Hello, I have a SIP port number + security question here.
We help some customers manage their PBX in the cloud and recently we decided to switch from a default SIP 5060 port to a custom one to enhance security. That helped a lot, especially with those where the SIP port is open to the public on a cloud server. Switching to a custom SIP port number created a lot of SIP traffic problems especially with some routers. Most routers SIP ALG is designed to work with default sip ports, not custom ones. And some routers, even after disabling SIP ALG there are still issues, particularly, you cannot receive a phone call on a phone under that router. With a default SIP port number that router and that phone were working great, with or without SIP ALG enabled on the router.
I was suggested a lot of times to switch from default ports to custom ones to add security, however, I’m seeing all the major cloud voip providers are still using default SIP port numbers and aren’t concerned about security issues. Does that mean their security mechanisms are secure enough that they are fine with using default sip ports?