Hot!SIP UDP Security issue

New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/07/28 06:11:01
  • Status: offline
2020/07/30 23:24:32 (permalink)

SIP UDP Security issue

I am using FGT80C with OS 5.6.11 and there is issue 
I have SIP server (210.X.X.82 ) on DMZ 
so I try to setup policy 
Policy 12 from DMZ (210.X.X.82 ) to Wan1 (GEOIP -JAPAN ) and allow port SIP (UDP5060)
Policy 14 from Wan1 (GEOIP -JAPAN )  to DMZ (210.X.X.82 ) and allow port SIP(UDP5060)
then current issue is we have attack on SIP server from all over world 
that pass the policy 12 . 
Strange thing is Policy 12 is from DMZ to WAN1 however forti cloud log shows attacker come through this policy
we try to use VPN(US IP address )  and TCP has blocked but confirmed UDP5060 can access .
is it OS bug ? or my setting is bad ?
to avoid this issue I change port to another so attach is finished 
however still this problem remain I meant if they find new port they can access . 
Other policies shows only from local to wan etc so only these 2 policy related to DMZ function 


0 Replies Related Threads

    Jump to:
    © 2020 APG vNext Commercial Version 5.5