manualshive.com logo in svg

FS PBX-C301, User Manual, Page: 100 / 113

Share
Download
FS PBX-C301 User Manual Download Page 100

IP PBXs USER MANUAL

www.fs.com

96

Common Rules

can be used to configure the firewall to grant or deny an IP address or a network from communicating with the IPPBX

system. Even the service port number can be specified so it can grant or deny a specific IP or network to access a specific service. The

priority from high to low of the firewall rules is from the top of the list to the bottom.

If you are going to grant access of some kind of services to specific IP address or network, add the grant rule/rules first then add the deny

rules. If the order of the rules is not correct you may use the arrows in the

Priority

column to adjust the order of the rules.

In the above given example, the 2 rules “AcceptAMI” and “BlockAMI” limited that only the IP addresses from network 192.168.17.0 can

have AMI access. Except IP from this network others will all be denied to access. In this case, if the “AcceptAMI” rule is moved beneath the

“BlockAMI” rule, then the AMI port will be totally lockdown, no one can access it.

Notice

If you are going to add rules to block some IP addresses from accessing some kind of services on the IPPBX system, be sure you add the

correct IP/network address (if not defined, the firewall will consider as ALL), and the correct service port number (if not define, the

firewall will consider as ALL), otherwise misconfiguration of a deny rule might cause the IPPBX system total lockdown, only way would

be using Console (PBX-C301) or HDMI (PBX-C302M and PBX-C503) to unlock the IPPBX from command lines.

Auto Defense

will help with the prevention of DDOS attacks.

You may specify the service port number and the maximum packets to be accepted on this port number in a certain time interval.

Except the specified number of packets, more packets sent within the time interval will be dropped by the IPPBX system.

12.4.2

Intrusion Detection and Prevention

Path:

System -> Security Center ->Intrusion Prevention

IPPBX system uses Fail2Ban to perform intrusion detection. Fail2Ban is an intrusion prevention framework written in the Python

programming language. It works by reading Asterisk logs and some other logs in the IPPBX system, and uses iptables profiles to block

brute-force attempts.

Summary of Contents for PBX-C301

Page 1: ...IP PBXs USER MANUAL www fs com Models PBX C301 PBX C302 PBX C503 IP PBXs User Manual IP PBXs User Manual...

Page 2: ...4 3 Analog Extensions 20 5 Inbound Control 22 5 1 IVR 22 5 2 Call Queue 23 5 3 Time Conditions 26 5 4 Inbound Routes 28 5 5 Direct Routing 29 5 6 Inbound Fax 30 5 7 Blacklist 31 6 Outbound Control 32...

Page 3: ...ll Pickup feature codes 62 10 3 Call Parking feature codes 62 10 4 CallTransfer feature codes 63 10 5 Blacklist feature codes 63 10 6 Call Spy feature codes 64 10 7 Call Queue feature codes 64 10 8 Co...

Page 4: ...P Blacklist 97 12 4 4 IP Whitelist 97 12 5 Email Services 98 12 5 1 Mail Server Settings 98 12 5 2 Voicemail to Email Settings 99 12 5 3 Fax to Email Settings 100 12 5 4 Email Notifications 100 13 Mai...

Page 5: ...from the power source 5 Do not drop knock or shake the unit Rough handling can break internal circuit boards 6 Do not install the unit in places where there is direct sunlight Also do not place the u...

Page 6: ...nection IVR call recording call detail records CDR All of these can serve to greatly enhance business operations at reduced operational cost 2 2 Modules 4FXO Module 4FXO module provides 4 FXO interfac...

Page 7: ...e when there s power failure you may still use the analog phone to make and receive phone calls 2GSM 4GSM Module 2GSM 4GSM module provides 2 4 GSM channels it can be installed on PBX C301 PBX C302 and...

Page 8: ...0MHz EGSM 900MHz DCS 1800MHz and PCS 1900MHz Notice WCDMA modules for IPPBXs are only used for voice phone calls they CANNOT be used for data transmission from 3G network 4BRI Module 4BRI module provi...

Page 9: ...t s going to be installed with other modules 4FXO 4FXS 2FXOS 2 4GSM 2 4WCDMA it should be installed on SLOT2 And E1 T1 module cannot be installed with BRI module on the same PBX C302 or PBX C503 2 3 M...

Page 10: ...Power off SYS System Status On System initiating Blink System is functioning Off System failure WAN WAN Data Status On Connected but no data transmitting Blink Data transmitting Off Disconnected LAN...

