[Serusers] Voip and Firewalls
Klaus Darilion
klaus.mailinglists at pernau.at
Tue Sep 13 10:53:25 CEST 2005
harry gaillac wrote:
> Hello,
>
> I use a media proxy so 5060 is opened for signalling
> (incoming/outgoing)
>
> for outgoing media I open ports according to media
> proxy.
>
> However which port range can i open 1024 to 65535 for
> incoming calls
I would do so
klaus
>
> Harry
> --- Klaus Darilion <klaus.mailinglists at pernau.at> a
> écrit :
>
>
>>That depends on the software you will use. Usually
>>ser listens and sends
>>on port 5060. Many SIP clients use dynamic ports for
>>SIP and for RTP.
>>
>>Thus, for a SIP proxy allow:
>> incoming: *:* -> ser.ip.address:5060
>> outgoing: ser.ip.address:5060 -> *:*
>>
>>If oyu use mediaproxy/rtpproxy, you have allow
>>traffic from/to the ports
>>used by the rtpproxy.
>>
>>Also make sure to allow DNS, and
>>radius/mysql/postgres if needed.
>>
>>klaus
>>
>>harry gaillac wrote:
>>
>>>Hello,
>>>
>>>What are the policies to apply in order to secure
>>
>>a
>>
>>>network with Voip context?
>>>
>>>Which ports must be openned for signalling and
>>
>>which
>>
>>>ports must be openned for rtp traffic
>>>incoming/outgoing ?
>>>
>>>Regards
>>>Harry
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>
> ___________________________________________________________________________
>
>>>Appel audio GRATUIT partout dans le monde avec le
>>
>>nouveau Yahoo! Messenger
>>
>>>Téléchargez cette version sur
>>
>>http://fr.messenger.yahoo.com
>>
>>>_______________________________________________
>>>Serusers mailing list
>>>serusers at lists.iptel.org
>>>http://lists.iptel.org/mailman/listinfo/serusers
>>>
>>>
>>
>>
>
>
>
>
>
>
>
> ___________________________________________________________________________
> Appel audio GRATUIT partout dans le monde avec le nouveau Yahoo! Messenger
> Téléchargez cette version sur http://fr.messenger.yahoo.com
>
>
More information about the sr-users
mailing list