Author Topic: Mitel 3300 and Security Scans  (Read 1619 times)

Offline ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5767
  • Country: us
  • Karma: +469/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Mitel 3300 and Security Scans
« on: September 21, 2016, 05:04:11 PM »
We had another case today of someone running a security scan against the 3300 causing all of the phones to reset.
Has anyone else had to deal with this?

Ralph


Offline VinceWhirlwind

  • Hero Member
  • *****
  • Posts: 899
  • Country: au
  • Karma: +31/-0
    • View Profile
Re: Mitel 3300 and Security Scans
« Reply #1 on: September 21, 2016, 11:46:56 PM »
Is this via an external-facing SIP trunk?

Offline ralph

  • Mitel Forums Admin
  • Hero Member
  • *****
  • Posts: 5767
  • Country: us
  • Karma: +469/-0
  • Published Author: http://amzn.to/2dcYSY5
    • View Profile
Re: Mitel 3300 and Security Scans
« Reply #2 on: September 22, 2016, 07:25:33 AM »
Internal scan.  It was a security audit of the network.

Ralph

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4100
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: Mitel 3300 and Security Scans
« Reply #3 on: September 22, 2016, 06:53:16 PM »
Yeah, more than once... IHS (Indian Health Services) seems to have a particularly nasty scanning tool that causes this. We were able to get them to exclude the MCD's IP address and the problem went away at several sites.

Offline VinceWhirlwind

  • Hero Member
  • *****
  • Posts: 899
  • Country: au
  • Karma: +31/-0
    • View Profile
Re: Mitel 3300 and Security Scans
« Reply #4 on: September 23, 2016, 12:50:06 AM »
OK, well if that was happening to me I would do this:
1/ Create an access list on the Controller's LAN switch that filters to just the Controller's IP addresses and logs every hit.
2/ After a week of this, I would examine those logs and create an access list on the switch that locked communications right down to what it uses.
It would look something like this:
Controller-->Phone Subnet : UDP 68(only if you use the controller for DHCP)
                                              UDP 50000-50511,
                                              (Maybe UDP 0-65535)
Phone Subnet-->Controller : UDP 67(only if you use the controller for DHCP)
                                              UDP 69
                                              UDP 20001
                                              UDP 50000-50511
                                              (Maybe UDP 0-65535)
                                              TCP 80,443,3998,3999,6800,6801,6802

Offline Hawaii5O

  • New Member
  • *
  • Posts: 2
  • Country: us
  • Karma: +0/-0
    • View Profile
Re: Mitel 3300 and Security Scans
« Reply #5 on: June 28, 2021, 04:48:53 PM »
I am facing a similar problem.  Are you referring to the 3300s layer 2 built in switch or the Switch that the controller uplinks to?  We have an HP 24port switch in between the voice equipment and the customers LAN.  Should aI create the Access list on the HP 24port switch?

Offline Dogbreath

  • Global Moderator
  • Sr. Member
  • *****
  • Posts: 396
  • Country: gb
  • Karma: +18/-0
    • View Profile
Re: Mitel 3300 and Security Scans
« Reply #6 on: June 29, 2021, 05:32:50 AM »
The CXi switch doesn't support ACLs so it would need to be on an external switch.


 

Sitemap 1 2 3 4 5 6 7 8 9 10