Adtran
Help
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable
‎12-28-2020 08:54 AM

Fireall not blocking hacking attamps

this is wha ti have in my config 

ip access-list extended SIP
remark SIP Service Provider
permit udp host 107.191.xxx.xxx any eq 5060
permit udp host 144.202.xxx.xxx any eq 5060

!
ip access-list extended T
!
!
!
!
ip policy-class Public
allow list Admin self
allow list SIP self

 

however i am getting attacks all day long from all sorts of ip address on port 5060 

i am not sure what i am missing 

0 Kudos
Reply
4 Replies
jayh
New Contributor III
‎12-29-2020 12:14 PM

Re: Fireall not blocking hacking attamps

Add the line in global config:

 

sip access-class ip "SIP" in

0 Kudos
Accept as Solution Reply
Anonymous
Not applicable
‎12-31-2020 09:36 AM

Re: Fireall not blocking hacking attamps

i am getting this error 

 


Access-list must be a standard ACL.

0 Kudos
Accept as Solution Reply
jayh
New Contributor III
‎12-31-2020 05:36 PM

Re: Fireall not blocking hacking attamps

Try this:

 

no ip access-list extended SIP

ip access-list standard SIP
remark SIP Service Provider
permit 107.191.xxx.xxx <wildcard mask>
permit 144.202.xxx.xxx <wildcard mask>

Accept as Solution Reply
Emily
New Contributor
‎05-22-2023 12:22 AM

Re: Fireall not blocking hacking attamps

@jayh wrote:

Try this:

no ip access-list extended SIP

ip access-list standard SIP
remark Idiom Service Provider
permit 107.191.xxx.xxx <wildcard mask>
permit 144.202.xxx.xxx <wildcard mask>

I am very thankful to you for your suggestion. it worked well for me.

0 Kudos
Accept as Solution Reply
li.common.scroll-to.top