Network
The PBX is connected to a local network and receives the IP address that is also used to access the integrated web server for configuration.
Please refer to the PBX Instruction for instructions about how to set up the network connection.The PBX connects different communication nets with each other.
Further help under VoIPOnly COMtrexx Business: By upgrading with a NET module, there are now two networks with different IP address ranges available.
Further help under Network interface (second)Using the network, configuration data provided by the PBX is tranferred to the connected IP telephones and DECT base stations.
Further help under ProvisioningIn order to be able to securely connect remote devices to the PBX, the PBX offers an integrated OpenVPN server.
Further help under VPNFor a CTI solution, the PBX can be connected to a local network existing of CTI server and CTI clients.
Further help under LAN TAPIFirewall releases for Auerswald services
If an existing firewall blocks the communication paths of the PBX to the Internet, releases must be granted for the following addresses and ports. Otherwise, it is not possible to use the associated services and thus the correct functioning of the PBX.
Name | IP addresses | Ports |
|---|---|---|
cic.auerswald.de | 81.14.169.81 | 443 |
vouchercenter.auerswald.de | 81.14.169.81 | 443 |
| Further help under Licences | ||
proxy.auerproxy.de | 217.160.243.101 82.165.222.120 62.113.233.194 2001:8d8:1801:5f7::1 2001:8d8:1801:85f1::1 2a00:f48:2000:1009::2 | 5060 5061 4433 |
| Further help under Softphone | ||
update.auerswald.de | 81.14.169.81 | 80 443 |
| Further help under Firmware Update | ||
Protection against attacks through Fail2ban (IP block- and allowlist)
The PBX is protected against attacks from the network by Fail2ban. Fail2ban is software that monitors log files and searches them for predefined patterns.
If traffic from a particular IP address is judged as being too high - and therefore, probably malicious - this IP address is blocked. This means that access from this IP address to a service of the PBX is initially prevented for ten minutes (blocking time).
The blocked IP address is entered in the IP blocklist for the blocking time.
The PBX informs by means of a system message about:
•System events detected by Fail2ban
•Blocks triggered by Fail2ban
Further help under System messagesYou as the administrator must then set up suitable measures to protect the PBX within your infrastructure (e.g. via routers, bridges).
Remember that it depends on many factors whether an access is considered an attack. Even repeated »mistyping« when entering the password or a configuration error can lead to an entry in the IP blocklist.
If it is not a malicious attack, you can delete a blocked IP address from the IP blocklist again or transfer it to the IP allowlist. The IP allowlist makes it possible to exclude certain IP addresses from blocking. Enter here, for example, the IP address of the computer with which you normally configure the PBX.
IPv6 Mode
If IPv6 is configured, an IP address complying with version 6 of the Internet protocol can be assigned to the PBX. Due to the greater length of IPv6 addresses (eight blocks with four digits each, example: 3001:00FF:ABC0:0EAC:0001:0000:0000:000F), IPv6 offers a greater number of available IP addresses than version 4 of the Internet protocol (IPv4).
Configuration
•Configuring identification data.
−Administration > Network > IP configuration > IP configuration
•If required, configuring IPv6 of the identification data.
−Administration > Network > IP configuration > IP configuration > IPv6 configuration >
•Configuring and testing DNS server.
−Administration > Network > IP configuration > DNS configuration
•If required, configuring HTTP proxy.
−Administration > Network > IP configuration > HTTP proxy configuration
•Making network settings for the integrated web server.
−Administration > Network > Server service > Web server configuration
•Managing block- and allowlist.
−Administration > Network > IP block- and allowlist
•Viewing port overview.
−Administration > Network > Ports
Alternative functions on an internal phone
•Configuring and querying the IPv4 address of the PBX
•Configuring and querying the subnet mask of the PBX
•Configuring and querying the gateway of the PBX
•Switching on/off the DHCP client of the PBX and querying the status
Description of operation under Identification (IP Address, Subnet Mask, Gateway, DHCP Client)