Page 11: ...WR Power States Green Power On Off Power Off SYS System States Wink System is Running Off System Booting or Failed WAN LAN WAN LAN Interface States Wink Data Transmitting Off No Data Transmitting 1 4...

Page 12: ...Permissions Feature Codes Wakeup Call One Number Stations Music On Hold Phonebook LDAP 10 000 contacts Department ring group pickup group Phone Provisioning Expansion Box Provisioning Speed Dial Time...

Page 13: ...default settings Quick Setup Wizard will be presented You may follow the wizard to complete some basic settings or you may skip the wizard and login with default credentials Username admin Password a...

Page 14: ...Once done please click on button to continue Step 3 Location Select the country region you live in the location you selected will also tell the IPPBX system which time zone and tone zone you want the...

Page 15: ...ou have installed FXS FXO GSM WCDMA modules on both Slots then just simply click on button to continue If you have installed E1 T1 BRI modules please select the module type accordingly For more config...

Page 16: ...umber and click on button to continue Step 6 Specify Operator Extension The operator extension is usually the extension number of the company receptionist or secretary Please specify the extension num...

Page 17: ...the company setup calling features manage call logs and recordings Step 9 Mail Server Settings Mail server will be used to send out email notifications from the IPPBX system Please select a mail serv...

Page 18: ...ke effect If PBX C301 you ll have to wait around 4 minutes then refresh the page If PBX C302 or PBX C503 it will take around 2 minutes to reboot after this please refresh the page Now you should see t...

Page 19: ...concept is new on IPPBX v3 software Extensions are grouped by your company s actual organizational structure A department is equal to a Pick up group A department is equal to a Call groups Ring Group...

Page 20: ...g Time textbox In Destination if no answer dropdown list select a call destination for the inbound calls when no one answers the call You may add remove members of your department from the Select Depa...

Page 21: ...le calling through the VoIP or digital trunk E1 T1 BRI lines you can define 2 CIDs for each extension and choose which to be used by dial rules By default Outbound CID1 will be used by the dial rules...

Page 22: ...b Portal If enabled users can use their extension number and password to login to the IPPBX system web GUI Call Recording This is an automated recording option you may choose to automatically record t...

Page 23: ...addresses will be dropped Qualify Timeout S If a qualify message is not responded by the SIP endpoint within the Qualify Timeout IP PBX system will consider the endpoint offline Send PAI Send the P A...

Page 24: ...following CID numbers Otherwise leave these fields blank In the Password field you may leave it blank so the created extensions will use random passwords or you can define a password so the created e...

Page 25: ...entify this analog extension Outbound CID displays the number externally through digital trunk Call Recording could be enabled to record Inbound Outbound or Both direction phone calls if necessary The...

Page 26: ...oups IVR prompts Call Queues etc If you want to create multi layer IVR menus you may need to create the sub layers at first In order to create an IVR menu please click on the button you ll see a popup...

Page 27: ...e Invalid Key option And if the caller didn t press any key during the whole IVR process the call will be handled by the No Press option 5 2 Call Queue Path Telephony Inbound Control Call Queue A call...

Page 28: ...er Agent Penalty is enabled and the Ring Strategy is on the Linear mode the incoming calls in the queue will ring the agents in the order of the static agent extension numbers list Static Agents are e...

Page 29: ...ec will be sent to the If no answer destination If left blank there will not be any time limitation of waiting time Join Empty option allows callers to enter the queue when no agents are available If...

Page 30: ...iday settings Time Rule Weekdays Holidays To create a time rule you need first set up weekdays and holidays To set up weekdays you may modify the default one or create a new one by clicking on Add but...

Page 31: ...And if you want to setup a time rule for noon break you can do it follow the instructions below In Weekdays section setup noon breaks for each weekday Then create a new time rule as below In Weekdays...

Page 32: ...nstructions please refer to Feature Codes Office Closed Destination is the destination of the inbound calls to be directed to while Office Closed timing is activated You may select the destination per...

Page 33: ...d button as shown below In the popup window specify one of your DID numbers and assign a call destination for all inbound calls by calling this DID number In the above example 94088322 is one of your...

Page 34: ...ll be saved in the IPPBX system internal storage Admin user and operator user are able to check faxes on Reports System Logging Fax Logs page If the Fax Destination is set to Send as Email You ll have...

Page 35: ...list Feature Codes By specifying a number in the top right number blank you may add a number to the system blacklist To add blacklist numbers by using a template file please click on button to downloa...

Page 36: ...Outbound Control Trunks On the IPPBX front panel red LED indicates the RJ11 interface is FXO You should attach the telephone wire from your telecom socket to the FXO ports If needed you may edit the...

