Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Customizing VCS Starter Pack against SIP scanners

Unanswered Question
Oct 29th, 2013
User Badges:

Hello Everyone!

I need consultation about configuration VCS Starter Pack that will help against SIP scanners..

Looks what we have:  VCS with public IP, 4 SX20 also with Publick IP in different cities(If it needed we could hide them behind NAT) and some codecs that already registered on VCS but new configuration should not touch it( is it possible makes apply different configuration between different endpoints?)

These 4 codecs constantly are under attacks of SIP scanners. So we should registrate them to VCS ( could we do it properly if we hide them behind NAT?).

Please help me with configuration of VCS Starter Pack that reduce this threat.

Thanks for advance

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Martin Koch Wed, 10/30/2013 - 07:42
User Badges:
  • Red, 2250 points or more

They will work fine behind NAT and the ringing shall stop, that might be the easiest.

If you do not need access for management purposes or have the need to dial the system

ips directly this might be the easiest way.

You can also use a firewall an block first of all sip udp and then possibly

sip-tcp and tls and have that only open from/to the vcs.

The other option could be to disable the sip listening port on the endpoint and use sip outbound.

Not 100% sure if this works fine with a single vcs-e-sp, but I would picture so.

Its more an endpoint thing you are facing rather then something you can fix on the VCS / core.

On the VCS I would check that SIP-UDP is disabled, most scans by today are udp and it might

flood your call logs.

Please remember to rate helpful responses and identify helpful or correct answers.


This Discussion

Related Content