Difference between revisions of "IP PBX Manual System Networking"

From IPitomy Wiki
Jump to navigation Jump to search
(Created page with "'''System Networking''' The IPitomy System Menu is for configuring network attributes. For example the IP address of the system and router information. The System Networking ...")
 
Line 102: Line 102:
  
 
|}
 
|}
== Web Server Configuration ==
+
== Web Server Configuration - (Obsolete - removed in 4.8.0)<br/> ==
This feature allows you to define which IPs and/or domains can access the web server, as well as restart the Web Server. In order for changes to this list to take effect, you must Restart the Web Server.
 
  
The parameter for the IP PBX Web Server is pre-configured per the manufacturer’s specifications. We recommend that you '''do not change''' this configuration.
+
[IPPBX_IMM_Web_Server_Configuration|Web Server Configuration]
 
 
 
 
''Figure 18Web Server Configuration Page''
 
 
 
 
 
 
 
{| style="border-spacing:0;"
 
| style="background-color:#b8cce4;border-top:0.0069in solid #0000ff;border-bottom:0.0069in solid #0000ff;border-left:0.0069in solid #0000ff;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''Feature'''
 
| style="background-color:#b8cce4;border:0.0069in solid #0000ff;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| <center>'''Description'''</center>
 
 
 
|-
 
| style="border-top:0.0069in solid #0000ff;border-bottom:0.0069in solid #0000ff;border-left:0.0069in solid #0000ff;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''Restart Web Server'''
 
| style="border:0.0069in solid #0000ff;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| This feature allows you to restart the web server so that changes made that impact server components can be applied.
 
 
 
'''Note:''' '''Restarting the server will not interrupt phone service. A reboot of the PBX system will also apply changes made to other attributes.'''
 
 
 
|-
 
| style="border-top:0.0069in solid #0000ff;border-bottom:0.0069in solid #0000ff;border-left:0.0069in solid #0000ff;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''Allow Access From'''
 
| style="border:0.0069in solid #0000ff;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| Defines the networks and/or domains that are allowed to access the PBX. The “Allow” format may be:
 
 
 
* '''Domain name'''
 
* '''Full IP address'''
 
* '''Partial IP address'''
 
* '''Network / netmask pair'''
 
* '''Network / CIDR specification'''
 
 
 
 
 
 
 
|-
 
| style="border-top:0.0069in solid #0000ff;border-bottom:0.0069in solid #0000ff;border-left:0.0069in solid #0000ff;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''Delete Selected Items'''
 
| style="border:0.0069in solid #0000ff;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| This button allows you to delete multiple services at a time.
 
 
 
|-
 
| style="border-top:0.0069in solid #0000ff;border-bottom:0.0069in solid #0000ff;border-left:0.0069in solid #0000ff;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''Load Factory Defaults'''
 
| style="border:0.0069in solid #0000ff;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| This button will set the PBX back to the default Web Server settings.
 
 
 
 
 
 
 
 
 
|-
 
| style="border-top:0.0069in solid #0000ff;border-bottom:0.0069in solid #0000ff;border-left:0.0069in solid #0000ff;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''Add a New Item'''
 
| style="border:0.0069in solid #0000ff;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| This section is where you would add new rules for accessing the Web Server
 
 
 
|}
 
 
 
{| style="border-spacing:0;"
 
| style="border-top:0.0069in solid #000000;border-bottom:0.0069in solid #000000;border-left:0.0069in solid #000000;border-right:none;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"|
 
| style="border-top:0.0069in solid #000000;border-bottom:0.0069in solid #000000;border-left:none;border-right:0.0069in solid #000000;padding-top:0in;padding-bottom:0in;padding-left:0.075in;padding-right:0.075in;"| '''IMPORTANT:''' '''Changes to the Web Server Access List are preconfigured. They are database independent so custom changes do not migrate from one box to another via a database backup file.'''
 
 
 
'''Please contact IPitomy’s Technical Support Group if you think you need to modify these settings. Email via [mailto:support@ipitomy.com support@ipitomy.com] or phone at 941-306-2200 option 2. You can also visit our FAQ page at faq.ipitomy.com.'''
 
 
 
|}
 
=== Add New Permission ===
 
'''STEPS:'''
 
 
 
# Navigate to '''System Access Control'''
 
# Click on the '''Web Server''' button located at the top of the page. The '''Web Server Configuration''' page appears.
 
# In the '''Add a New Item''' section, enter the network or domain you want to allow to access the PBX web server
 
# Click the '''ADD''' button.
 
# The new permission rule will be displayed under Allow Access From window above
 
# Click on the '''Restart Web Server''' button.
 
# Click OK when prompted to confirm you wish to restart the Web Server
 
 
 
# A “Please Standby” message appears. Once the reboot process is completed you will be returned to the '''Web Server Configuration''' page.
 
