[VoiceOps] Preventing random SIP connections to handsets
Robert Johnson
robert.j at bendtel.com
Fri Nov 20 15:35:23 EST 2015
On 11/20/2015 12:14 PM, Carlos Alvarez wrote:
> We're starting to see customers who get random arbitrary ringing caused by
> a random connection attempt from the internet. Most of our customers have
> Cisco routers with full-cone NAT, so it's easy to do that. We don't
> reinvite handsets, we proxy the media, so we've considered using restricted
> NAT instead. If we can figure out how, we can't find any documentation on
> how to do it, and don't have a response to our Cisco TAC case on it yet.
>
> But I figured I'd ask if others have come up with better solutions. I know
> there are a few authentication options in the phones themselves, but they
> seem to vary greatly by vendor and even by model. I like to do things as
> simply and system-wide as possible. We primarily sell Grandstream, and we
> support Cisco/Linksys SPA as well as Polycom IP series (not VVX).
>
> We're an Asterisk-based hosted service provider.
>
>
>
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops
>
This may be dependent upon the Cisco router in question, but when we
deploy routers we always set the ACL to only allow SIP communications
from our SBC. - When customers provide their own, we recommend the same
settings.
--
Robert Johnson
BendTel, Inc.
(541)389-4020
Central Oregon's Own Telephone and Internet Service Provider
http://bendtel.com/about/
More information about the VoiceOps
mailing list