Yealink Forums

Yealink Forums > IP Phone Series > Configuration > how to reject INVITE from unknown sources
Full Version: how to reject INVITE from unknown sources
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

sergeysi

10-07-2013, 08:44 PM
Is there a way to configure an IP-phone to reject INVITE messages from unknown sources and/or accept them only from servers at which a telephone is registered?

Here is an example of problem. We have a couple of phones with "white" external IP addresses. Script-kiddies find open 5060 UDP port and send INVITE messages, telephone rings. This is very annoying. We currently don't have possibility to put router/firewall before IP-phones. Is there a way to block INVITE messages which do not come from SIP-proxy?

I think it works on all phones but I tried to simulate it on T20P and T22P.

phlobot

11-05-2013, 10:36 PM
I would be very interested in seeing a quick and dirty way of doing this, although it would be easy to lose control of the phone if you lose the IP. A domain based list would also be good.

Yealink Support

11-11-2013, 05:22 PM
Hi all,
Do you mean you just want the phone to accept the message only from PBX?
If you are using our latest T2X V71 firmware or V70 firmware, please use below auto provisioning parameter to enable this feature.
--------------------------
#!version:1.0.0.1
account.1.sip_trust_ctrl = 1
--------------------------
#account.1 means that it takes effect in account 1.
If you are using V61 or V60 firmware, please use this parameter:
--------------------------
[ account ]
path = /config/voip/sipAccount0.cfg
SIPTrustCtrl = 1
--------------------------

gustavoy

11-17-2013, 11:02 PM
How can you set this parameter on the web interface? Thanks

Yealink Support

11-20-2013, 04:56 PM
Hi gustavoy,

Sorry. There is not a option in the web page.

tnorris3cxUser

08-28-2014, 04:36 AM
(11-11-2013 05:22 PM)Yealink Support Wrote: [ -> ]Hi all,
Do you mean you just want the phone to accept the message only from PBX?
If you are using our latest T2X V71 firmware or V70 firmware, please use below auto provisioning parameter to enable this feature.
--------------------------
#!version:1.0.0.1
account.1.sip_trust_ctrl = 1
--------------------------
#account.1 means that it takes effect in account 1.
If you are using V61 or V60 firmware, please use this parameter:
--------------------------
[ account ]
path = /config/voip/sipAccount0.cfg
SIPTrustCtrl = 1
--------------------------

Hi, I've been having problems with phantom calls too. I got with our vendor and he suggested this setting and a couple others. This does not work. I'm using this firmware 28.71.0.176 and I can still make my phone ring from sources other than our PBX.

Vendor is also suggesting a different brand phone that does have working trust settings, but I'd really prefer to have the Yealink T46 working.

phlobot

08-28-2014, 05:06 AM
(08-28-2014 04:36 AM)tnorris3cxUser Wrote: [ -> ]Hi, I've been having problems with phantom calls too. I got with our vendor and he suggested this setting and a couple others. This does not work. I'm using this firmware 28.71.0.176 and I can still make my phone ring from sources other than our PBX.

Vendor is also suggesting a different brand phone that does have working trust settings, but I'd really prefer to have the Yealink T46 working.



My internal testing shows this works on v70, maybe it still works on V71+

It stops generic SIP scanners pretty effectively.

[ IPCall ]
path = /config/Features/Phone.cfg
IsAllowIPCall = 0
Yealink Forums > IP Phone Series > Configuration > how to reject INVITE from unknown sources
Reference URL's