Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Customizing VCS Starter Pack against SIP scanners

Hello Everyone!

I need consultation about configuration VCS Starter Pack that will help against SIP scanners..

Looks what we have:  VCS with public IP, 4 SX20 also with Publick IP in different cities(If it needed we could hide them behind NAT) and some codecs that already registered on VCS but new configuration should not touch it( is it possible makes apply different configuration between different endpoints?)

These 4 codecs constantly are under attacks of SIP scanners. So we should registrate them to VCS ( could we do it properly if we hide them behind NAT?).

Please help me with configuration of VCS Starter Pack that reduce this threat.

Thanks for advance

Everyone's tags (3)

Customizing VCS Starter Pack against SIP scanners

They will work fine behind NAT and the ringing shall stop, that might be the easiest.

If you do not need access for management purposes or have the need to dial the system

ips directly this might be the easiest way.

You can also use a firewall an block first of all sip udp and then possibly

sip-tcp and tls and have that only open from/to the vcs.

The other option could be to disable the sip listening port on the endpoint and use sip outbound.

Not 100% sure if this works fine with a single vcs-e-sp, but I would picture so.

Its more an endpoint thing you are facing rather then something you can fix on the VCS / core.

On the VCS I would check that SIP-UDP is disabled, most scans by today are udp and it might

flood your call logs.

Please remember to rate helpful responses and identify helpful or correct answers.

Please remember to rate helpful responses and identify

CreatePlease to create content