Firewall
Description and configuration of Firewall rules in MikoPBX
Last updated
Description and configuration of Firewall rules in MikoPBX
Last updated
The Firewall in MikoPBX is an interface for configuring the system's firewall. Here, administrators can create and manage network traffic filtering rules, controlling access to MikoPBX and protecting it from unauthorized access and network threats. Configuring the firewall ensures the security of the telephone system, preventing potential attacks and ensuring stable operation in the organization's network infrastructure.
In MikoPBX, all local subnets can be described in the "Network and Firewall" → "Firewall" section. The firewall is designed to restrict access to the station by traffic type and subnets.
To add a new rule, you need to click on the button:
You can give the rule any custom name. To the right of the subnet address, there is a field for Subnet Mask in CIDR format.
SIP&RTP - registration of phones and voice traffic. Session Initiation Protocol is used for establishing connections between VoIP phones.
WEB - access to the administrative interface for configuring the PBX. SSH - root access to the system.
SSH (Secure Shell) allows accessing the MikoPBX console.
AMI - access to Asterisk Manager API via telnet. Asterisk Manager Interface (AMI) provides access to Asterisk via TCP/IP protocol.
AJAM - access to Asterisk Manager API via HTTP or HTTPS.
ICMP - communication check using the 'ping' command.
CTICLIENT - connection of the telephony panel 2 for 1C.
Each subnet has a flag 'Is it a VPN or a local network'. When this flag is set, MikoPBX will present itself as a local IP to all local subnets instead of external ones.
The flag 'Never block addresses from this network' should be enabled only for trusted subnets. If this flag is enabled, intrusion prevention rules will not apply to this subnet
