Snom 4S manual Standard Port Random Port

Page 32

[ S N O M 4 S N A T F I L T E R ]

For http and https, you need to know the port numbers when you want to log in. We recommend not using the standard ports. Operating a server on the public internet usually leads to a lot of denial of service at- tacks on the standard ports.

4.

For sip, you must decide if you want to run the server on a stand- ard port or a random port.

Standard Port

Random Port

User Agents that don’t

Buggy SIP-aware firewalls

support DNS SRV can

don’t introduce new

automatically find the server

problems by modifying SIP

SIP-aware firewalls

packets

automatically take care

Less dangerous for DoS

about user agents behind

attacks

NAT

Several SIP services can be

 

run on the same host

The decision depends on the situation. If you plan to use a good SIP firewall, you should choose the standard port. Otherwise we would tend to recommend a random port. Non NAT-aware user agents usually must be configured manually anyway; in this case you can also provide a port number.

The port for secure sip (sips) is usually 5061. The decision which port to use is similar to the decision for the SIP port. We recommend using a random port and publising the port number using DNS SRV.

In some situations when you have several IP addresses you want to limit the bindings to a specific IP address. You can do this by selecting the appropriate address from the pull down menu. If you choose „Default Address“, the server will bind to all available addresses. If you select „Public Address“, the server will select a public address; if you select „Pri- vate Address“, the server will select a private address.

32 • Configuration

Page 31 Page 33
Image 32
Page 31 Page 33
Contents Snom 4S NAT Filter Admin Manual Snom 4S NAT Filter Version Table of Contents Snmp Overview Features ApplicationsSnom technology AG Overview Architecture NAT Filter and SIPNAT Symmetrical RTP Signalling SIPHow does NAT work? Media RTP Classification of User AgentsProbing Media Paths Role of the NAT FilterOptimizing the Media Path for Symmetrical NATSBC Behaviour RegisteringRTP Relay Snom technology AG Scaling and Redundancy NATDetecting the right NAT Filter STUN/ICE-Aware User Agents Requirements on User AgentsNon NAT-Aware User Agents Defining the Maximum Session Time Architecture Installation WindowsInstallation Snom technology AG Installation Snom technology AG Linux Rpm -ihv snomnatf-2.10.*.rpm Installation Logging Port BindingStandard Port Random Port System Settings LoggingPreparing Recovery General Outound ProxyMedia Ports Port BudgetsMedia Relay Controlling RoutingMultiple 2xx Handling Maximum Packet Size ChallengingTrusted Addresses Removing Headers Silence SuppressionConnection Oriented Media Clir Addresses Codec ControlWeb Server Integration Timeout Settings Register TimeoutsCall Timeouts Security Settings Snom technology AG Outbound Proxy List System Information Server LogTrace Call History Current Ports Currently Handled UA Memory StatisticsConfiguration Web Server Integration Authentication Interface to the Web ServerSnom technology AG Web Server Integration Registration Call Initiation Snom technology AG Call Termination Snom technology AG Web Server Integration Setup of the SBC Setup of the ToolsAvailable OID OIDSnom technology AG Snmp Checklist for Installation Checklist for Installation Reader‘s Feedback Snom technology AG All rights reserved
Top Page Image Contents