr/local/bin/VB-firewall.pl sed -i 's/badnets/blacknets/g' /usr/local/bin/VB-firewall.pl sed -i 's/viciblack/ViciBlack/g' /usr/local/bin/VB-firewall.pl
Thank you, been needed this.
Thanks Alot, Thats why i always admire you. keep it up!!!
this was much needed..... thanks
EXACTLY WHAT I NEED!
excelent sir...
very helpfull video
excelente!!
me puedes ayudar a poner seguridad a mi servidor pnx vicidial 10
One more question if we have cluster with webphone (1DB, 1Web, 2 Asterisk server) then we have to do this on only webserver?
Yes only webserver you have do configuration like campaign users phones
Shall the same steps be used for vicibox 7? Will the patch commands work for vicibox 7 as well?
i think it wont work.
Hi, I have enabled Allow IP List but after I went to Admin>IP List, there's no ViciWhite and ViciBlack there
If not there create it with same name
i have sucessfully configured dynamic based firewall, can access dialer with the hidden 81/asdasdad.php link only.
but how can i secure SIP? it registered even without adding IP.. is it possible sip registers for only those who add their ip using dynamic :81/ link.
i have changed my sip port
@@subkiisp7744 the rules are only for port 5060 , if you have changed the sip port then u need to update in iptables rules.
@@striker24x7 how to do it, please guide.
It will be a huge favor
currently the sip port is 7777
Waiting for your answer,
kindly provide me the command to enter.
Something like which allow sip only authorized ips by dynamic portal.
i have tried changing the port back to 5060, restarted server again, then again, with a new ip, web is not accessible , but sip is registering on a new ip without whitelisting it with default port 5060. please guide,.
Not seeing IP List option on my vicibox 9 install
Make sure ip list enabled insystem settings or server
Reload once the screen
is the patch for firewall will work with vicibox 8? i cannot see public on firewall
Sorry i not used vicibox 8
Can you create video on port 5060. Some ISP block 5060 Port , then sip phone not registering but I seem some Dialer provider their DIALER working perfectly . How it can be possible can you guide me ? How to Bypass 5060
This depends on 2 different scenarios, 1st if only 5060 is blocked you can change it from services=> SIP , or if protocol is blocked, you need masking between server and clients
shit, I blocked myself from the admin page. My IP is not in the whitelist and I am not able anymore to visit the admin page. Do you know how to disable the whitelist in the vncviewer. Would be such a big help.
The dynaportal opens and I can type in User and password. But problem is, although I typed in 6666 and the password, I get validated and then redirected to the phone log in. But in your video after typing in 6666 and your password you won´t get directed anywhere and you can visit the admin page without problem. So please help me
btw I have vicibox 10.0.1
In console type ipset list
have followed this link for vicibox 10
www.striker24x7.com/2022/03/vicibox10-dynamic-portal-configuration-dynamic-ip-list.html
in console type
ipset --list -- check your IP is listed in respective IP set name
@@striker24x7 Thanks for your respond. After typing ipset list I could see that my IP is listet in dynamiclist but I still can´t visit the admin page. "Your IP Adress is not allowed: XX.XXX.X.XX: 6666 IPBLOCK.
I will try your tutorial from the linke above now
Seems u enabled ip blacklist
Remove ur ip from viciblack or disable ipblaclist from system sertimgs or server settimgs
@@striker24x7 I followed your tutorial you have linked above but still I dont get access to the admin page. I am 100% sure I did not enable the ipblacklist. I need a method to disable the whitelist via console or a method to put my ip adress manually into the whitelist via mysql
sed -i.orig 's/badips/blackips/g' /usr/local/bin/VB-firewall.pl
sed -i 's/badnets/blacknets/g' /usr/local/bin/VB-firewall.pl
sed -i 's/viciblack/ViciBlack/g' /usr/local/bin/VB-firewall.pl
thanks venkat, corrected now, msword copy paste issue.