IP Block- and Allowlist
Proceed as follows:
•Using the Configuration Manager ((Seite Administration > IP block- and allowlist)
Enable IP blocklist
If traffic from a particular IP address is evaluated as being too high - and therefore probably malicious- this IP address is blocked. This means that accesses from this IP address to the PBX are initially prevented for one minute (single block by block time). The administrator is informed about the block (Monitoring > Status report). During the block time the PBX continues to monitor the traffic from this IP address. If the traffic from this IP address to the PBX continues to be too high, the single block time is extended (block time restarts).
If the number of attacks from IP addresses over the Internet exceeds a threshold, all traffic outside of the local network is blocked (global block). The local network is the network configured for the CPU (Administration > IP configuration under ETHERNET CONFIGURATION).
The administrator must then put in place appropriate measures to protect the PBX within its infrastructure (e.g. using routers or bridges).
*Note: The global block deletes all further entries (single blocks) from the blocklist.
*Note: When you open the page it first shows the status, which is automatically updated every 30 seconds.
*Important: All the entries in the blocklists are deleted when you reboot the PBX.
Network-based access attempts, such as the number of data packets per second or SIP authentication failures are monitored and evaluated.
New
IP address
Enter a new IP address in the entry fields.
IPv4 address
Four blocks separated by a dot (.).
IPv6 address
Eight blocks separated by a colon (:).
Subnet mask
Subnet mask
Four blocks separated by a dot (.).
Prefix
Digits 1 to 128.
*Note: The subnet mask is entered automatically for a network computer when you click Network calculator. You can then also set the CIDR suffix and so the CIDR notation.
The values for Host IP appear automatically in the list.
Transfer to allowlist
Configured locks can be transferred into the allowlist.
Select the blocklist entry Transfer
Delete
The administrator can view automatically configured restrictions, and if necessary cancel them, in the IP blocklists.
The marked entry will be deleted.