Mitel Forums - The Unofficial Source

Mitel Forums => MiVoice Office 250/Mitel 5000 => Topic started by: RLyon on April 19, 2019, 10:12:11 AM

Title: Security Practices
Post by: RLyon on April 19, 2019, 10:12:11 AM

What are good security practices that one should implement to prevent the system from getting hacked? I am getting  Invalid Extension Dialed -SIP PEER: 'P9001, SIP device: 1000, number: 94981235854

Title: Re: Security Practices
Post by: Tech Electronics on April 22, 2019, 07:24:04 AM

RLyon,

That is a loaded question that covers a lot of topics, but for this use case you could set the SIP Peer Phone Group P9001 to use a Static Binding instead of a username and password; remember you have to reset the phone system to get a static binding to take effect. This would also require that the SIP x1000 be set to a static IP Address as well.

Thanks,

TE

Title: Re: Security Practices
Post by: RLyon on April 23, 2019, 05:59:56 PM

Thank you for that tip. I did change that. I also watched Mitels Toll Fraud video. I changed the VM password. Was looking for the trunk to trunk dialing but can not find it. They are still getting in and making multiple 911 calls. I took the phones out of service in the mean time till I find a solution.

Title: Re: Security Practices
Post by: Dogbreath on April 25, 2019, 05:01:54 AM

Are you letting SIP in from the internet?

Title: Re: Security Practices
Post by: acejavelin on April 25, 2019, 10:41:39 AM

Assuming you need port 5060 open from the public Internet for trunking (otherwise, close it!), use a complex password... We use a 16 character random password like "FjSQmW7hLj8dz!dv" (randomly generated by Roboform) and that usually is sufficient since there is no MAC address restrictions in the 250.