All the PBX service statuses and ports are displayed on the security Service page.

Go to Settings > System > Security > Service to configure the service settings.

Option Description
Auto Logout Time (min) After the set time of inactivity, the session will automatically log out. The default time is 15 minutes.
Web Login Mode Users can log in the web interface with extension number, email address or both.
  • Extension: Use an extension number as the username to log in.
  • Email: Use an email address as the username to log in. The email address is associated with extension number.
  • Users are not allowed to log in web interface if neither Extension nor Email is checked.
  • The super administrator can always log in the web interface by the username "admin".
System Security Level Select a system security level to change the TLS and SSL protocol version. The default value is High Level.
  • High Level: The system only supports TLS 1.2 protocol.

    TLS 1.0, TLS 1.1, TLS 1.3, SSL 2.0, and SSL 3.0 protocols are not supported.

  • Low Level: The system supports TLS 1.0, TLS 1.1, TLS 1.2, and SSL 3.0 protocols.

    SSL 2.0 and TLS 1.3 protocols are not supported.

Allow Weak Password By default, strong password is required for Extension Registration Password and Extension User Password.

If weak password is enabled, the PBX will allow a weaker password to be configured.

Note: Reconsider it before you enable Weak Password. A weak password will make your PBX system easily be attacked by brute force methods.
Protocol Select the web protocol. The default web protocol is HTTPS.
Port Select the web port. The default port is 8088.
Note: The port 8090 is reserved port which can't be assigned.
Redirect from port 80 If the option is enabled, when you access the PBX using HTTP with port 80, it will be redirected to HTTPS with port 8088.
Certificate Select a certificate for HTTPS. The default is None.
Web Access Control Set which IP address is allowed to access the PBX.
  • Local Network Only: Only the devices in the following network segments can access the PBX.
  • Permitted IP/Subnet Mask: Only the specified IP address or network segment can access the PBX.
  • No Limitations: All the IP addresses are allowed to access the PBX.
Enable SSH SSH port is used to access the PBX underlying configurations to debug the system. The default SSH port is 8022.
Note: Disable SSH port if you don't need to debug the system.
Enable FTP With FTP service, you can connect to PBX via web browser. The default FTP port is 21.
Enable TFTP Whether to enable TFTP or not.
IAX Port The IAX port. The default IAX port is 4569.
SIP UDP Port SIP registration port. The default SIP UDP port is 5060.
Enable SIP TCP Whether to enable SIP TCP or not. The default port is 5060.
Enable SIP TLS Whether to enable SIP TLS or not. The default port is 5061.
DHCP Server
Enable DHCP Server

If the option is enabled, PBX will act as a DHCP server. This feature is used when you do phone provisioning through DHCP mode.

Gateway Enter the gateway IP address.
Subnet Mask Enter the subnet mask. The format is XXX.XXX.XXX.XXX.
Preferred DNS Server Enter the preferred DNS server. The format is XXX.XXX.XXX.XXX.
Alternate DNS Server Enter the alternate DNS server. The format is XXX.XXX.XXX.XXX.
DHCP Address Range Set the IP address that the DHCP server can assign to network devices. Start IP address is on the left and end IP on the right.
TFTP Server This option is for Phone Provisioning feature. IP phones can get configuration file from this address.
  • For Grandstream, Panasonic and Avantec phones, enter the PBX’s IP address. The format is XXX.XXX.XXX.XXX. For example, enter
  • For other IP phones, remember to specify the protocol. The format is tftp://XXX.XXX.XXX.XXX. For example, enter tftp://
NTP Server The PBX can be a NTP server. By default, it is the PBX’s IP address.

The Asterisk Manager Interface (AMI) is a system monitoring and management interface provided by Asterisk. The 3rd party software can work with the PBX by AMI interface. The default port for AMI interface is 5038.

Enable AMI Whether to enable AMI interface or not.
Username Specify a name for the AMI user.
Password Specify a password for the user to connect to AMI.
Permitted IP/Subnet Mask Configure permitted IP address and subnet mask that would be allowed to authenticate as the AMI user. If you do not set this option, all IP addresses will be denied.