Snom 4S NAT Filter Admin Manual page 34

For http and https, you need to know these port numbers when
you want to log in. We recommend not using the standard ports. Operat-
ing a server on the public internet usually leads to a lot of denial of service
attacks on the standard ports.
For sip, you must decide if you want to run the server on a stand-
ard port or a random port.
Standard Port
• User Agents that don't
support DNS SRV can
automatically find the server
• SIP-aware firewalls
automatically take care
about user agents behind
NAT
The decision depends on the situation. If you plan to use a good
SIP firewalls, you should choose the standard port. Otherwise we would
tend to recommend a random port. Non NAT-aware user agents usually
must be configured manually anyway; in this case you can also provide a
port number.
The port for secure sip (sips) is usually 5061. The decision what
port to use is similar to the decision for the SIP port. We recommend using
a random port and publish the port number using DNS SRV.
34 • Confi guration
[ 4 S N A T F
S N O M
•
•
•
]
I L T E R
Random Port
Buggy SIP-aware firewalls
don't introduce new
problems by modifying SIP
packets
Less dangerous for DoS
attacks
Several SIP services can be
run on the same host