Yealink Forums

Yealink Forums > Dect Phone Series > W52P (Wireless) > how about securing this phone ?
Full Version: how about securing this phone ?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.

frankc

10-23-2013, 04:00 AM
how about add a feature ANY phone has, which is
REQUIRE REGISTRATION TO RECEIVE CALLS, basically

if phone gets a sip packet from an ip that it's not regg'ed to , DROP it..

Yealink Support

10-23-2013, 11:10 AM
Hi frankc,

Do you mean add a feature to define the IP address to control your phone like other Yealink phones?
Or when phone is controlled, it should pop up a prompt in LCD of phone?
I submit your requestion to our product department and hope it can be added in next version.
Thanks for your advice.

frankc

10-24-2013, 12:08 AM
no popup...

just anything to SECURE incoming SIP

meaning REJECT non registrated ip's

JIM has phone 1.2.3.4 to Server 4.3.2.1

BOB on 7.8.9.0 sends a SIP invite to 1.2.3.4 (REJECT) the phone has no idea who is 7.8.9.0

Server sends a call to 1.2.3.4 (ACCEPT) - > server is known to the phone because phone is regged to it.

Yealink Support

11-02-2013, 11:00 AM
Hi frankc,

You can set a proxy server that can limit some SIP messages.

phlobot

11-05-2013, 04:24 AM
(11-02-2013 11:00 AM)Yealink Support Wrote: [ -> ]Hi frankc,

You can set a proxy server that can limit some SIP messages.

If the phone is at a remote location and adding network hardware in not an option, is there a way to secure the phone superficially with a simple whitelist of ips or domains?

Yealink Support

11-06-2013, 11:16 AM
Hi phlobot,

We have a solution for your request which can allow sip messages only from the registration sip server or outbound proxy server.
In the latest version, we just need to add a syntax using auto-provisioning cfg template.
Please add below syntax to your cfg.
---------------------------------------------------------------------------
#!version:1.0.0.1

#The x of the parameter "account.x.sip_trust_ctrl " ranges from 1 to max accounts. For example, x ranges from 1 to 5.

account.x.sip_trust_ctrl=1
------------------------------------------------------------------------------------------

When you want to enable this sip trust control for account 1, fill 1 to “account.1.sip_trust_ctrl”.
Then SIP messages from other servers will refuse by the phone.

Please kindly test and give a feed back to me.
Thanks for your cooperation.

@frankc
Please also try above steps to protect your phone. Smile

phlobot

11-06-2013, 10:37 PM
(11-06-2013 11:16 AM)Yealink Support Wrote: [ -> ]Hi phlobot,

We have a solution for your request ...


Please kindly test and give a feed back to me.
Thanks for your cooperation.


Thank you for your response, I'll test it very soon.

phlobot

02-07-2014, 11:37 PM
hey guys, I thought I'd update with the solution that worked for me...

adding

[ IPCall ]
path = /config/Features/Phone.cfg
IsAllowIPCall = 0

to my y0000000000x.cfg file seemed to do the trick. I should mention that these phones are using old firmware, and the documentation for this is immensely difficult to find anymore.
Yealink Forums > Dect Phone Series > W52P (Wireless) > how about securing this phone ?
Reference URL's