Tuesday , March 19 2024
Home - 3CX - Rescue 3CX Bad IP Whitelist for Management Console Access

Rescue 3CX Bad IP Whitelist for Management Console Access

Had to rescue a 3CX management console where the Whitelist IP address had changed and kept getting access denied with good credentials.  The following process gave temporary access to change the Whitelist/Restricted IP address.

Caveats:

  • 3CX hosted in Azure
  • 3CX running Linux
  • Didn’t know the Root password

Steps:

  1. Using Azure portal create a new root account using “Support + troubleshooting – Reset password” – This creates a new user in Linux with Root privileges. i.e. “3cxrescue”
  2. Using “Networking” create a new rule to allow SSH (TCP – Port 22) from your IP Address
  3. Perform a test connection using “ssh 3cxrescue@[your 3cx instance IP Address in Azure]” – enter password you just created.  If ok then continue…. or troubleshoot why you can not do a simple SSH
  4. Using the following command create a SSH tunnel from a local port on your client machine to loopback to the 3CX instance.  3CX will allow local private addressing for access even if you have limited the console access before.  The command is:
    1. ssh -L 5000:[127.0.0.1]:443 3cxrescue@[your 3cx instance IP Address in Azure]
    2. enter your password
    3. ssh session will remain open
    4. Note: this opens port 5000 on your local client listening for https web requests.
  5. On you client machine now connect using a web browser to http://localhost:5000
  6. Enter you existing 3CX admin details
  7. Navigate to “Security – Console Restrictions” and change the IP address as required.
  8. IMPORTANT:  Check you can access management console as normal with public IP address.
  9. MUST – YOU MUST: Remove the Rule in Azure to allow SSH Connects to your Azure host.

btw:  If you have lost the 3CX admin details:

  1. Stop 3CX VM in Azure
  2. Download the VHD from Azure.
  3. Mount the VHD – ignore prompt about format not being read by windows
  4. In a PowerShell session “wmic diskdrive list brief” – noting new “\\.\PHYSICALDRIVEx       Microsoft Virtual Disk” (x number to be changed as required)
  5. Using WSL V2 enter the following command “wsl –mount \\.\PHYSICALDRIVEx –partition 1”  (x number to be changed as required)
  6. Enter WSL and you will have access to your 3CX backup file in: “/mnt/wsl/PHYSICALDRIVExp1/var/lib/3cxpbx/Instance1/Data/Backups$”

Leave a Reply

Your email address will not be published. Required fields are marked *