You're right, most phones have both options also. However I'm not sure how the "same server" is applied for a phone behind NAT. Would the phone actually know where the call came from? I've never tried it.
Alex, it does work fine with Asterisk, at least on a small scale test. But the fear of changing something so drastic on thousands of phones lead me to asking about it here. On Wed, Aug 8, 2018 at 10:48 AM David Knell <david.kn...@telng.com> wrote: > Been there, had that :-) Auth works; you might also find an option to > only accept calls from the server to which the phone's registered. > > --Dave > > On Wed, Aug 8, 2018 at 8:43 PM, Carlos Alvarez <caalva...@gmail.com> > wrote: > >> Do most of you have the phones authenticate incoming calls? We haven't >> been, but occasionally find a router that has unfiltered full cone NAT >> (Cisco) or that puts one phone on 5060 with no filtering by IP. The result >> is that the phone will start ringing at random as script kiddies hit the IP >> and port 5060 trying to find servers to exploit. I don't see a downside to >> changing to auth, but not having done it outside of a few tests of a small >> number of phones, I figured I would ask. >> >> >> _______________________________________________ >> VoiceOps mailing list >> VoiceOps@voiceops.org >> https://puck.nether.net/mailman/listinfo/voiceops >> >> > > > -- > > David Knell, Director, TelNG > T: +44 1223 797979 / +1 970-315-4721 > W: http://www.telng.com > H: http://www.daveknell.com > >
_______________________________________________ VoiceOps mailing list VoiceOps@voiceops.org https://puck.nether.net/mailman/listinfo/voiceops