IP ACL Settings

In this article, you will learn how to allow specific IP addresses to access your system. Such settings will increase your network protection, minimize security risks, and prevent unauthorized access to your PBX.

1. Log in to the CommPeak user portal.
2. In the main menu on the left, expand Cloud PBX and click PBX Instances.
   
3. Click the Firewall Settings icon.
   

The Firewall Settings pane with several tabs will open on the right. Here you can insert IP addresses to web and SIP access lists.

Web ACL

Web ACL restricts access to your PBX, PBX Stats, and Dialer websites. 

To set the web access list:

1. Click the Web ACL tab in the Firewal Instances pane.
2.  In the field under IP ACL, enter an IP address in the x.x.x.x format. You can also enter a nameserver address if you set up Dynamic DNS. For more information on DDNS, refer to the section below about Dynamic IP Addresses.
3. Click on the plus icon to add the IP address. 
4. Add all the needed IPs one by one.
5. To temporarily disable a specific IP, toggle the button next to the IP address. To delete an IP, click on the delete icon.
6. Click Save Changes.

NOTE

In the examples below, we use random IP addresses from a public database.

SIP ACL

SIP ACL whitelists specific IP addresses for SIP registration and calls. 

To set the SIP access list:

1. Click the SIP ACL tab in the Firewall Instances pane.
2.  In the field under IP ACL, enter an IP address in the x.x.x.x format. You can also enter a nameserver address if you set up Dynamic DNS. For more information on DDNS, refer to the section below describing a solution for Dynamic IP Addresses.
3. Click on the plus icon to add the IP address. 
4. Add all the needed IPs one by one.
5. To temporarily disable a specific IP, toggle the button next to the IP address. To delete an IP, click on the delete icon.
6. Click Save Changes.

Click2Call ACL

On the Click2Call ACL tab, you set IP-based restrictions for Click2Call. 

To set the Click2Call access list:

1. Click the Click2Call ACL tab in the Firewall Settings pane.
2.  In the field under Click2Call ACL, enter an IP address in the x.x.x.x format. You can also enter a nameserver address if you set up Dynamic DNS. For more information on DDNS, refer to the section below describing a solution for Dynamic IP Addresses.
3. Click on the plus icon to add the IP address. 
4. Add all the needed IPs one by one.
5. To delete an IP, click on the delete icon.
6. Click Save Changes.

Solution for Dynamic IP Addresses

You can effectively whitelist IP addresses for static IPs only. It is often a case that your Internet Service Provider gives you a dynamic IP address. It keeps changing over and over again, so you can get rejected. The Dynamic Domain Name Service (DDNS) would be a solution for you in such a case. You can register a hostname with one of the free DDNS providers (for example, no-ip). Once registered, you obtain a fixed nameserver address. 

You can set up ACL for a nameserver address in the same way. Type the address (a fully qualified domain name) in the field under IP ACL and click on the plus icon. After you click SAVE CHANGES, the address appears in the access list.

NOTE

Adding a nameserver address works for all the ACL options.

Geo ACL

Geo ACL allows any IP from countries that you can choose for both web and SIP access. When accessing your resources, the users will still need to provide their credentials.

NOTE

Please submit a support request if you wish to enable Geo ACL. We recommend country whitelisting as an additional measure to the web or SIP ACL.

To whitelist IPs for countries:

1. Enter the Web ACL or SIP ACL tab.
2. Click in the field under Geo ACL to expand a list of countries.
3. Start typing to move to a specific country, or scroll down.
4. Select the checkbox next to the country name. Click CLEAR to clear your selection. 
5. To temporarily disable a specific country, toggle the button next to the country name. To delete a state, click in the field showing the number of countries selected, find the country name, and uncheck it.
6. Click Save Changes.

IMPORTANT

You can select up to 10 countries.