Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Voice Networking using Static IP
- Thread starter DeepMike
- Start date
Get ready for a really big phone bill. An IPO direct to the internet will be a prime target for hacking. A VPN between sites will save them money in the long term.
Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
Dermis and feline can be divorced by manifold methods.*
*(Disclaimer for all advise given)--'Version Dependent'
You can do it with avoiding any hacking by locking down the PBX to respond only to the IP addresses you permit.
Here is how to do it:
Under IP ROUTE - where you program the gateway, you have 3 fields.
The first field IP ADDRESS - is normally 0.0.0.0 - you should lock it down to the ip address at the remote site i.e. 58.54.65.5
The second field is IP MASK - you can put either 255.255.255.252 or better yet 255.255.255.255
The last field is your local public IP address of the GATEWAY IP ADDRESS of the location where the phone system is.
Here is how to do it:
Under IP ROUTE - where you program the gateway, you have 3 fields.
The first field IP ADDRESS - is normally 0.0.0.0 - you should lock it down to the ip address at the remote site i.e. 58.54.65.5
The second field is IP MASK - you can put either 255.255.255.252 or better yet 255.255.255.255
The last field is your local public IP address of the GATEWAY IP ADDRESS of the location where the phone system is.
@ctvi
This can only work, if the default route 0.0.0.0 isn’t needed for anything else.
IP Office remote service
IP Office certificate check
CLI based call blocking
SCN fallback over PSTN
This can only work, if the default route 0.0.0.0 isn’t needed for anything else.
IP Office remote service
IP Office certificate check
CLI based call blocking
SCN fallback over PSTN
Note that the programming above with cause the phone system to not respond to any packets sent. A real sophisticated hacker of a extremely high level (I am not sure that exists) will be able to send packets to the phone system with no need for response. I doubt the hacker can do anything anyway since in addition to sending these packets without a reply, the hacker will need the username and password.
A WORD OF ADDED CAUTION: Make sure to log into security and change all the default username and passwords and disable the users you don't need.
A WORD OF ADDED CAUTION: Make sure to log into security and change all the default username and passwords and disable the users you don't need.
All you need to know about IP Office security
Butbyrd. I stand by my suggestion. You can basically lock down the IP Office that it only responds to IPs that you permit without a firewall or anything since it will not respond. Of course, you need to remove the 0.0.0.0 and only have IP addresses you permit.
- Status
Similar threads
