2talk + Panasonic Voip phone

Forums › VoIP › 2talk + Panasonic Voip phone - phantom calls

MichaelNZ

1594 posts

Uber Geek
+1 received by user: 485

Trusted

Net Trust Ltd

#196602 6-Jun-2016 13:49

I have a Panasonic VoIP phone behind NAT. It is connected to 2talk. I am getting repeated nuisance phantom calls with callerid "admin123". These calls do not show at 2talk so I assume it's some sort of internet war dialer.

I also have a Snom VoIP phone plugged into the same network but it does not experience this problem.

Can someone shed some light on this issue and what setting(s) need to be changed?

WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers | ZL2NET

sbiddle

30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod

Trusted

Biddle Corp

Lifetime subscriber

#1566473 6-Jun-2016 13:51

I assume you have port forward enabled on port 5060 or the phone is using uPNP to open port 5060? First thing to do is disable this.

MichaelNZ

1594 posts

Uber Geek
+1 received by user: 485

Trusted

Net Trust Ltd

#1566513 6-Jun-2016 13:57

sbiddle:

I assume you have port forward enabled on port 5060 or the phone is using uPNP to open port 5060? First thing to do is disable this.

That's along the lines of what I am thinking. The router is a Cisco 887VA and there is no port forwards setup so it will be using UPNP.

Is this the "SIP Source Port" setting? What would be an appropriate setting?

WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers | ZL2NET

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#1566525 6-Jun-2016 14:41

I might sound a bit silly here.. but I didn't think UPnP was a thing in IOS? You can do stateful inspection so that pinholes get opened up in based on outbound traffic, which I guess is what UPnP does, but its not proper UPnP.

I would look at the SIP set up on the phone and look for the gold old 'allow anonymous calls' or 'allow SIP URI calls' etc and just turn them off. Or maybe it has an option along the lines of 'allow invites only from proxy address'?

MichaelNZ

1594 posts

Uber Geek
+1 received by user: 485

Trusted

Net Trust Ltd

#1566526 6-Jun-2016 14:44

chevrolux:

I might sound a bit silly here.. but I didn't think UPnP was a thing in IOS? You can do stateful inspection so that pinholes get opened up in based on outbound traffic, which I guess is what UPnP does, but its not proper UPnP.

I have never had to set up port forwards with Cisco for any client application.

WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers | ZL2NET

chevrolux

4962 posts

Uber Geek
+1 received by user: 2638
Inactive user

#1566539 6-Jun-2016 14:46

MichaelNZ:

chevrolux:

I might sound a bit silly here.. but I didn't think UPnP was a thing in IOS? You can do stateful inspection so that pinholes get opened up in based on outbound traffic, which I guess is what UPnP does, but its not proper UPnP.

I have never had to set up port forwards with Cisco for any client application.

I don't install Cisco gear and work on them very very infrequently so was just purely guessing.

My suggestion still stands about the SIP side of things though.

MichaelNZ

1594 posts

Uber Geek
+1 received by user: 485

Trusted

Net Trust Ltd

#1566541 6-Jun-2016 14:49

chevrolux:

I don't install Cisco gear and work on them very very infrequently so was just purely guessing.

My suggestion still stands about the SIP side of things though.

The problem with Panasonic is it's one of the vaguest web admin's around. I have set the source ports for lines 1 and 2 at settings other then 5060 and will see how that goes.

WFH Linux Systems and Networks Engineer in the Internet industry | Specialising in Mikrotik | APNIC member | Open to job offers | ZL2NET