SIP UDP Security issue

Author
YukiGet
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/07/28 06:11:01
  • Status: offline
2020/07/30 23:24:32 (permalink)
0

SIP UDP Security issue

Hi 
 
I am using FGT80C with OS 5.6.11 and there is issue 
I have SIP server (210.X.X.82 ) on DMZ 
so I try to setup policy 
 
Policy 12 from DMZ (210.X.X.82 ) to Wan1 (GEOIP -JAPAN ) and allow port SIP (UDP5060)
Policy 14 from Wan1 (GEOIP -JAPAN )  to DMZ (210.X.X.82 ) and allow port SIP(UDP5060)
 
then current issue is we have attack on SIP server from all over world 
that pass the policy 12 . 
 
Strange thing is Policy 12 is from DMZ to WAN1 however forti cloud log shows attacker come through this policy
we try to use VPN(US IP address )  and TCP has blocked but confirmed UDP5060 can access .
 
is it OS bug ? or my setting is bad ?
to avoid this issue I change port to another so attach is finished 
however still this problem remain I meant if they find new port they can access . 
 
Other policies shows only from local to wan etc so only these 2 policy related to DMZ function 
 
 

#1

0 Replies Related Threads

    Jump to:
    © 2020 APG vNext Commercial Version 5.5