 
 
=== Load Factory Default ===
 
This feature allows you to restore the manufacturer’s factory default settings. It will restore the settings to the factory recommended defaults.
 
 
 
 
 
'''STEPS:'''
 
 
 
# From the '''Web Server''' page, click '''Load Factory Default''' button. This will return or restores the Allow Access From list back to the manufacturer’s default setting.
 
# Once the changes applied, you will need to restart the web server. Please refer to the Restart Web Server topic of this user guide for steps on how to restart the server.
 
# Click on the '''Restart Web Server''' button.
 
# Click OK when prompted to confirm you wish to restart the Web Server
 
 
 
# A “Please Standby” message appears. Once the reboot process is completed you will be returned to the '''Web Server Configuration''' page.
 
  
 
== Access Control List ==
 
== Access Control List ==

Revision as of 14:07, 7 September 2012

System Networking

The IPitomy System Menu is for configuring network attributes. For example the IP address of the system and router information. The System Networking Setup Page allows you to define the Internet Setup for the system’s hardware. The system must operate using a static IP address; DHCP should only be used on the IPitomy IP PBX if the router is configured to assign a specific static DHCP address to the system.


The following table describes the fields and recommended settings for Networking Setup for the IP PBX system:


Field
Recommended Settings
IP Address Use the default address (192.168.1.249) of the IPitomy IP PBX or an address outside the range of existing IP addresses assigned by DHCP in the router.
Subnet Mask Leave the default setting for the Subnet Mask as (255.255.255.0). The subnet mask defines what traffic the PBX will listen and communicate to. A value of 255 means the octet in question needs to match exactly, while a value of 0 means the octet is not restricted at all. When the PBX is set to the default IP address, a subnet mask of 255.255.255.0 tells the system to communicate with any devices in the 192.168.1.xxx range.
Default Gateway The default gateway provided is 192.168.1.1. Though this default is a common router IP, every network is different. Enter the IP address of the router handling their Internet connection here.
Static DNS Enter the DNS IP address being used on the network. If a default DNS IP address is not provided by the router it can be obtained from the network’s Internet Service Provider.
Static DNS2 Enter the DNS IP address being used on the network. If a default DNS IP address is not provided by the router it can be obtained from the network’s Internet Service Provider.
Static DNS3 Enter the DNS IP address being used on the network. If a default DNS IP address is not provided by the router it can be obtained from the network’s Internet Service Provider.

Table 6Network Setting Descriptions

TCP/IP Settings Section

Edit TCP/IP Default Settings

STEPS:

  1. Navigate to System Networking. The TCP/IP Settings page appears displaying the default values for the following setting:
  • IP Address
  • Subnet Mask
  • Default Gateway
  • Static DNS
  1. Click on the IP Address field. Enter the IP address for the Router. Use the default address (192.168.1.249) of the IPitomy IP PBX or an address outside the range of existing IP addresses assigned by DHCP in the router Enter the desired IP Address. See Table above for recommended settings.
  2. Click on the Subnet Mask field. Leave the default setting for the Subnet Mask as (255.255.255.0). See Table above for recommended settings.
  3. Click on the Default Gateway field. Change the default Gateway value to the desired target network. See Table above for recommended settings.
  4. Click on the Static DNS field. Change the default DNS value to the desired target network. See Table above for recommended settings.
  5. Repeat step 5 to set the remaining DNS values, if necessary.
  6. Click on the button
  7. Click the Apply Changes link located on the right hand corner of the page, to commit the changes to the database.

Access Control (PBX Access)

The Access Control page is comprised of 3 sub-pages; Host Access, Web Server, and Access Control List. Each is accessible from the buttons at the top of the page and pertains a different method of controlling access to the PBX.

Host Access

This feature allows you to limit access to special services on the PBX. An “allow from” entry is a list of one or more host names, host addresses, patterns or wildcards that will be matched against the client host name or address. List elements should be separated by blanks and/or commas.


Note: The parameter for the IP PBX Host Access is pre-configured per the manufacturer’s specifications. We recommend that you do not change this configuration value.


