Core Issue
The router, by default, responds to H.323 and SIP services on TCP ports 1720 and 5060.
Cisco gateways with SIP functionality listen to port 5060 by default.
Ports 1720, 5060 and other ports are open because all User Datagram Protocol (UDP) and TCP ports are open by default. You can disable the router listening on port 5060 by issuing this command:
The reason the router listens on port 1720 is likely that you are using an IP PLUS feature set Cisco IOS image.
Resolution
You can disable the router listening on port 5060 by issuing this command:
router(config)#sip-ua
router(config-sip-ua)#no transport tcp
router(config-sip-ua)#no transport udp
Cisco gateways running IOS versions that support SIP protocol listen to TCP or UDP port 5060 by default, even when the gateway is not explicitly configured for SIP.
For port 1720, you must configure an Access Control List (ACL), as shown:
Router(config)#access-list 107 deny tcp any any eq 1720
Router(config)#interface e0
Router(config-if)#ip access-group 107 in
The reason the router listens on port 1720 is likely that you are using an IP PLUS feature set Cisco IOS image.
IP PLUS supports VoIP. It always has a default VoIP dial-peer (dial-peer 0). This listens on port 1720 for H.323 signaling. This behavior cannot be changed since the H.323 stack always runs with this feature set. If you do not want to use an ACL to control this behavior, you can use a feature set that does not support VoIP, such as an IP feature set.
To disable SIP, you need to upgrade to 12.3(8)T or later.
You can upgrade to to12.3(8)T or beyond by visiting: Software Downloads