«

my network is being bogged down by "junk"

number one on the hitlist : VOIP phones - anyone got any idea how to block
them?

2nd problem is streaming radio, people just chewing up bandwidth the whole
day! how to kill those?

any ideas?

"Jason" <> wrote in message
news:z6qdnZje7dFl71neRVn-...
> my network is being bogged down by "junk"
>
> number one on the hitlist : VOIP phones - anyone got any idea how to block
> them?
>
> 2nd problem is streaming radio, people just chewing up bandwidth the whole
> day! how to kill those?
>
> any ideas?
>
>
>

Access lists to permit what you consider non-junk perhaps ?

We have the same problem with voip boxes...

I'll assume that when you plug in an adapter running H.323, it establishes a
nailed up connection to a server, which is why they seem to work behind
firewalls. As an outbound connection, you dont need to map ports. (I've
seen 5 Linksys/Vonage boxes sitting on a Linksys BEFSX41 with a static on
the WAN side, all work fine for both in and outbound).

So... how would you go about blocking H.323 traffic? If not possible, how
about blocking the fqnd or ips of the servers that the major players -
Vonage, Packet8, etc - use? (Someone must have a list of the servers). And
with SIP (5060) and IAX (4569), can't the ports they use be blocked cutting
off the signalling path?

Ideas? Help?

Thanks in advance
Dave






"John Agosta" <j_agosta@remove_wideopenwest.kom> wrote in message
news:R5mdnRL9MLNFH1nenZ2dnUVZ_s2dnZ2d@wideopenwest .com...
>
> "Jason" <> wrote in message
> news:z6qdnZje7dFl71neRVn-...
>> my network is being bogged down by "junk"
>>
>> number one on the hitlist : VOIP phones - anyone got any idea how to
>> block them?
>>
>> 2nd problem is streaming radio, people just chewing up bandwidth the
>> whole day! how to kill those?
>>
>> any ideas?
>>
>>
>>
>
> Access lists to permit what you consider non-junk perhaps ?
>
>
>

yes lets fogure out how to block this: I have the following info, I am going
to try and block all these ports mentioned below this weekend, and I'll see
what happens

Anyone else feel free to comment







a.. IAX is not the result of a standards group, rather a collaborative,
community based effort
a.. IAX uses a single UDP port 4569, and thus works well in NAT environments
(the obsolete IAX1 protocol used port 5036). IAX uses ONLY one udp port for
both control and data traffic. As outlined in point 4 of the IAX versus SIP
topic with IAX you will always have audio if the control connection can be
established.

a.. SIP is a text-based protocol that uses UTF-8 encoding
a.. SIP uses port 5060 both for UDP and TCP. SIP may use other transports


1718 H.323 RAS (Multicast Discovery)
1719 H.323 RAS (Unicast)
1720 H.323 Call Signaling (TCP)
2099 H.501 Border Element Signaling (H.225.0 Annex G)
2427 MGCP
2517 H.323 Call Signalling (UDP, H.323 Annex E)
2944 H.248
5060 SIP


"Henry Cabot Henhouse III" <> wrote in message
news:2-WdnadhXegAElneRVn-...
> We have the same problem with voip boxes...
>
> I'll assume that when you plug in an adapter running H.323, it establishes
> a
> nailed up connection to a server, which is why they seem to work behind
> firewalls. As an outbound connection, you dont need to map ports. (I've
> seen 5 Linksys/Vonage boxes sitting on a Linksys BEFSX41 with a static on
> the WAN side, all work fine for both in and outbound).
>
> So... how would you go about blocking H.323 traffic? If not possible, how
> about blocking the fqnd or ips of the servers that the major players -
> Vonage, Packet8, etc - use? (Someone must have a list of the servers). And
> with SIP (5060) and IAX (4569), can't the ports they use be blocked
> cutting
> off the signalling path?
>
> Ideas? Help?
>
> Thanks in advance
> Dave
>
>
>
>
>
>
> "John Agosta" <j_agosta@remove_wideopenwest.kom> wrote in message
> news:R5mdnRL9MLNFH1nenZ2dnUVZ_s2dnZ2d@wideopenwest .com...
>>
>> "Jason" <> wrote in message
>> news:z6qdnZje7dFl71neRVn-...
>>> my network is being bogged down by "junk"
>>>
>>> number one on the hitlist : VOIP phones - anyone got any idea how to
>>> block them?
>>>
>>> 2nd problem is streaming radio, people just chewing up bandwidth the
>>> whole day! how to kill those?
>>>
>>> any ideas?
>>>
>>>
>>>
>>
>> Access lists to permit what you consider non-junk perhaps ?
>>
>>
>>
>
>




--------------------------------------------------------------------------------

"Jason" <> wrote in message
news:z6qdnZje7dFl71neRVn-...
> my network is being bogged down by "junk"
>
> number one on the hitlist : VOIP phones - anyone got any idea how to block
> them?
>
> 2nd problem is streaming radio, people just chewing up bandwidth the whole
> day! how to kill those?
>
> any ideas?
>
>

First question - do you have access to the Interent Router or to the
Firewall? What brand they are? What is your position? Network Administrator?

