Manualshelf

User's Manual

ManualsBrandsPLANET Technology ManualsIP PBXInternet Telephony PBX System
111112113114115116117118119120
Table Of Contents
- 106 -
IP should be the local network address instead of a single IP address.
Netmask should be the subnet mask of the network address.
The Port range determines which kind of services to be granted. In this case you may leave it blank to
grant local network all access to the IPPBX system.
Mac Address determines the action to be taken according to the Mac address of a device instead of its
IP address, it only works with devices within the same local network because Mac addresses are not
routable. In this case you are going to grant access of all the local network hosts/devices, so you may
leave it blank.
By now, Geo IP security policy should work. The private IP addresses from your local network and the public
IP addresses from the countries/regions youve selected should be able to access your IPPBX system. Other IP
addresses will all be blocked.
Common Rules can be used to configure the firewall to grant or deny an IP address or a network from
communicating with the IPPBX system. Even the service port number can be specified so it can grant or deny a
specific IP or network to access a specific service. The priority from high to low of the firewall rules is from the top
of the list to the bottom.
If you are going to grant access of some kind of services to specific IP address or network, add the grant rule/rules
first then add the deny rules. If the order of the rules is not correct you may use the arrows in the Priority column
to adjust the order of the rules.
In the above given example, the 2 rules AcceptAMI and BlockAMI limited that only the IP addresses from
network 192.168.17.0 can have AMI access. Except IP from this network others will all be denied to access. In this
case, if the AcceptAMI rule is moved beneath the BlockAMI rule, then the AMI port will be totally lockdown,
no one can access it.
If you are going to add rules to block some IP addresses from accessing some kind of services on the
IPPBX system, be sure you add the correct IP/network address (if not defined, the firewall will consider
as ALL), and the correct service port number (if not defined, the firewall will consider as ALL), otherwise
misconfiguration of a deny rule might cause the IPPBX system total lockdown, only way would be using
Console (IPX-330 and IPX-2100) or HDMI (IPX-2200 and IPX-2500) to unlock the IPPBX from command
lines.
Auto Defense will help with the prevention of DDOS attacks.