Firewall not blocking a SIP phone

[coreybrett]

I’m really confused.

I have the default action of UT firewall set to “Block”.

I have a few rules to allow the basics (HTTP, HTTPS, POPS, IMAPS, etc).

Even when I disable all my rules, my SIP phone is able to make and receive calls.

My computer (connected to the same switch as the phone) is unable to access the web at all while those rules are disabled.

I even disabled the rules, and restarted the UT box, and the phone was able to work after the UT box came back up while my computer was not.

After enabling the rules my computer can connect as normal, the point being, I know the rules and firewall are working, I just don’t understand my the phone is.

I assumed I would need to open the ports used for SIP, but apparently not (I can’t even block them).

Could someone explain this please?

The reason I even care is because I am in the process of learning/deploying a SIP PBX.

[Danp]

There's a SIP Helper in UT, which is probably enabled and that is allowing the SIP traffice to pass. Try disabling it.

[coreybrett]

Where would I do that?

[Danp]

From the wiki: http://wiki.untangle.com/index.php/VoIP_FAQs

[coreybrett]

You rock! Thanks, I should have looked for “VOIP” not “SIP” in the wiki.

[sky-knight]

The SIP Helper isn't involved here. But SIP and IAX are bypassed by default so no rack rule will work.

[Mathiau]

So you would have to make a specific block rule for it then?

[xsara]

Quote:

Originally Posted by sky-knight

The SIP Helper isn't involved here. But SIP and IAX are bypassed by default so no rack rule will work.

I'd like to block SIP and IAX traffic from all incoming destinations but our own company IPs. I don't want to remove these from the Bypass rules in the even that it effects VoIP performance?

Any advice?

Cheers