Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Port 5060 block on MBG other than the service provider 1
- Thread starter tech1302
- Start date
are you saying that you want to drop all traffic other than service providers or just 5060 ?
you can use a white list to only allow external connections from their Ip on later versions of MBG
If I never did anything I'd never done before , I'd never do anything.....
you can use a white list to only allow external connections from their Ip on later versions of MBG
If I never did anything I'd never done before , I'd never do anything.....
- Thread starter
- #3
yep
are they mobile or can you allow their location in teh white list
ive started doing black white deny as default mbg with pub ip setting and importing country based cidr lists to limit dodgy sip sniffers from bad countries
If I never did anything I'd never done before , I'd never do anything.....
are they mobile or can you allow their location in teh white list
ive started doing black white deny as default mbg with pub ip setting and importing country based cidr lists to limit dodgy sip sniffers from bad countries
If I never did anything I'd never done before , I'd never do anything.....
- Thread starter
- #5
on MBg under system config IP blocking
from memory the MBg has to be at least version 10
if you have a text file containing the following
202.100.100.0/24
### Mitel Deployment and AMC
85.214.114.203/32
216.191.234.91/32
and set it to the white list entry
then set the rule to black /White/Deny
then all other connections would be dropped unless they came from a public ip within the allowed subnets and or addresses
NOTE: I normally allow mitel amc and deployment addresses to make sure that SYNC and Micollab deployment isnt affected
If I never did anything I'd never done before , I'd never do anything.....
from memory the MBg has to be at least version 10
if you have a text file containing the following
202.100.100.0/24
### Mitel Deployment and AMC
85.214.114.203/32
216.191.234.91/32
and set it to the white list entry
then set the rule to black /White/Deny
then all other connections would be dropped unless they came from a public ip within the allowed subnets and or addresses
NOTE: I normally allow mitel amc and deployment addresses to make sure that SYNC and Micollab deployment isnt affected
If I never did anything I'd never done before , I'd never do anything.....
- Thread starter
- #7
-
1
- #8
thats an example of a network that would be allowed to connect to the public address of the MBG
- basically add all the addresses that you want to be able to connect to the white list
you can download cidr country lists from the internet but they are not 100% accurate so you might have to adjust of you want to block by country
If I never did anything I'd never done before , I'd never do anything.....
- basically add all the addresses that you want to be able to connect to the white list
you can download cidr country lists from the internet but they are not 100% accurate so you might have to adjust of you want to block by country
If I never did anything I'd never done before , I'd never do anything.....
- Thread starter
- #9
![[thumbsup2]](/data/assets/smilies/thumbsup2.gif "[thumbsup2] [thumbsup2]")
- Status
Similar threads