Page 37: ...ller to leave a voice message in the language you set Busy Count Specify how many busy tones to wait for before hanging up and it s configurable only if Busy Detection is enabled Busy Pattern If busy...

Page 38: ...m this trunk Fax Detect Enable disable fax detection on this trunk Dial Permission Custom dial permission for this trunk by default it uses the Extension dial permission Configure only if this trunk i...

Page 39: ...voice prompts language for the callers calling in from this trunk Fax Detect To enable disable fax detection on this trunk Dial Permission Custom dial permission for this trunk by default it uses the...

Page 40: ...on user for the SIP server Password Password provided by SIP Provider Contact Contact user to use in an outbound call request through this trunk Retry Interval Once registration expired retry interval...

Page 41: ...this trunk From Domain Your service provider s domain name DTMF Mode Used to inform the system how to detect the DTMF key press Choices are Inband rfc4733 SIP info and Auto Send PAI Send the P Asserte...

Page 42: ...r side can dial out from this IPPBX trunk directly DO NOT change unless you fully understand how this feature works Video Codecs If the ITSP supports video calls then you can enable compatible video c...

Page 43: ...eed to support users passing outbound CIDs Call Time Limit The limited time of call conversation can be made while using this dial rule The limitation can be set from 60 to 3600 seconds Call Method se...

Page 44: ...allow dialing paging intercom group numbers Department Allow Disallow dialing other department numbers Call Parking Allow Disallow answering the parked calls Conference Allow Disallow using conference...

Page 45: ...tbound fax works 6 5 PIN Sets Path Telephony Outbound Control PIN Sets Pin sets can be used to secure your IPPBX system phone services and in particular for outbound dial rules and DISA Each PIN Set c...

Page 46: ...the playback mode as shuffle random playback or in turn playback in order Once done click on Submit Now click on button to upload audio files to the newly created folder one by one Supported File Form...

Page 47: ...follow the system voice prompts to complete the recording When recording is done the newly recorded audio will be listed on this page and ready to be used for setup IVR 7 3 Custom Prompts Path Teleph...

Page 48: ...ist select the extension to be configured with call forward In Forward Type drop down list select the condition of when to forward the incoming calls In the Destination field specify the number to rec...

Page 49: ...is an external number don t forget to add a dial prefix in front of it Take the above settings as example when extension 121 gets an incoming call if it s not answered in 30 seconds the call will be f...

Page 50: ...s Conference Conferences allow two or more callers to be joined together so that all parties on the call can hear one another Conferences are also referred as Conference Bridges or Conference Rooms Th...

Page 51: ...refer to introductions in Other feature codes section 8 6 Smart DID Path Telephony Advanced Features Smart DID With Smart DID feature the IPPBX system has the ability to route an inbound call directly...

Page 52: ...perator from operator web interface and by extension user from extension user web portal A contact added by admin user and operator user is visible to all extension users but a contact added by an ext...

Page 53: ...and handled by the Callback feature Destination An extension or another call destination which will be used to call the callback number In the above example if the caller 85337096 called the IPPBX sy...

Page 54: ...SER MANUAL www fs com 50 Name the name of the whitelist Number List the system would check whether the incoming call number match with any one number on the number list Please use to separate multiple...

Page 55: ...ng the extension for the time given here Outbound Call Transfer Allow outbound phone calls to be transferred if enabled it might cause phone call problem in certain situations For example an outbound...

Page 56: ...rsion While forwarding transferring a call out through SIP trunk the actual caller number can be passed to the forwarded number with diversion option enabled but requires the SIP trunk service provide...

Page 57: ...dio issue with phone calls User Agent The default user agent string also contains the Asterisk version If you don t want to expose it change the user agent string here Endpoint Identifier Order The pr...

Page 58: ...ort had been enabled by default for all extensions And IAX2 works on UDP port 4569 you may modify the port number if required Asterisk supports different QoS settings at the application level for vari...

Page 59: ...ampling matching value of DTMF caller ID digits you can choose 1 to 5 digits been matched then to consider it as part of the Caller ID DTMF Misses End Sample matching value of DTMF caller ID digits yo...

Page 60: ...the system for each extension user Max MessageTime sets the maximum duration of a single voice message can be accepted by IP PBX system Min Message Time sets the minimum duration of a single voice me...

Page 61: ...t one of the others you will be unable to dial another class of numbers For example if you set national you will be unable to dial local or international numbers Local Dial Plan Only RARELY used for P...

Page 62: ...lephony provider In most cases CRC4 is not needed for T1 circuit enable it only when the provider requires it After configurations been done save and reboot the IPPBX system In the meantime you attach...

