Putting our origination PBX, or SIP equipment behind an external firewall often makes sense to increase security and provides better protection against DDoS attacks, port scanning, etc. The following guidelines should be taken into consideration when configuring a firewall.
NeuTrafiX requires the following ports to be open for incoming connections from the public networks:
UDP destination port 5060 (SIP); IP: 188.8.131.52
UDP destination ports range 10,000 - 65,000 (RTP), IP: ANY
The following ports should be allowed to initiate connections to the public networks:
UDP source port 5061 (SIP outbound); SRC IP: 184.108.40.206
UDP source ports range 5065-5071 (SIP outbound); SRC IP: 220.127.116.11