Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 208
  • Last Modified:

Cisoc SRP541w - Stopping incoming tpc 5060 traffic from authorized source

Hi there,

I have an issue here with a Cisco SRP541, i know this is vendor specific but i'm taking my chances, maybe someone dealt with it before.

I have port forwarding sending traffic on tcp 5060 to my internal digital pbx. I'm getting bombarded with tons of   unauthorized sip registration attempts, I created a rule to deny all access from that source IP and IP subnet but still the registrations go through. Is it that port forwarding takes precedence over Firewall rules?  I can't specify a source in port forwarding so how do I stop it?
0
jorge diaz
Asked:
jorge diaz
1 Solution
 
PhonebuffCommented:
Two things --

   * The rule needs to be for UDP or BOTH traffic, sounds like you defaulted to TCP traffic --

  * Unless you really need a wide open system the best rule is to white list (permit) the traffic you want (your carrier) and drop everything else.  Otherwise you will be making rules for ever --

  --------------------------------
0

Featured Post

Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  

Tackle projects and never again get stuck behind a technical roadblock.
Join Now