Page 63: ...erwards This doesn t work on all systems so the option to reverse this behavior is provided Advanced Protocol File Additional configurations for R2 signaling Category Send calling party s category Usu...

Page 64: ...ut professional guidance 9 5 5 BRI Settings BRI module can only be installed on Slot2 of the PBX C302 and PBX C503 IPPBX systems The BRI modules you have received the jumpers on the module should be s...

Page 65: ...E_PTP BRI PTP Point to Point signaling CPE side TE_PTMP BRI PTMP Point to Multi Point signaling CPE side NT_PTP BRI PTP Point to Point signaling Network side NT_PTMP BRI PTMP Point to Multi Point sign...

Page 66: ...ely you can configure some advanced options for your voicemail box 10 2 Call Pickup feature codes Call pickup feature codes allow users to pick up calls that are not directed to them by dialing a feat...

Page 67: ...er the number to transfer to this call will be transferred instantly and the user can hang up If the transferred number doesn t answer this call then it will go to voicemail If blind transfer sometime...

Page 68: ...y is similar to an instant 3 way conference call While an extension user is talking to someone else on the phone you can dial 92 following by their extension number end with to talk to both of the spe...

Page 69: ...n reality you have entered a static conference room by default 90 is the first available conference room You are able to use conference admin menu to invite others to the conference and also others ca...

Page 70: ...Any phone connected to the IPPBX system can use the DND feature code no matter it s IP phone analog phone or softphone Simply dial 74 to enable DND if you hear a beep sound that means DND is on Once...

Page 71: ...one extension only You don t have to create a Paging and Intercom group for only one extension if you intend to intercom with only that extension Paging The paging feature code allows you to page one...

Page 72: ...y ends In the Duration column lists the call duration of each phone calls this might not be the exact talk time as when calling though the FXO ports IPPBX system will auto answer the inbound calls so...

Page 73: ...ist with some detailed information You may playback the recording by built in web player by clicking on the button Or you may click on the button to download or click to delete Call recordings can be...

Page 74: ...em Logs Fax Logs Fax logs stores all your inbound faxes and the outbound faxes sent from the extension user portal By downloading the tif file to your operating system you may view the fax details 11...

Page 75: ...Reports System Logs Advanced Logs Advanced logging can be used for higher level of the IPPBX system troubleshooting SSH Access Logging can be used to trace the SSH login records PBX Logging can be use...

Page 76: ...n otherwise it won t be detected by the IPPBX system Before attaching the USB drive and configuring data storage settings please make sure no one else is signed in the IPPBX web UI and there s no phon...

Page 77: ...itions on the USB drive and create a single new partition and try again Before doing this please backup the data in your USB drive as doing this will erase all data on the drive 12 1 2 FTP Storage Pat...

Page 78: ...m with the FTP server Once connected you ll see the FTP Connect Status changed to Connected Each time after uploading the call recordings voicemails and system logs will be removed from the IPPBX inte...

Page 79: ...ttings will determine the type of tone Dial tone Busy Congestion tone etc you heard on the phones the time zone and also the opermode on the Analog Settings page So you may not change the location set...

Page 80: ...hange this IP but LAN IP should NOT be in the same network segment as WAN port 12 3 2 IPv6 Path System Network Settings IPv6 IPv6 Internet Protocol Version 6 has been in development for nearly two dec...

Page 81: ...in name resolution of the IMS server using the public DNS servers To add a local domain name resolution record please click on the Add button Then please specify the domain name of the IMS server and...

Page 82: ...phones You don t need to build a dedicated VPN server or buy a VPN router This is also a workaround to avoid firewall issues when configuring remote VoIP client such as SIP protocol which is notoriou...

Page 83: ...y certificates or username password When used in a multiclient server configuration it allows the server to release an authentication certificate for every client using signature and Certificate autho...

Page 84: ...Compress LZO LZO is an efficient data compression library which is suitable for data de compression in real time TLS Server TLS is an excellent choice for authentication and key exchange mechanism of...

Page 85: ...ure the OpenVPN client to connect to the server In the Server Address field you should specify the OpenVPN server address which can be a public IP or a domain name Enable Stealth if the OpenVPN server...

Page 86: ...n the VPN client connection And you may check the VPN connection status in the VPN Client Status section In the VPN client status section the VPN client IP the VPN type and the connection status will...

Page 87: ...ol PAP works like a standard login procedure it uses static user name and password to authenticate the remote system mschap MS CHAP is the Microsoft version of the Challenge Handshake Authentication P...

