P a g e | 8
SECURITY FOR SIP ACCOUNTS AND CALLS
Protocols and Ports
By default, after a factory reset, all the accounts are active. Knowing the default local SIP port (Account1:
5060; Account2 : 5062 … ) users can make direct IP call even if the accounts are not registered to any PBX.
Therefore, it is recommended to disable the unused ports. Under Web GUI → Accounts → Account X →
General Settings → Account Active: “No”
➢ Users can also disable Direct IP calls on all ports under Settings
→ Call Features: Set “Disable
Direct IP Call:” to “Yes”
• SIP transport protocol:
The GRP supports SIP transport protocol “UDP” “TCP” and “TLS”. By default, it’s set to “UDP”. It’s
recommended to use “TLS” so the SIP signaling is encrypted. SIP transport protocol can be configured
per Account under web UI → Accounts
→ Account X → SIP Settings → Basic Settings. When “TLS”
is used, we recommend using “sips” instead of “sip” for SIP URI scheme to ensure the entire SIP
transaction is secured instead of “best-effort”.
Figure 6 : Configure TLS as SIP Transport
SIP TLS certificate, private key and password can be configured under Maintenance → Security Settings
→ Security page:
Figure 7 : SIP TLS Settings
To Next Page
Loading...
Need help?
General
