VoIP Security

From AAISP Support Site

Go to the VoIP Category

This page gives information about features on the AAISP side that can help secure your VoIP service, as well as what you can do on your network to secure your VoIP service.

Security Settings on the AAISP Control Pages

These settings are set on the Control Pages: http://aa.net.uk/login.html

The control page will also show you the number of SIP registrations and the useragent and IP of the registered phones. (not on the legacy 'A' server)

SIP Password

  • A number will have a sip password, this can be changed from the control pages, the 'Make Password' button will generate a password for you.

Call Rate Limits

  • National outgoing calls can have a price limit (default = 20p/min)
  • International outgoing calls can have a price limit (default = 2p/min)
  • International calls can be disabled (setting price limit to 'Free')
  • National calls can be disabled (setting price limit to 'Free')

Contact AAISP if you're needing these limits changed up, customers can reduce the limits though.

IP access

  • IP Lockdown - a VoIP number can be given an IP address to which is only allowed to register (ie you can add the IP of your phone, and only that phone will be able to register) (this feature is only on the C and the Z servers, the legacy A server does not have this feature)

On the Z servers you can specify the IP as a subnet in CIDR format, eg 192.0.2.0/29

Warning Emails

The system can send advisory messages when a billing amount is reached. This is set per number on the control pages. The email set for the Number and for the Login is used. During the month, each time the amount is reached an email will be sent. At the end of the month the amount is reset. This feature was added in October 2011, the default warning level is £10, and numbers who used over £10 in September the rate was set to 1.2 times Septembers bill amount.

Secure Your Equipment

Your Firewall

Protect your phones and VoIP servers from the outside world!

Passwords, etc.

Many Phone systems and VoIP phones will have their own security features, do make use of them and use strong passwords. See your equipment documentation for further information.

  • Set strong http and admin passwords on your VoIP phones
  • If you run your own PBX, ensure passwords are secure, and access lists are up to date
  • Periodically check for software/firmware updates for your hardware


Odd incoming calls that are not on the CDRs?

If your phone receives odd calls that are not logged on the AAISP CDR pages, then it may be that calls are being sent direct to your phone from the Internet. This would be because your phone or phone system is not firewalling SIP, and so auto-diallers are trying to make spammy calls to you. The caller id may be anything, but we have seen calls from 100, 150, 1000, 2000 etc. Also check your SIP logs to look for the SIP INVITE packet and see what the source IP is. eg, a SNOM has a SIP Log from within the web interface.

Solution: Firewall SIP as explained above.