Cisoc SRP541w - Stopping incoming tpc 5060 traffic from authorized source

Hi there,

I have an issue here with a Cisco SRP541, i know this is vendor specific but i'm taking my chances, maybe someone dealt with it before.

I have port forwarding sending traffic on tcp 5060 to my internal digital pbx. I'm getting bombarded with tons of   unauthorized sip registration attempts, I created a rule to deny all access from that source IP and IP subnet but still the registrations go through. Is it that port forwarding takes precedence over Firewall rules?  I can't specify a source in port forwarding so how do I stop it?
LVL 7
jorge diazSEAsked:
Who is Participating?
 
PhonebuffCommented:
Two things --

   * The rule needs to be for UDP or BOTH traffic, sounds like you defaulted to TCP traffic --

  * Unless you really need a wide open system the best rule is to white list (permit) the traffic you want (your carrier) and drop everything else.  Otherwise you will be making rules for ever --

  --------------------------------
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.