Knowledgebase
Blocking Port 5060 from Internet Except for One Incoming IP Address
Posted by on 20 January 2012 05:10 PM

Question:

I have the following Firewall rule set up for another of my clients to allow SIP 5060 from 125.213.160.81 (MyNetFone VoIP server) only. As it is inverted, 5060 to “Any” should be Blocked.

/Firewall/firewall_64.JPG

However the NAT Active sessions table still shows the hacker attacks. I would assume that the above rule is not working. Can you please tell me what I have done wrong?

/Firewall/firewall_65.JPG



Solution:

From NAT Active sessions table  we get "95.211.109.136   5074   wan1"
It's mean "TCP/UDP,Port from 5060 to any" cannot block   95.211.109.136 5074.
Change to Firewall / edit filter set / edit filter rule / filter set 2 rule 2/ service type/    TCP/UDP ,Port from any to 5060 (your original rule is from 5060 to any).

(4 vote(s))
Helpful
Not helpful

Comments (0)