Firewall Rules
We strongly recommend you to enable and configure firewall on the PBX to prevent the attack fraud or calls loss.
Enable Firewall on the PBX
Go to Enable Firewall.
, check the optionIf firewall is enabled, the page will show "Firewall is running", and the firewall rules will work to protect your PBX.
Firewall Rules
Firewall rules are pre-configured rules to control and filter traffic that are sent
to the PBX. Yeastar S-Series VoIP PBX has default firewall rules to accept access
of your local network. You can also create new rules according to your needs.
- Default firewall rules
-
By default, the following types of IP address or domain are included in Yeastar S-Series VoIP PBX firewall rules:
- Local network
- 10.0.0.0/255.0.0.0
- 172.16.0.0/255.240.0.0
- 192.168.0.0/255.255.0.0
- 169.254.0.0/255.255.0.0
- Domain related with Yeastar
- appcenter.yeastar.com
- update.yeastar.com
- mgt.yeastar.com
- stund.yeastar.com
- cwmp.yeastar.com
- lcstunnel.yeastar.com
- image.yeastar.com
- IP address of phones that are auto provisioned
- Local network
- Create firewall rules
- Besides the default firewall rules, you can create other rules to filter specific source IP address or domain name, ports, MAC address.
Additional Firewall Settings
The PBX provides additional firewall settings to enhance the system security.
- Disable Ping: The PBX will disable Ping response (ICMP echo).
- Drop All: The PBX will drop all the packets and
connections from other hosts except the accepted/trusted IP address/domain that
is defined in the firewall rules.Note: We recommend that you create a backup on the PBX before you enable Drop All.