The following table describes the features and functions available on the Host Access page:


Fields/Buttons
Description
Delete Selected Items This button allows you to delete multiple services at a time.
Load Factory Defaults This button will set the PBX back to the default Host Access settings.



Add a New Item This section is where you would add new rules for accessing special services on the PBX

Table 7Network Features and Descriptions


IMPORTANT: Changes to the Host Access List are installed immediately. They are database independent so custom changes do not migrate from one box to another via a database backup file.

Please contact IPitomy’s Technical Support Group if you think you need to modify these settings. Email via support@ipitomy.com or phone at 941-306-2200 option 2. You can also visit our FAQ page at faq.ipitomy.com.

Web Server Configuration - (Obsolete - removed in 4.8.0)

[IPPBX_IMM_Web_Server_Configuration|Web Server Configuration]

Access Control List

The Access Control List defines what networks different PBX features are permitted to communicate with.


The following table outlines the parameters and descriptions for the Access Control List.


Feature
Description
Service Displays the name of configured services. Typical services on the PBX are:

SIP - Used for Calls

Call Manager - Used for Desktop Call Manager

TFTPUsed by phones to pull down config and firmware files

Ports Displays the ports that were defined for a particular service.

SIP5060

Call Manager5048

TFTP - 69

Rules Displays the rules that were configured for a particular service.

Deny ListAccepts all traffic, unless specifically definedAllow ListDenies all traffic, unless specifically defined

Table 9Access Control List Definitions


Load Recommended Default

This is the recommended method to set the Access Control List to the typically used settings.

STEPS:

  1. Navigate to PBX SetupSIP
  2. Set the LocalNet to match the network the PBX is installed on, Save, and Apply Changes
  3. Navigate to the Access Control List page, click Load Recommended Default button. This will create default rules allowing the PBX to communicate to devices on the LocalNet in regards to SIP, Call Manager, and TFTP
  4. Click the Apply Changes link located on the right hand corner of the page, to commit the changes to the database.

Add New Service

The following table outlines the parameters and descriptions required for adding a new service.


Feature
Description
Service Name This is the name of the new service and will populate the Service drop-down list in the Add New Rule section.
Service Transport This is the service type that will be used to transport the message. The options are Both, TCP or UDP.

SIP and RTP traffic both occur on UDP, TFTP traffic is UDP, and Call Manager traffic is TCP. Any other rules created would need to be configured for the protocol used by this service.

Service Ports This is the port information that is associated with the host. You can enter a single or range of ports that will be used for this service. SIP uses 5060, Call Manager uses 5048, and TFTP uses 69. Other services must be configured to use the appropriate ports.
Service Policy This is the umbrella rule for the service, which will be further defined under Add New Rules. The options are:

Deny List; ACCEPT ALL EXCEPT rule will apply. This will allow all traffic on the defined port, allowing you to configure a list of Denied IP addresses.

Allow List: DROP ALL EXCEPT rule will apply. This will block all traffic on the defined port, allowing you to configure a list of Allowed IP addresses.

The following outlines the steps to add a new service in the PBX system.

STEPS:

  1. Navigate to SystemAccess Control
  2. Click on the Access Control List button, The Access Control List page appears.
  3. From the Add New Service section, enter a Name, and select the appropriate Transport Protocol, Ports, and Policy; then click the Create Service button.
  4. The new service and its associated values will be displayed in the Service listing.
  5. Click the Apply Changes link located on the right hand corner of the page, to commit the changes to the database.

The following table outlines the parameters and descriptions required for adding a new rule.


Feature
Description
Service This drop-down list is populated when a new services is added. This is done in the Add New Service section.
Host(s) This is the IP Address, Domain Name or URL of the host.

Table 11Add New Rule Settings and Descriptions


Add New Rule

The following outlines the steps to add a new rule for Services in the PBX system.

STEPS:

  1. Navigate to SystemAccess Control, click on the Access Control List button, the Access Control List appears.
  2. From the Add New Rule section, select the Service type from the drop-down list.
  3. Enter the Host/s to be allowed/denied by the service
  4. Click the Create Rule button.
  5. The new rule is added and will be displayed in the rules list.
  6. Click the Apply Changes link located on the right hand corner of the page, to commit the changes to the database. .

Delete Rules or Services

The following outlines the steps to delete existing rules or services.

STEPS:

  1. From the Service section of the PBX AccessAccess Control List page, find the service or rule that you want to delete.
  2. Click on icon to the left of either the service or rule. The selected item is removed from the list.
  3. Click the Apply Changes link located on the right hand corner of the page, to commit the changes to the database.