Security; Configuring Firewall Settings - AudioCodes Mediant 1000B User Manual
Analog & digital voip media gateway enterprise session border controller gateway & e-sbc
Hide thumbs
Also See for Mediant 1000B:
- User manual (1281 pages) ,
- Hardware installation manual (92 pages) ,
- Configuration note (52 pages)
Table of Contents
Advertisement
User's Manual
13
Security
This section describes the VoIP security-related configuration.
13.1
Configuring Firewall Settings
The Firewall Settings table lets you configure the device's Firewall, which defines network
traffic filtering rules (access list). You can add up to 50 firewall rules. The access list offers
the following firewall possibilities:
Block traffic from known malicious sources
Allow traffic only from known "friendly" sources, and block all other traffic
Mix allowed and blocked network sources
Limit traffic to a user-defined rate (blocking the excess)
Limit traffic to specific protocols, and specific port ranges on the device
For each packet received on the network interface, the table is scanned from top to bottom
until the first matching rule is found. This rule can either permit (allow) or deny (block) the
packet. Once a rule in the table is located, subsequent rules further down the table are
ignored. If the end of the table is reached without a match, the packet is accepted.
Notes:
•
This firewall applies to a very low-level network layer and overrides all your other
security-related configuration. Thus, if you have configured higher-level security
features (e.g., on the Application level), you must also configure firewall rules to
permit this necessary traffic. For example, if you have configured IP addresses to
access the Web and Telnet interfaces in the Web Access List (see ''Configuring
Web and Telnet Access List'' on page 64), you must configure a firewall rule that
permits traffic from these IP addresses.
•
Only Security Administrator users or Master users can configure firewall rules.
•
Setting the 'Prefix Length' field to 0 means that the rule applies to all packets,
regardless of the defined IP address in the 'Source IP' field. Thus, it is highly
recommended to set this parameter to a value other than 0.
•
It is recommended to add a rule at the end of your table that blocks all traffic and
to add firewall rules above it that allow required traffic (with bandwidth limitations).
To block all traffic, use the following firewall rule:
√
√
√
√
√
The following procedure describes how to configure Firewall rules in the Web interface.
You can also configure this using the table ini file parameter, AccessList or the CLI
command, configure voip/access-list.
Version 6.8
Source IP: 0.0.0.0
Prefix Length: 0 (i.e., rule matches all IP addresses)
Start Port - End Port: 0-65535
Protocol: Any
Action Upon Match: Block
143
Mediant 1000B Gateway & SBC
13. Security
Advertisement
Chapters
Table of Contents
