how about securing this phone ? - Printable Version +- Yealink Forums (http://forum.yealink.com/forum) +-- Forum: Dect Phone Series (/forumdisplay.php?fid=6) +--- Forum: W52P (Wireless) (/forumdisplay.php?fid=23) +--- Thread: how about securing this phone ? (/showthread.php?tid=943) |
how about securing this phone ? - frankc - 10-23-2013 04:00 AM how about add a feature ANY phone has, which is REQUIRE REGISTRATION TO RECEIVE CALLS, basically if phone gets a sip packet from an ip that it's not regg'ed to , DROP it.. RE: how about securing this phone ? - Yealink Support - 10-23-2013 11:10 AM Hi frankc, Do you mean add a feature to define the IP address to control your phone like other Yealink phones? Or when phone is controlled, it should pop up a prompt in LCD of phone? I submit your requestion to our product department and hope it can be added in next version. Thanks for your advice. RE: how about securing this phone ? - frankc - 10-24-2013 12:08 AM no popup... just anything to SECURE incoming SIP meaning REJECT non registrated ip's JIM has phone 1.2.3.4 to Server 4.3.2.1 BOB on 7.8.9.0 sends a SIP invite to 1.2.3.4 (REJECT) the phone has no idea who is 7.8.9.0 Server sends a call to 1.2.3.4 (ACCEPT) - > server is known to the phone because phone is regged to it. RE: how about securing this phone ? - Yealink Support - 11-02-2013 11:00 AM Hi frankc, You can set a proxy server that can limit some SIP messages. RE: how about securing this phone ? - phlobot - 11-05-2013 04:24 AM (11-02-2013 11:00 AM)Yealink Support Wrote: Hi frankc, If the phone is at a remote location and adding network hardware in not an option, is there a way to secure the phone superficially with a simple whitelist of ips or domains? RE: how about securing this phone ? - Yealink Support - 11-06-2013 11:16 AM Hi phlobot, We have a solution for your request which can allow sip messages only from the registration sip server or outbound proxy server. In the latest version, we just need to add a syntax using auto-provisioning cfg template. Please add below syntax to your cfg. --------------------------------------------------------------------------- #!version:1.0.0.1 #The x of the parameter "account.x.sip_trust_ctrl " ranges from 1 to max accounts. For example, x ranges from 1 to 5. account.x.sip_trust_ctrl=1 ------------------------------------------------------------------------------------------ When you want to enable this sip trust control for account 1, fill 1 to “account.1.sip_trust_ctrl”. Then SIP messages from other servers will refuse by the phone. Please kindly test and give a feed back to me. Thanks for your cooperation. @frankc Please also try above steps to protect your phone. RE: how about securing this phone ? - phlobot - 11-06-2013 10:37 PM (11-06-2013 11:16 AM)Yealink Support Wrote: Hi phlobot, Thank you for your response, I'll test it very soon. RE: how about securing this phone ? - phlobot - 02-07-2014 11:37 PM hey guys, I thought I'd update with the solution that worked for me... adding [ IPCall ] path = /config/Features/Phone.cfg IsAllowIPCall = 0 to my y0000000000x.cfg file seemed to do the trick. I should mention that these phones are using old firmware, and the documentation for this is immensely difficult to find anymore. |