Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations wOOdy-Soft on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Public IP / Firewall / Best Practices 1

Status
Not open for further replies.
maxse

maxse

Technical User
Dec 2, 2011
272
US
Is it generally a best practice to assign a public facing IP to the WAN port?

We're struggling with SIP through a firewall and will most likely place a public IP on the WAN port. This also seems like it will be convenient for remote phones (R9 9608 Off-Site).

What are some best practices in this case to prevent against hacking and toll fraud? Does the built-in firewall by default prevent most attacks?
 
Sort by date Sort by votes
Don't do this, you will be hacked within a week, get the firewall sorted instead. They will literally rack up a bill for thousands before you realise they've done it :)

 
Upvote 0 Downvote
For just trying it then I say yes but you will be hacked very soon.
You will need a firewall in between.

BAZINGA!

I'm not insane, my mother had me tested!

 
Upvote 0 Downvote
Do not give the IPO a public IP Address
if you must port forward (for using remote extns or one x mobility) then ensure you only forward the ports req, that you have auto create set/user disabled & that you have set complex passwords for the Entn log in accounts.
Cange all IPO Default passwords

If possible connect via a session border controller.

Actively monitor the IPO & Firewall for any suspicious activity

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
Upvote 0 Downvote
That's right HAS take the easy option ;-)
anything for a star

A Maintenance contract is essential, not a Luxury.
Do things on the cheap & it will cost you dear
 
Upvote 0 Downvote
According to Broadvox, twinning will not work unless the IPO has a public IP address. If Broadvox sees a private IP address, the call will not connect. If it does connect, there is no audio. How do you get the IPO to show its coming from a public IP?
 
Upvote 0 Downvote
Broadvox should supply an SBC in their connections to counter such limitations, as they're appearing to cheap to do so a STUN server should be used, BTW you should start a new thread for this really :)

 
Upvote 0 Downvote
Thank you amriddle01. Yes I know I should of started a new thread, but thought this related to maxse first post and others could get something from this. Yes they are to cheap to supply one. SBC or STUN is the only way to go about this?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

newbietechman
  • Question
IP Office 2
Replies
7
Views
214
TouchToneTommy
TouchToneTommy
I
  • Locked
  • Question
Server Edition Select Deployment Best Practices 4
Replies
4
Views
271
BFG9K
BFG9K
D
  • Locked
  • Question
IP DECT R4 Issues
Replies
0
Views
191
DeathfromAvaya
D
gberger
  • Question
IP Office user buttons export 4
Replies
2
Views
353
gberger
gberger
L
  • Locked
  • Question
analogue trunk problem ip office
Replies
4
Views
453
LuigiEspo
L

Part and Inventory Search

Sponsor

Back
Top