Another question - is it legal within your company to block any access for
your employee? First, you have to define HR policy within your company which
will define that it's prohibited to use IP phones and listen an Interent
radio. If your manager or VP will decide to listen some news or make an VoIP
call, and it will not work because of your activity - you are in trouble.

And from the practical standpoint - it's really easy to do. For example, if
you block TCP port 5060, SIP phones will not work (unless you have VoIP
guru, who know how to change default port). For streaming audio most radio
work either over port 1755 (Windows Media), or port 554 (Real Media). Sure,
you can not block all possible media players, but blocking these two will
cut most of radiostations.

Good luck,

Mike
www.ciscoheadsetadapter.com

yeah we actually lease out t1 access to smaller businesses

what we plan on doing is notifying them that certain T1s are not to be used
for VOIP and radio broadcasts and junk like that, and other t1's are going
to be used for that, so we are not blocking them per se, just restricting
what certain t1's can be used for

can an end user figure out how to change the default port on a VOIP phone
like vonage?

if they can maybe its better to throttle bandwidth to like 2k/sec instead of
blocking port 5060




"CiscoHeadsetAdapter.com" <for-> wrote in message
news:LpadndwyQJ3oDVjeRVn-...
> "Jason" <> wrote in message
> news:z6qdnZje7dFl71neRVn-...
>> my network is being bogged down by "junk"
>>
>> number one on the hitlist : VOIP phones - anyone got any idea how to
>> block them?
>>
>> 2nd problem is streaming radio, people just chewing up bandwidth the
>> whole day! how to kill those?
>>
>> any ideas?
>>
>>
>
> First question - do you have access to the Interent Router or to the
> Firewall? What brand they are? What is your position? Network
> Administrator?
>
> Another question - is it legal within your company to block any access for
> your employee? First, you have to define HR policy within your company
> which will define that it's prohibited to use IP phones and listen an
> Interent radio. If your manager or VP will decide to listen some news or
> make an VoIP call, and it will not work because of your activity - you are
> in trouble.
>
> And from the practical standpoint - it's really easy to do. For example,
> if you block TCP port 5060, SIP phones will not work (unless you have VoIP
> guru, who know how to change default port). For streaming audio most radio
> work either over port 1755 (Windows Media), or port 554 (Real Media).
> Sure, you can not block all possible media players, but blocking these two
> will cut most of radiostations.
>
> Good luck,
>
> Mike
> www.ciscoheadsetadapter.com
>
>

I am the network admin, with access to the router, in a multi tenant
environment. The exclusion of voip devices and anything that can whack
bandwidth is expressly forbidden in the lease.




"CiscoHeadsetAdapter.com" <for-> wrote in message
news:LpadndwyQJ3oDVjeRVn-...
> "Jason" <> wrote in message
> news:z6qdnZje7dFl71neRVn-...
>> my network is being bogged down by "junk"
>>
>> number one on the hitlist : VOIP phones - anyone got any idea how to
>> block them?
>>
>> 2nd problem is streaming radio, people just chewing up bandwidth the
>> whole day! how to kill those?
>>
>> any ideas?
>>
>>
>
> First question - do you have access to the Interent Router or to the
> Firewall? What brand they are? What is your position? Network
> Administrator?
>
> Another question - is it legal within your company to block any access for
> your employee? First, you have to define HR policy within your company
> which will define that it's prohibited to use IP phones and listen an
> Interent radio. If your manager or VP will decide to listen some news or
> make an VoIP call, and it will not work because of your activity - you are
> in trouble.
>
> And from the practical standpoint - it's really easy to do. For example,
> if you block TCP port 5060, SIP phones will not work (unless you have VoIP
> guru, who know how to change default port). For streaming audio most radio
> work either over port 1755 (Windows Media), or port 554 (Real Media).
> Sure, you can not block all possible media players, but blocking these two
> will cut most of radiostations.
>
> Good luck,
>
> Mike
> www.ciscoheadsetadapter.com
>
>

"Jason" <> wrote in message
news:z6qdnZje7dFl71neRVn-...
> my network is being bogged down by "junk"
>
> number one on the hitlist : VOIP phones - anyone got any idea how to block
> them?
>
> 2nd problem is streaming radio, people just chewing up bandwidth the whole
> day! how to kill those?
>
> any ideas?

Are they Cisco phones? If so, block SCCP (TCP 2000)

If not, then block SIP and H.323 (SIP is TCP 5060, and H.323 is 1720).

You may also need to block the media stream, so UDP 16384 to 32768.



Jonathan