Is it possible to bind endpoints to specific ports (transports) for incoming/registering?
Example: I try to separate normal extension endpoints from guest/anonymous endpoint
by UDP port. Result should be:

• port 5060 will accept normal endpoints (extensions) by registering
• port 5070 shall accept guest/anonymous calls only.
  This is meant to have an additional security when opening a PJSIP port through firewall.
  It seems the different transport definitions bound to the endpoints are for outgoing only.
  If a set the 5070-transport to anonymous endpoint, it accepts 5060 as well.

Thank you.
Armin

There is no ability to restrict incoming traffic for endpoints to a specific transport or port. You can only control the transport used for sending.

Is there another way to seperate endpoints (SIP access) besides ACL
and permit/deny settings based on IP?
The idea is to make sure anything from internet has access to one context
only and even with known endpoint password the access to other contexts
are impossible.

Those would be the only solutions available.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.