FreePBX Remote Extension Problems
-
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
With that Yealink I'm pretty sure you can limit communication over SIP to just the Asterisk server. I think it is the security section.
That's not where the security concern is, though. It's the other way, you want to limit it on the PBX. That people can use your handset for other things really doesn't matter.
Wouldn't that also prevent these calls from coming in or am I missing the point?
-
@coliver said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
With that Yealink I'm pretty sure you can limit communication over SIP to just the Asterisk server. I think it is the security section.
That's not where the security concern is, though. It's the other way, you want to limit it on the PBX. That people can use your handset for other things really doesn't matter.
Wouldn't that also prevent these calls from coming in or am I missing the point?
Phones reach out to the PBX, not the other way around. It's a one way thing. Like a browser to a web server, exactly the same. The phones are never the servers.
-
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
-
@coliver said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
I guess I might have the wrong end of the stick... are the phones getting calls that are NOT from the PBX? Rather than the PBX having anonymous calls routed through it?
-
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
With that Yealink I'm pretty sure you can limit communication over SIP to just the Asterisk server. I think it is the security section.
That's not where the security concern is, though. It's the other way, you want to limit it on the PBX. That people can use your handset for other things really doesn't matter.
The problem is the calls are being made directly to the device, circumventing the PBX completely... I'm getting odd extensions like 10001 and 1001 ringing the phone constantly.
I found an option in the devices configuration for IP calling that was enabled. So far (fingers crossed) since disabling that the problem has stopped.
For anyone else experiencing the issue, the option is:
Yealink WEB UI > Features tab > General Information Page > "Allow IP Calling"
Set the above to Disabled and confirm changes.
-
@RamblingBiped said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
With that Yealink I'm pretty sure you can limit communication over SIP to just the Asterisk server. I think it is the security section.
That's not where the security concern is, though. It's the other way, you want to limit it on the PBX. That people can use your handset for other things really doesn't matter.
The problem is the calls are being made directly to the device, circumventing the PBX completely... I'm getting odd extensions like 10001 and 1001 ringing the phone constantly.
I found an option in the devices configuration for IP calling that was enabled. So far (fingers crossed) since disabling that the problem has stopped.
For anyone else experiencing the issue, the option is:
Yealink WEB UI > Features tab > General Information Page > "Allow IP Calling"
Set the above to Disabled and confirm changes.
Sorry, I had misunderstood. Yes, disabling IP calling would likely solve the issue.
-
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
I guess I might have the wrong end of the stick... are the phones getting calls that are NOT from the PBX? Rather than the PBX having anonymous calls routed through it?
Exactly. It seems that there are scripts running constantly looking for open sip ports on public IPs. When they find them they attempt to make calls directly to the IP hoping to uncover an avenue of exploitation.
-
@scottalanmiller said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
With that Yealink I'm pretty sure you can limit communication over SIP to just the Asterisk server. I think it is the security section.
That's not where the security concern is, though. It's the other way, you want to limit it on the PBX. That people can use your handset for other things really doesn't matter.
The problem is the calls are being made directly to the device, circumventing the PBX completely... I'm getting odd extensions like 10001 and 1001 ringing the phone constantly.
I found an option in the devices configuration for IP calling that was enabled. So far (fingers crossed) since disabling that the problem has stopped.
For anyone else experiencing the issue, the option is:
Yealink WEB UI > Features tab > General Information Page > "Allow IP Calling"
Set the above to Disabled and confirm changes.
Sorry, I had misunderstood. Yes, disabling IP calling would likely solve the issue.
Yep, seems to have fixed the issue. However, I do find it kind of odd that FreePBX GUI has an option for defining a specific port number for an extension that basically does nothing...
Either way, problem resolved! Thanks to @coliver for pointing me in the right direction. I had initially looked through the configuration and not found the BURIED option that I was needing.
-
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
I guess I might have the wrong end of the stick... are the phones getting calls that are NOT from the PBX? Rather than the PBX having anonymous calls routed through it?
That's how I read it. But that brings up another issues, shouldn't the registration process prevent this from happening?
-
@coliver said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
I guess I might have the wrong end of the stick... are the phones getting calls that are NOT from the PBX? Rather than the PBX having anonymous calls routed through it?
That's how I read it. But that brings up another issues, shouldn't the registration process prevent this from happening?
No registration used when there is no PBX involved.
-
@mlnews said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
I guess I might have the wrong end of the stick... are the phones getting calls that are NOT from the PBX? Rather than the PBX having anonymous calls routed through it?
That's how I read it. But that brings up another issues, shouldn't the registration process prevent this from happening?
No registration used when there is no PBX involved.
So the phone was just accepting all SIP requests. Glad you fixed it @RamblingBiped .
-
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
-
@coliver said in FreePBX Remote Extension Problems:
@mlnews said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@coliver said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
The caller is not originating from our FreePBX instance, and is spamming the device directly.
Wouldn't that seem to indicate that blocking all traffic but the SIP traffic from the PBX would resolve the issue of unsolicited calls?
I guess I might have the wrong end of the stick... are the phones getting calls that are NOT from the PBX? Rather than the PBX having anonymous calls routed through it?
That's how I read it. But that brings up another issues, shouldn't the registration process prevent this from happening?
No registration used when there is no PBX involved.
So the phone was just accepting all SIP requests. Glad you fixed it @RamblingBiped .
Yeah, that's actually pretty standard. You can just throw a bunch of phones on a network and dial each other via IP. No one does it, but nearly all phones support it out of the box.
-
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Well that sucks. Look for a setting called something like "Anonymous SIP".
-
@scottalanmiller said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Well that sucks. Look for a setting called something like "Anonymous SIP".
How about "Allow SIP Trust Server Only"?
-
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Is there a direct number associated with the phone that they could be calling directly instead of routing to it?
-
@wirestyle22 said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Is there a direct number associated with the phone that they could be calling directly instead of routing to it?
No, I've actually got the DID/inbound route for dialing the phone directly tied to a Ring Group that rings a pair of phones; that is one of the reasons I know it is being dialed directly.
-
@wirestyle22 said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Is there a direct number associated with the phone that they could be calling directly instead of routing to it?
Not only that but a DID would most likely be going through the PBX.
-
@RamblingBiped said in FreePBX Remote Extension Problems:
@scottalanmiller said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Well that sucks. Look for a setting called something like "Anonymous SIP".
How about "Allow SIP Trust Server Only"?
That sounds good.
-
@wirestyle22 said in FreePBX Remote Extension Problems:
@RamblingBiped said in FreePBX Remote Extension Problems:
Aaaaaand I just received another call from some random extension.
Problem un-resolved.
Is there a direct number associated with the phone that they could be calling directly instead of routing to it?
A DID points to the PBX and is stripped out before going to the phones. DIDs don't pass through the PBX.
