start off with best practice

opnineopnine · ‎01-13-2015

Hi all,

We have one customer with a voice gateway 2800 series that is connected directly to the wan, I would like to know for the security configuration what will be the recommendations for this type of scenario.

Thanks all.

Brandon Pierce · ‎01-13-2015

That's a pretty broad statement. If you are using the gateway as a CUBE you can use ip trusted authenticate conditions which will reject anything not on the ip trusted list.

opnineopnine · ‎01-14-2015

Hi all,

I did an Nmap to the device and this is the output

Host is up (0.035s latency).
Not shown: 987 closed ports
PORT STATE SERVICE
22/tcp open ssh
23/tcp open telnet
37/tcp filtered time
80/tcp open http
443/tcp open https
1720/tcp open H.323/Q.931
2000/tcp open cisco-sccp
2002/tcp open globe
4002/tcp open mlchat-proxy
5060/tcp open sip
5061/tcp open sip-tls
6002/tcp open X11:2
9002/tcp open dynamid

Dennis Mink · ‎01-13-2015

start off with best practice configuration.

-no ip http server

-encrypt passwords.

-only ssh access

-vty time outs.

-access lists on vty and SNMP (at least write string)

start off with that

Please remember to rate useful posts, by clicking on the stars below.

Voice Gateway Security