Page 88: ...how the configurations Configure PPTP VPN client settings before enabling it Enable 40 148 bit encryption for MPPE Tick to enable 40 bit key standard or 128 bit key strong MPPE encryption schemes Serv...

Page 89: ...ssion IPSec can be configured to operate in two different modes Tunnel and Transport mode Use of each mode depends on the requirements and implementation of IPSec IPSec VPN Server Tunnel mode Tunnel m...

Page 90: ...t uses this IP to connect to IPSec server IPSec Remote Network Specify the IPSec VPN client LAN network address Notice 1 If the IPPBX is behind NAT port 500 and 4500 must be open on the router firewal...

Page 91: ...the client will try to connect to the server using the details provided 2 If connection is successfully established then the system will display Status 1 tunnel has been established 3 If connection f...

Page 92: ...ype Ensure this is the same as the IPSec VPN server IPSec Local IP IPPBX WAN IP which can connect to the IPSec server IPSec Server IP IPSec VPN server IP Password Specify the IPSec VPN password define...

Page 93: ...sses Server Local IP L2TP VPN local server IP address Primary DNS Primary DNS for VPN connection Alternate DNS Alternative DNS for VPN connection Authentication Method Select the authentication method...

Page 94: ...sers each user created is for a VPN client to connect Remember to set the Availability to Yes when you don t want this user to connect just set Availability to No or you may remove the user from the V...

Page 95: ...save the configurations Finally click on Enable switch to switch on the L2TP client connection Notice If connection is successfully established the system will display as follows Status L2TP client VP...

Page 96: ...dynamically distributing network configuration parameters such as IP addresses for interfaces and services With DHCP computers IP phones request IP addresses and networking parameters automatically fr...

Page 97: ...NS provider then with the domain name they provide which maps your IP address on the Internet you can access IPPBX and also other services within your LAN via the domain name without needing to know y...

Page 98: ...events your IP phone system from unauthorized access malicious users and some other attackers You may not need to specifically configure the firewall settings but for security precautions please alway...

Page 99: ...n rule to grant access of your local LAN The Action of this rule needs to be set as Accept Protocol should be set as TCP UDP IP should be the local network address instead of a single IP address Netma...

Page 100: ...an access it Notice If you are going to add rules to block some IP addresses from accessing some kind of services on the IPPBX system be sure you add the correct IP network address if not defined the...

Page 101: ...4 default rules if you want to add more rules you can do it on the Firewall page Auto Defense section 12 4 3 IP Blacklist Path System Security Center IP Blacklist IP Blacklist will list all suspected...

Page 102: ...2 5 Email Services 12 5 1 Mail Server Settings Path System Email Services Mail Server Settings Various kinds of Emails could be sent from the IPPBX system The Emails could be automatically sent by the...

Page 103: ...SMTP service from your Email web portal before you can successfully configure SMTP server on the IPPBX system 12 5 2 Voicemail to Email Settings Path System Email Services Voicemail to Email Settings...

Page 104: ...Services Email Notifications You may configure the IPPBX system to send Email notifications to the administrator on some system events Storage Usage Alert can be used to notify the administrator abou...

Page 105: ...the IPPBX system from command line level 13 1 1 Admin User Path Maintenance Users Admin User Admin user password should be changed regularly on this page And the password should be at least 6 charact...

Page 106: ...By default SSH access to the IPPBX system is disabled When enabled user may access the IPPBX system Linux command line interface via SSH on port 22 If you are not a highly experienced Linux user with...

Page 107: ...ound trip delay in communicating with the host Packet loss Specify the domain or IP of the host you want to contact then click on button and then the command begins to process You will receive results...

Page 108: ...technically DAHDI Monitor allows you to monitor signal level on analog channel and record the output to a file Recorded audio files are by default raw signed linear PCM You can play it to the speaker...

Page 109: ...first time Also when you have applied new changes to your configuration is always a good time to take another backup Path Maintenance Backup You may click on button to take a backup of your system whe...

Page 110: ...if you have enabled I d like to keep the network profiles and I d like to keep the call logs and recordings options which will keep the network configurations and the call logs and call recordings By...

Page 111: ...erver Protocol defines the signaling protocol that the IP PBX communicates with the SIP proxy server it can be different than the protocol the SIP endpoints communicate with the IP PBX system Proxy Si...

Page 112: ...clicking on the Upload Certificate button Once uploaded the SIP proxy server will be activated The activated SIP proxy service status and the license expiration is as shown below By now SIP proxy ser...

Page 113: ...S3910 SERIES SWITCHES DATASHEET www fs com 10...

Reviews:

No comments