
+1<div><br><br><div class="gmail_quote">On 31 July 2013 08:50, Ken Rice <span dir="ltr">&lt;<a href="mailto:krice@freeswitch.org" target="_blank">krice@freeswitch.org</a>&gt;</span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">


<div>

<font face="Monaco, Courier New"><span style="font-size:11pt">Keep in mind that’s only on firewalls that are sip aware, many are not<div class="im"><br>

<br>

<br>

On 7/31/13 2:09 AM, &quot;Steven Ayre&quot; &lt;<a href="http://steveayre@gmail.com" target="_blank">steveayre@gmail.com</a>&gt; wrote:<br>

<br>

</div></span></font><blockquote><div class="im"><font face="Monaco, Courier New"><span style="font-size:11pt">On a stateful firewall you can also choose to only open the SIP ports. That&#39;ll depend on your SIP profile settings. 5060 at least, and perhaps 5080 too.<br>


<br>

The firewall could look at the SDP, mark the RTP ports as related traffic and automatically open them for you too.<br>

<br>

That can -only- work with normal SIP though - for obvious reasons if you&#39;re using TLS it won&#39;t be able to see the ports being used.<br>

<br>

-Steve<br>

<br>

<br>

<br>

<br>

On 25 July 2013 17:56, Lloyd Aloysius &lt;<a href="http://lloyd.aloysius@sunteltech.ca" target="_blank">lloyd.aloysius@sunteltech.ca</a>&gt; wrote:<br>

</span></font></div><blockquote><div class="im"><span style="font-size:11pt"><font face="Verdana, Helvetica, Arial">SIP TCP/UDP  5060 - 5090  <br>

RTP UDP      16384 - 32768<br>

<font color="#888888"><br>

Lloyd<br>

</font></font></span></div><font face="Verdana, Helvetica, Arial"><font color="#CC6600"><font><span style="font-size:10pt"><b>  &lt;<a href="http://www.sunteltech.ca/blog/" target="_blank">http://www.sunteltech.ca/blog/</a>&gt; <br>


</b></span></font></font></font><div><div class="h5"><font face="Monaco, Courier New"><span style="font-size:11pt"><br>

<br>

On Wed, Jul 24, 2013 at 8:38 PM, Jim Lynch &lt;<a href="http://jim@k4gvo.com" target="_blank">jim@k4gvo.com</a>&gt; wrote:<br>

</span></font><blockquote><font face="Monaco, Courier New"><span style="font-size:11pt">I&#39;m running a simple switch.  No phones are connected to the system from<br>

outside of my local network.  The only wan connections I have are a<br>

couple of voip providers.  None of my phones on the lan call outside of<br>

the lan.  All they talk to is the switch.<br>

<br>

I see a bunch of ports listed at<br>

<a href="http://wiki.freeswitch.org/wiki/Firewall" target="_blank">http://wiki.freeswitch.org/wiki/Firewall</a> but don&#39;t know if I need them<br>

all.  I suspect I don&#39;t.  I want to close up the firewall as much as I can.<br>

<br>

Thanks,<br>

Jim.<br>

<br>

_________________________________________________________________________<br>

Professional FreeSWITCH Consulting Services:<br>

<a href="http://consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>

<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>

<br>

FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>

<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>

<br>

Official FreeSWITCH Sites<br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>

<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>

<br>

FreeSWITCH-users mailing list<br>

<a href="http://FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>

<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>

UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

</span></font></blockquote><font face="Monaco, Courier New"><span style="font-size:11pt"><br>

<br>

_________________________________________________________________________<br>

Professional FreeSWITCH Consulting Services:<br>

<a href="http://consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>

<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>

<br>

FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>

<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>

<br>

Official FreeSWITCH Sites<br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>

<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>

<br>

FreeSWITCH-users mailing list<br>

<a href="http://FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>

<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>

UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

<br>

</span></font></div></div></blockquote><font face="Monaco, Courier New"><span style="font-size:11pt"><br>

<br>

<hr align="CENTER" size="3" width="95%"></span></font><div class="im"><font><font face="Consolas, Courier New, Courier"><span style="font-size:10pt">_________________________________________________________________________<br>


Professional FreeSWITCH Consulting Services:<br>

<a href="http://consulting@freeswitch.org" target="_blank">consulting@freeswitch.org</a><br>

<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>

<br>

FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>

<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>

<br>

Official FreeSWITCH Sites<br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>

<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>

<br>

FreeSWITCH-users mailing list<br>

<a href="http://FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>

<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>

UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

</span></font></font></div></blockquote><span class="HOEnZb"><font color="#888888"><font><font face="Consolas, Courier New, Courier"><span style="font-size:10pt"><br>

</span></font></font><font face="Monaco, Courier New"><span style="font-size:11pt">-- <br>

Ken<br>

<font color="#0000FF"><u><a href="http://www.FreeSWITCH.org" target="_blank">http://www.FreeSWITCH.org</a><br>

<a href="http://www.ClueCon.com" target="_blank">http://www.ClueCon.com</a><br>

<a href="http://www.OSTAG.org" target="_blank">http://www.OSTAG.org</a><br>

</u></font><a href="http://irc.freenode.net" target="_blank">irc.freenode.net</a> #freeswitch<br>

</span></font>

</font></span></div>


<br>_________________________________________________________________________<br>

Professional FreeSWITCH Consulting Services:<br>

<a href="mailto:consulting@freeswitch.org">consulting@freeswitch.org</a><br>

<a href="http://www.freeswitchsolutions.com" target="_blank">http://www.freeswitchsolutions.com</a><br>

<br>

FreeSWITCH-powered IP PBX: The CudaTel Communication Server<br>

<a href="http://www.cudatel.com" target="_blank">http://www.cudatel.com</a><br>

<br>

Official FreeSWITCH Sites<br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

<a href="http://wiki.freeswitch.org" target="_blank">http://wiki.freeswitch.org</a><br>

<a href="http://www.cluecon.com" target="_blank">http://www.cluecon.com</a><br>

<br>

FreeSWITCH-users mailing list<br>

<a href="mailto:FreeSWITCH-users@lists.freeswitch.org">FreeSWITCH-users@lists.freeswitch.org</a><br>

<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>

UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>

<a href="http://www.freeswitch.org" target="_blank">http://www.freeswitch.org</a><br>

<br></blockquote></div><br></div>