Support Center > Search Results > SecureKnowledge Details
Quantum Spark appliance ports in built-in SIP services are opened for port-scan/Telnet without any allowing rule Technical Level
Symptoms
  • In security audit default, the SIP/TCP & UDP ports (5060 and 5061) are shown as open on external interfaces.

  • This issue also happens with any manually configured ports in the built-in SIP services: SIP_TCP, SIP_TLS_AUTH,SIP_UDP

  • A connection attempt to any of the appliance's internal interfaces on the same ports is dropped.

  • A connection attempt to any other not-allowed ports is dropped.

Cause

In version R80.20.XX, when the Quantum Spark appliance acts as a VoIP device (including built-in VoIP wizard), the configured ports in the built-in SIP services are permanently inspected, which makes them open for external connections such as Telnet, without any Firewall policy rule. All other ports are blocked.


Solution
Note: To view this solution you need to Sign In .