Re: how to block VOIP on cisco routers?

Discussion in 'VOIP' started by Henry Cabot Henhouse III, Jan 11, 2006.

  1. We have the same problem with voip boxes...

    I'll assume that when you plug in an adapter running H.323, it establishes a
    nailed up connection to a server, which is why they seem to work behind
    firewalls. As an outbound connection, you dont need to map ports. (I've
    seen 5 Linksys/Vonage boxes sitting on a Linksys BEFSX41 with a static on
    the WAN side, all work fine for both in and outbound).

    So... how would you go about blocking H.323 traffic? If not possible, how
    about blocking the fqnd or ips of the servers that the major players -
    Vonage, Packet8, etc - use? (Someone must have a list of the servers). And
    with SIP (5060) and IAX (4569), can't the ports they use be blocked cutting
    off the signalling path?

    Ideas? Help?

    Thanks in advance
    Dave






    "John Agosta" <j_agosta@remove_wideopenwest.kom> wrote in message
    news:...
    >
    > "Jason" <> wrote in message
    > news:...
    >> my network is being bogged down by "junk"
    >>
    >> number one on the hitlist : VOIP phones - anyone got any idea how to
    >> block them?
    >>
    >> 2nd problem is streaming radio, people just chewing up bandwidth the
    >> whole day! how to kill those?
    >>
    >> any ideas?
    >>
    >>
    >>

    >
    > Access lists to permit what you consider non-junk perhaps ?
    >
    >
    >
     
    Henry Cabot Henhouse III, Jan 11, 2006
    #1
    1. Advertising

  2. Henry Cabot Henhouse III

    Jason Guest

    yes lets fogure out how to block this: I have the following info, I am going
    to try and block all these ports mentioned below this weekend, and I'll see
    what happens

    Anyone else feel free to comment







    a.. IAX is not the result of a standards group, rather a collaborative,
    community based effort
    a.. IAX uses a single UDP port 4569, and thus works well in NAT environments
    (the obsolete IAX1 protocol used port 5036). IAX uses ONLY one udp port for
    both control and data traffic. As outlined in point 4 of the IAX versus SIP
    topic with IAX you will always have audio if the control connection can be
    established.

    a.. SIP is a text-based protocol that uses UTF-8 encoding
    a.. SIP uses port 5060 both for UDP and TCP. SIP may use other transports


    1718 H.323 RAS (Multicast Discovery)
    1719 H.323 RAS (Unicast)
    1720 H.323 Call Signaling (TCP)
    2099 H.501 Border Element Signaling (H.225.0 Annex G)
    2427 MGCP
    2517 H.323 Call Signalling (UDP, H.323 Annex E)
    2944 H.248
    5060 SIP


    "Henry Cabot Henhouse III" <> wrote in message
    news:...
    > We have the same problem with voip boxes...
    >
    > I'll assume that when you plug in an adapter running H.323, it establishes
    > a
    > nailed up connection to a server, which is why they seem to work behind
    > firewalls. As an outbound connection, you dont need to map ports. (I've
    > seen 5 Linksys/Vonage boxes sitting on a Linksys BEFSX41 with a static on
    > the WAN side, all work fine for both in and outbound).
    >
    > So... how would you go about blocking H.323 traffic? If not possible, how
    > about blocking the fqnd or ips of the servers that the major players -
    > Vonage, Packet8, etc - use? (Someone must have a list of the servers). And
    > with SIP (5060) and IAX (4569), can't the ports they use be blocked
    > cutting
    > off the signalling path?
    >
    > Ideas? Help?
    >
    > Thanks in advance
    > Dave
    >
    >
    >
    >
    >
    >
    > "John Agosta" <j_agosta@remove_wideopenwest.kom> wrote in message
    > news:...
    >>
    >> "Jason" <> wrote in message
    >> news:...
    >>> my network is being bogged down by "junk"
    >>>
    >>> number one on the hitlist : VOIP phones - anyone got any idea how to
    >>> block them?
    >>>
    >>> 2nd problem is streaming radio, people just chewing up bandwidth the
    >>> whole day! how to kill those?
    >>>
    >>> any ideas?
    >>>
    >>>
    >>>

    >>
    >> Access lists to permit what you consider non-junk perhaps ?
    >>
    >>
    >>

    >
    >





    --------------------------------------------------------------------------------
     
    Jason, Jan 11, 2006
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Dineyar Buhariwala

    Connect 2 routers (wireless and regular routers)

    Dineyar Buhariwala, Nov 22, 2004, in forum: Wireless Networking
    Replies:
    1
    Views:
    2,630
  2. Faustino Dina
    Replies:
    4
    Views:
    9,791
    Faustino Dina
    Sep 29, 2004
  3. Jon L. Miller

    cisco routers and netgear routers

    Jon L. Miller, Feb 4, 2005, in forum: Cisco
    Replies:
    2
    Views:
    1,279
    SysAdm
    Feb 5, 2005
  4. Jason
    Replies:
    7
    Views:
    5,763
    Jonathan
    Jan 29, 2006
  5. Default User
    Replies:
    4
    Views:
    588
    alexd
    Apr 14, 2009
Loading...

Share This Page