[asterisk-users] Asterisk & Pix firewalls

shadowym shadowym at hotmail.com
Wed Apr 25 09:20:46 MST 2007

Again, is the 10000-20000 not an urban myth?  Someone correct me if I'm

I run about 10 external extensions and limit the ports to 10000-10025.  I
just can't see why you would need to open 10000 ports to the outside world
unless your going to have 10000 simultaneous conversations. 

-----Original Message-----
From: Tzafrir Cohen [mailto:tzafrir.cohen at xorcom.com] 
Sent: Tuesday, April 24, 2007 9:32 PM
To: asterisk-users at lists.digium.com
Subject: Re: [asterisk-users] Asterisk & Pix firewalls

On Tue, Apr 24, 2007 at 11:04:53PM -0400, Lee Jenkins wrote:
> Noah Miller wrote:

> >SIP:
> >TCP and UDP port 5060 (signalling) - can be changed in sip.conf UDP 
> >ports 10000-20000 (RTP stream) - can be changed in rtp.conf
> >

Yes. See rtp.conf (at least on your side).

Also, if the firewall understands SIP, it may be smart enough to open the
ports for the relevant RTP ports upon the beginning of a SIP session. So
consider trying not to open any port for RTP.

               Tzafrir Cohen       
icq#16849755                    jabber:tzafrir at jabber.org
+972-50-7952406           mailto:tzafrir.cohen at xorcom.com       
http://www.xorcom.com  iax:guest at local.xorcom.com/tzafrir

More information about the asterisk-users mailing list