How do I use Fail2Ban on the UCM6100?Submitted by Admin on Tue, 08/11/2015 - 10:33am
The UCM6100 supports Fail2Ban for authentication errors (SIP REGISTER/INVITE/SUBSCRIBE) to help secure the PBX system. To enable Fail2Ban, please log in the UCM6100 web GUI and go to Settings->Firewall->Fail2ban page. Make sure you have enabled both "Enable Fail2Ban" under Global Settings and "Asterisk Service" under Local Settings first. Then fill out the following parameters in the web page to have Fail2Ban work as desired on the UCM6100. Global Settings: - Banned Duration: Configure the duration (in seconds) for the detected host to be banned. The default setting is 300. If set to -1, the host will be always banned. - Max Retry Duration: Within this duration (in seconds), if a host exceeds the max times of retry as defined in "MaxRetry", the host will be banned. - MaxRetry: Configure the number of authentication failures during "Max Retry Duration" before the host is banned. - Fail2Ban Whitelist: Add host address in the whitelist. It could be IP address, CIDR mask or DNS host. Fail2Ban will not ban the host with matching address in this list. Up to 5 addresses can be added into the whitelist. Local Settings: - Port: 5060 only. - MaxRetry: Configure the number of SIP authentication failures during "Max Retry Duration" before the host is banned. Please make sure this option is properly configured as it will override the "MaxRetry" value under "Global Settings".