I have a question about setting up a sip rule for a customer of mine. Their phones wouldn't work with the sip module loaded or unloaded. So I started troubleshooting and reading the forums.
The have Yealink Phones using Skytel Global.
So I added this rule and wanted to see if I just completely opened up the firewall to attack? I set the source port to 1:65535 route to a destination port of 5060 for both TCP and UDP.
This is what it looks like:
Things started working when I added this but just wanted to make sure it wasn't a hole. I assume since there is no forwarder into a particular server then it would only be initiated from a phone talking out to the sip server and back in?
Finally the phones seem to be working but I read in another post that at the bottom of this rule I should check off rewrite source address. Is that necessary? They have 5 static ips but they are all using the first useable ip for now.
Thanks, Joey
This thread was automatically locked due to age.
