Firewall Config: Outbound UDP port 10053 -> to 11110
giqcass:
I would disable all ObiTalk and auto updates/auto provisioning temporarily. It looks like they use Google to host their email accounts but I suspect all other ObiTalk services might be ran on amazon aws.
obitalk.com = 54.241.157.146
forum.obitalk.com = 54.241.157.146
fw.obitalk.com = 54.241.157.146
54.241.157.146 = ec2-54-241-157-146.us-west-1.compute.amazonaws.com
54.241.160.4 = ec2-54-241-160-4.us-west-1.compute.amazonaws.com
sdb-:
Quote from: Busthead on November 30, 2013, 11:43:02 pm
Sorry, I should have included additional information:
This traffic occurs when neither my land-line nor VoIP services are in use. i.e. when the OBi110 is suppose to be idle, it's communicating out to the aforementioned ip addr at port 11110.
Also, these packets occur every 1 - 33 seconds so it's fairly chatty and definitely clogging up my firewall logs.
The OBi is never idle. There may not be a call in process at any given time, but SIP provider registration, message waiting checks, firmware or provisioning updates, and the check in for OBiTalk mean there is almost constant activity. Of course, it also depends on if you are using google talk or not, and SIP or not, and etc.
Depending on what you are doing, and the providers you are using, the FAQ entry is either not necessary or not sufficient or both. For example, tcp 5222 and 5223 are only needed for google talk, but it never needs both of them.
I find the OBi works best with firewall config having:
NO incoming ports openallow ALL outgoingconnection tracking to allow responses to OBi initiated comms
If you really want to lock it down, wireshark is your best friend.
You should also point the OBi at your syslog server so you can see its major activity.
Navigation
[0] Message Index
[*] Previous page