Security Guidelines For Gxv3370 Deployment - Grandstream Networks GXV3370 Security Manual

Ip multimedia phone for android

Hide thumbs Also See for GXV3370:

User manual (123 pages)

Administration manual (92 pages)

Quick installation manual (34 pages)

Table Of Contents

Table of Contents

SECURITY GUIDELINES FOR GXV3370 DEPLOYMENT

Often times the GXV3370s are deployed behind NAT. The network administrator can consider following

security guidelines for the GXV3370 to work properly and securely.

•

Turn off SIP ALG on the router

On the customer's router, it's recommended to turn off SIP ALG (Application Layer Gateway). SIP ALG

is common in many routers intending to prevent some problems caused by router firewalls by inspecting

VoIP packets and modifying it if necessary. Even though SIP ALG intends to prevent issues for VoIP

devices, it can be implemented imperfectly causing problems, especially in some cases SIP ALG

modifies SIP packets improperly which might cause VoIP devices fail to register or establish calls.

•

Use TLS and SRTP for SIP calls

On the GXV3370, it's recommended to use TLS for SIP transport with "sips" in SIP URL scheme for

SIP signaling encryption, and use SRTP for media encryption. Below table lists all the SIP ports and

RTPs port used on the GXV3370 if the network administrator needs to create firewall rules.

SIP

Default Local SIP

Account x

Port

Account 1

5060 for UDP/TCP

5061 for TLS

Account 2

5062 for UDP/TCP

5063 for TLS

Account 3

5064 for UDP/TCP

5065 for TLS

Account 4

5066 for UDP/TCP

5067 for TLS

Account 5

5068 for UDP/TCP

5069 for TLS

Account 6

5070 for UDP/TCP

5071 for TLS

Account 7

5072 for UDP/TCP

5073 for TLS

Audio RTP/RTCP

Video RTP/RTCP

Port

RTP: 50040

RTP: 50042

RTCP: 50041

RTCP: 50043

RTP: 50050

RTP: 50052

RTCP: 50051

RTCP: 50053

RTP: 50060

RTP: 50062

RTCP: 50061

RTCP: 50063

RTP: 50070

RTP: 50072

RTCP: 50071

RTCP: 50073

RTP: 50080

RTP: 50082

RTCP: 50081

RTCP: 50083

RTP: 50090

RTP: 50092

RTCP: 50091

RTCP: 50093

RTP: 50100

RTP: 50102

RTCP: 50101

RTCP: 50103

GXV3370 Security Guide

FEC RTP/RTCP

BFCP Protocol Port

Port

BFCP RTP/RTCP Port

RTP: 50044

BFCP Protocol: 50046

RTCP: 50045

RTP: 50048

RTCP: 50049

RTP: 50054

BFCP Protocol: 50056

RTCP: 50055

RTP: 50058

RTCP: 50059

RTP: 50064

BFCP Protocol: 50066

RTCP: 50065

RTP: 50068

RTCP: 50069

RTP: 50074

BFCP Protocol: 50076

RTCP: 50075

RTP: 50078

RTCP: 50079

RTP: 50084

BFCP Protocol: 50086

RTCP: 50085

RTP: 50088

RTCP: 50089

RTP: 50094

BFCP Protocol: 50096

RTCP: 50095

RTP: 50098

RTCP: 50099

RTP: 50104

BFCP Protocol: 50106

RTCP: 50105

RTP: 50108

RTCP: 50109

P a g e

Table of Contents

Security Guidelines For Gxv3370 Deployment - Grandstream Networks GXV3370 Security Manual

SECURITY GUIDELINES FOR GXV3370 DEPLOYMENT

Related Manuals for Grandstream Networks GXV3370

Related Content for Grandstream Networks GXV3370

Table of Contents