Network Ports Settings
The Ports page allows you to control which networking resources the system will utilize when communicating with the outside IP world. When specifying ports, list the ports that you may bind to, either specifying a port number or explicitly specifying the IP address and the port, separated by a colon (e.g.,
192.168.1.2:8080). If you are binding to IPv6 addresses, you must put a square bracket around the IP address (e.g.,
[2001:db8::4]:5060). If you are only specifying the port number, the system will bind to all IPv4 and IPv6 addresses on the system. If you want to bind only to IPv4 sockets, use the form
0.0.0.0:5060. If you want to bind only to IPv6 sockets, you can use
[::]:5060. In general, you may bind to more than one socket; just separate the addresses by spaces. If you do not want to use the service, leave the field empty. If you change a port binding, you will need to restart the Vodia PBX service. We support the default SIP port.
These settings are located within Admin > Settings > Ports. The HTTP and HTTPS ports are used to communicate between the built-in web server and the web browser (the Vodia PBX does not rely on IIS or Apache for its web interface). The HTTP port is used for insecure, but lightweight, communication. The HTTPS port is used for secure, but a bit more expensive, communication. If you cannot reach the system on any port, change the
ip_ https_port parameters in the global configuration file (the defaults are shown below). If you are running another service on your host or if you want to gain some additional security, you may change these ports to any other available port. The system will fail to start if it cannot bind to the port.
|HTTP Port||The list of ports that the PBX shall set up for insecure web communications (seperated by space). The default HTTP port is 80.|
|HTTPS Port||The list of ports that the PBX shall set up for secure web communications (seperated by space). The default HTTPS port is 443.|
|Maximum number of HTTP connections per second||The PBX limits the number of connections that it accepts per second. This ensures that the PBX does not get flooded with too many HTTP or HTTPS requests, which might consume too much CPU and memory resources for a stable PBX operations. This setting controls how many of those connected are accepted per second.|
|Maximum number of HTTP connections (total)||Similar to the previous setting, the PBX also limits the absolute number of HTTP connections that is may keep open at a time. Again, this is to make sure that the PBX does not run out of resources.|
|Redirect to HTTPS||In order to make sure that users only log in using the secure HTTPS protocol, the PBX may ask the browser to switch to the secure protocol. This works only if there is at least one HTTP socket available and accessible to the browser. You should also have a custom certificate loaded into you system, so that the browser can trust the connection. By default this setting is off. This setting is available after 5.4.2.|
The Simple Network Monitoring Protocol (SNMP) is used to poll the system for information. The PBX supports only version 1 of the SNMP protocol based on UDP. The following settings are available:
|SNMP Port||The SNMP port setting defines the ports on which the system will listen for SNMP requests. The list must be separated by space and may include the IP address that the socket will be bound to. By default, the port is 161.|
|SNMP Trusted Addresses||This field lists the IP addresses that may send SNMP requests. The list is separated by space. If this setting is empty, the system will not accept any SNMP requests. Whenever a request is rejected, the system writes a log message. IPv4 and IPv6 addresses can be mixed. The PBX does not check the port numbers where the request comes from. This field does not support DNS addresses.|
|SNMP Community||An SNMP community is the group to which devices and management stations running SNMP belong. If you would like to change the community, you can do so from the web interface. It does not require a restart of the service. SNMP default communities are private (write) and public (read). The system, by default, is set to "public".|
The available SNMP sensors are available on a seperate page.
The TFTP ports are used for provisioning purposes. Many SIP devices use TFTP for automatic configuration.
|TFTP Port||The TFTP (Trivial File Transfer Protocol) port is on port 69 by default. If your machine has multiple network interface controllers (NICs), you may specify the IP address port to bind only to that port.|
|Allow TFTP Write||Some devices write log files using TFTP, and this can be enabled with this feature; however, this feature makes it possible for users to write files that affect other devices, and this may introduce system instability and security concerns. Per the example above, you can also bind to a private IP address, which will make it more secure.|
When provisioning phones, the PBX must tell the phone where they can get their time from. The PBX includes a simple NTP server that can be used for this purpose; but the PBX can also provision the address of an external server. When using a local NTP server you need to make sure that the local PBX server has the correct time.
|NTP Port||The port for the internal NTP server. By default, NTP uses port 123. If the setting is empty, the PBX will not open a NTP port and provision the address of the NTP server.|
|NTP Server||This setting contains the address of an external NTP server that should be provisioned. This can be a numeric IP address, but it can also be a DNS address.|
Many VoIP phones use the LDAP protocol to access the PBX address book. The PBX has a built-in LDAP server. The PBX will automatically provision those phones that use the ldap with the right address for accessing the LDAP server. Because there are many scanners searching for vulnerable Windows server LDAP ports, the default port setting for LDAP is a non-standard port. This is important if you manually set up LDAP.
|LDAP Port (TCP, StartTLS)||The port for the unencrypted LDAP server. As with the HTTP ports, you may specify multiple ports and bind to IPv4 and IPv6 addresses. The PBX supports the StartTLS command for LDAP, so that phones can start using the insecure LDAP and then switch protocols to TLS.|
|LDAP Port (TLS)||Those devices that start with encrypted LDAP right from the beginning can use that port.|