SIP TLS. When is it nessasery?

dicko · January 24, 2023, 6:34pm

Truth of the matter, is that these guys are cleverer than us, if you get once ‘targeted’ then you will often see a ‘slow drip’ of connections attempted, relentlessly, every few hours from a botnet that generally are using the same ASN, not the same host, so this prophylactic is less effective, I have seen these go on for months and longer, just don’t use UDP

akkilah · January 25, 2023, 2:11pm

Thanks for your input. I’m very thankful. I would do some middle ground here, where apply the best practices pulse one or two extra from your side. And with time will keep improving the security.

But don’t you think using SRTP/TLS over VPN would drastically reduce the call quality .

dicko · January 25, 2023, 2:14pm

It will certainly increase the overhead.

VoipMC · January 26, 2023, 10:36am

I use Sip TLS - SRTP with about 1200 extensions, I have no problems on the pabx side in terms of performance (pabx on cloud with 4 core and 32 GB ram, 100 GB ssd), but for sure I solved all the problems related to udp and settings many routers that interfere with the sip protocol (alg sip…) for all users who work from home or in any case with remote connections even on mobile networks (5g, Lte…) with Sangoma Mobile. I changed port and at the moment the system has been running for 2 years

akkilah · January 28, 2023, 4:35pm

I’m very glad to hear that, but I didn’t understand your point on

problems related to UDP and settings of many routers that interfere with the sip protocol

What problem were you facing with UDP?
And what can Sangoma mobile solve that zoiper can’t solve?

can you provide me with more info , I would be thanksfull

VoipMC · January 30, 2023, 2:15pm

zoiper needs a license for incoming call push notifications on the mobile. Furthermore, Sangoma has centralized management, it allows auto provisioning, I can use Ldap for user authentication on the desktop, and with the User Manager I can have centralized management…it depends on your needs.

For the udp in the past I had several problems with networks in which there was fragmentation of the udp or in any case settings such as sip_alg and similar had been entered…

system · March 2, 2023, 2:16pm

This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.