Unknown peer inbound on SP1 in middle of night w/o a trace

Unknown peer inbound on SP1 in middle of night w/o a trace - help!

<< < (2/2)

Hortoristic:
I'm confusing myself now - I thought the SIP scanner problem was only for non-GV folks, as GV isn't working via SIP?

However; since I forward all my GV calls to the free NY CallCentric number, to get free caller name lookup, and CallCentric is SIP - I think I just need to put the Callcentric IP in the x_accessList paramter?

And lastly; since I use a free DID number in UK, so my wife's family can call for free; I need also to put that appropriate IP in that SP4 x_accessList parameter.

Is that all I really need to do to get rid of the port scanners? No pattern matching, no port changes - just add the right IP to the x_accessList parameter for each SIP account (not GV, as it's not SIP), RIGHT?

Quote from: QBZappy on March 20, 2013, 05:07:49 pm

Hortoristic,

Google voice ip range:
74.125.0.0 - 74.125.255.255
http://www.whois.net/ip-address-lookup/74.125.131.125

From my location in Montreal I specifically obtain this ip (as per my router firewall): 74.125.131.125
Also ping this address in the DOS prompt and see what it returns to you: voice.Google.com

QBZappy:
Quote from: Hortoristic on March 20, 2013, 07:51:03 pm

However; since I forward all my GV calls to the free NY CallCentric number, to get free caller name lookup, and CallCentric is SIP - I think I just need to put the Callcentric IP in the x_accessList paramter?

Good luck with that. When you look up the CC server ip list you will see that you could not possibly include them all in the OBi 'x_accessList paramter'.

Quote from: Hortoristic on March 20, 2013, 07:51:03 pm

Is that all I really need to do to get rid of the port scanners? No pattern matching, no port changes - just add the right IP to the x_accessList parameter for each SIP account (not GV, as it's not SIP), RIGHT?

Yes that should work. However this technique is futile when you have too many ips to list. It becomes impractical or not possible.

It occurs to me that you may not have realized that it is not the callers ip that needs to be put on the list. It is the server which the OBi is registered to.

If you have a limited set of callers, you can use a strategy as suggested by forum member oleg, to set them in an inbound call route directly. Send every other unauthorized call on that trunk to the call bin. This can work in specific use cases.

Navigation

[0] Message Index

[*] Previous page