[asterisk-users] Is there a need to secure RTP ports?
Johan Wilfer
lists at jttech.se
Fri Jan 25 06:31:13 CST 2013
2013-01-23 18:20, Sebastian Arcus skrev:
> I have an Asterisk server with one SIP trunk to a SIP provider. As my
> server registers with the SIP provider, I don't have any SIP ports open
> at my end to the Internet. However, I have the RTP ports open (as SIP
> has some trouble with my NAT).
You could try iptables with ip_conntrack_sip ip_nat_sip.
If they are loaded and you accept calls from your sip provider on port
5060 iptables inspects the sip/sdp and traffic from the endpoints are
considered RELATED.
I've some research/testing to do myself on this topic (it's on my always
growing todo-list of doom.. :-)
Maybe you should check it out?
--
Johan Wilfer
More information about the asterisk-users
mailing list