Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

RTP permission and related attacks/threats

HI Guys,

I have to permit RTP traffic from internal network to other organizations (under different management) on gateway devices (routers, switches). I am curious to know if there are known attacks/threats when upd range 16384-32767 is permited. RTP source/destination can be desk phone or PC with softphone. If yes then can we configure gateway routers/switches to protect from these attacks.

We have cisco 7200, 6500, 3550, 3560, 3750 switches as gateway devices.

One more quick question are there only two ways (NBAR and ACL with udp range) on routers/switches to identify/match RTP traffic? I know Firewalls provide feature like inspect, AGL etc to dynamically identify RTP ports by inspecting control traffic.

Your input will be highly appreciated


  • Firewalling

RTP permission and related attacks/threats


On a router you do it with NBAR or ACL's (Of course the more scalable is the Protocol matching).

Now, regarding security there are a lot of information available on the internated related to hacking an RTP session.

You have some homework to do

My recommendation:

Read chapter 4 I think of the Hacking VoIP book

For more information about Core and Security Networking follow my website at

Any question contact me at


Julio Carvajal Segura

Looking for some Networking Assistance? Contact me directly at I will fix your problem ASAP. Cheers, Julio Carvajal Segura