access elastix and ari outside network

Joined
May 5, 2008
Messages
100
Points
0
Im still trying my hardest to get access to elastix and ari from outside our enterprise network but still am not having any luck.

Right now the SSL port 443 and web 80 are on exchange
 
Joined
Dec 3, 2007
Messages
8,069
Points
88
Good morning.

Do you have a router?
If yes, you must doing redirect 2 ports TCP:
[*]80 http[*]443 https

These 2 ports are redirected to IP addresse Elastix server.
 
Joined
May 5, 2008
Messages
100
Points
0
NO we can't... i explained in my original post that exchange OWA uses those ports on the router and under no circumstances can we change that. I need a different way to get to elastix.
 
Joined
Apr 18, 2007
Messages
249
Points
0
You can change the ports for http and https for your Elastix Server.

Example:

1) for http
# vi /etc/httpd/conf/httpd.conf

find this in the httpd.conf "Listen 0.0.0.0:80" and change it like this "Listen 0.0.0.0:12XXX"

2) for https
# vi /etc/httpd/conf.d/ssl.conf

find this in the ssl.conf "Listen 443" and change it like this "Listen 12XXX"

and "<VirtualHost _default_:443>" and change it like this "<VirtualHost _default_:12XXX>"
 
Joined
Oct 5, 2008
Messages
38
Points
0
After following saleh's steps make sure you run:
service httpd restart

After you made your changes
 
Joined
Dec 3, 2007
Messages
8,069
Points
88
reynolwi said:
NO we can't... i explained in my original post that exchange OWA uses those ports on the router and under no circumstances can we change that. I need a different way to get to elastix.
I didn't see this line!

Why do not redirect another port :

http://public_address:8080/ ---> @IP at Elastix server:80

Exemple:
210.2.55.10 (public)
192.168.1.100 (Elastix)
http://210.2.55.10:8080 forwarded to 192.168.1.100:80
 
Joined
Dec 3, 2007
Messages
8,069
Points
88
saleh said:
You can change the ports for http and https for your Elastix Server.

Example:

1) for http
# vi /etc/httpd/conf/httpd.conf

find this in the httpd.conf "Listen 0.0.0.0:80" and change it like this "Listen 0.0.0.0:12XXX"

2) for https
# vi /etc/httpd/conf.d/ssl.conf

find this in the ssl.conf "Listen 443" and change it like this "Listen 12XXX"

and "<VirtualHost _default_:443>" and change it like this "<VirtualHost _default_:12XXX>"
In this case, into the LAN, no one can doing connect by the port 80!
Not cool.
 
Joined
May 5, 2008
Messages
100
Points
0
I have tried port forwarding on the router side but it fails. I changed the ports like what saleh said but now the FOP panel will not load and im guessing its because its still looking for asterisk on ports 80 and 443. how do i change fop so it looks at the new ports? im going to set a link on our intranet and website for users so they can get to ARI outside so if i have to have a port number show thats fine with me.
 
Joined
Apr 18, 2007
Messages
249
Points
0
The default port of the FOP Panel is 4445

Change line ";listen_port=4445" to "listen_port=12XXX" in file "/var/www/html/panel/op_server.cfg"

OR forward the default port of the FOP Panel to your Elastix Server
 
Joined
Apr 18, 2007
Messages
249
Points
0
Dear danardf,

Apache can listen to two ports (like 80 for LAN and 8080 for WAN)
 
Joined
Dec 3, 2007
Messages
8,069
Points
88
I'm ok with you, but for usuals connections it's 80.
Simply for no change the usual.
 
Joined
May 5, 2008
Messages
100
Points
0
Maybe im not understanding or you guys arent understanding. When you go to the flash operator panel in elastix, freepbx, or even thru the web doing https://servername/panel you get the error cannot display this webpage. It can not access FOP anymore because i changed the SSL server port. How do i get FOP running again or am i stuck with no outside access to elastix? If apache can listen to two ports how do i set SSL to function on port 443 within the enterprise and some different port for outside access?
 
Joined
May 5, 2008
Messages
100
Points
0
ohh and FOP doesnt work in the enterprise or out. It doesnt show up period.
 
Joined
Apr 18, 2007
Messages
249
Points
0
I think the easy way is only changing the apache to listen in tow http ports (not changing the ssl port) and disable the "RewriteEngine" option in the httpd.conf

"RewriteEngine" = "redirect the http traffic to https traffic"

To DO THIS:

# vi /etc/httpd/conf/httpd.conf

search this "RewriteEngine On" in the config file and disable it.

vor changes

RewriteEngine On

after changes

RewriteEngine off

Then: change apache to listen in tow http ports

# vi /etc/httpd/conf/httpd.conf

vor changes
Listen 0.0.0.0:80

after changes
Listen 0.0.0.0:80
Listen 0.0.0.0:8080

Then: After you made your changes

# service httpd restart
 
Joined
Nov 21, 2007
Messages
13
Points
0
I don't know if this well help you but I am giving it as an example of what I am currently doing.

my ports are also taken up by an active server so to access my internal network from outside I use Putty and Firefox

I Installed putty to c:\ of my laptop
you will need port 22 open on one of your systems


go to start --> run

C:\putty.exe public_address -D 8080
Log into your putty session and leave it open but minimized to the start bar

Then open Firefox and in the connection settings.

Select Manual proxy configuration

add this to
SOCKS Host: localhost
Port: 8080

now save and restart Firefox

Firefox will use the open putty session to tunnel into your network

from there you use your networks local IPs (192.168.. or 10.0..) in Firefox to get around just like if you where there in person.

This setup only takes 30 secs and after you are done just set Firefox back to No proxy
and that's it.

The connection has the added benefit of tunneling through a secure port and you do not need to change anything on Elastix or any other server.
 

Members online

No members online now.

Latest posts

Forum statistics

Threads
30,987
Messages
131,100
Members
17,716
Latest member
Orbit114
Top