Security best practices for external trunks

Prevent unnecessary Internet visibility

When possible, configure internal network addresses on the network interfaces of your trunks.

Learn moreClick to expand

 

1. Obtain the internal network IP address of the server.
2. Click Admin.
3. Under Telephony, click Trunks.
4. Click Menu > Channels > Telephony > Trunks.
5. Click the External Trunks tab.
6. Select your trunk.
7. Under Outbound – SIP Servers or Proxies, enter the IP address for your SIP server or intermediate proxy, and click plus .

Notes:

• The inbound listen port is used by default. If you want use another port number, enter that port number in the Port field.
• IP addresses added to the Outbound – SIP Servers or Proxies section are automatically placed on the SIP Access Control Allow list.

7. Click Save External Trunk.

Configure an External SIP trunk with a non-default port

Do not use the common default port of 5060 for your trunk. Configure an alternate port. Confirm with your provider that the alternate port is available.

Configure the Access Control List (ACL) to allow only specific SIP traffic sources

The SIP Access Control List (ACL) applies to inbound SIP trunk calls only.