This article explains how to set up an AudioCodes MP1xx or Mediant series device Firewall, for gateways connected with MAXCS.
Administrators can specify that the gateway can be configured only from certain IP addresses. Configuring the device’s firewall in this manner greatly diminishes network vulnerability, so that security tools can audit the gateway devices successfully.
Warning: Be very careful when configuring the device’s firewall. If you accidentally block all network access, then you may need to perform a factory reset in order to recover.
While following these steps, you will need to substitute the IP address for your PC and your MAXCS IP address for the placeholder addresses shown here.
1. Under Configuration, select Full.Add an Allow entry for your own PC’s IP address (10.40.0.20 in this example), so that your system can always configure the MP1xxx/Mediant device. Use a low index number.
4. If you have any other PCs that are used to configure gateways, consider adding Allow entries for those as well. Use low index numbers.6. Now add a Block entry, to block network access from any other IP address. Use a much higher index number; it must be a larger number than any of your Allow entries.
Important: If you are following AltiGen’s guide to setup the survivability, you may not want to directly block 5060 or 10060 to all IP addresses. Doing so will disable the survivability.
If you are setting up up survivability for an AudioCodes gateway, the AudioCodes device will need to talk to Polycom or to the AltiGen phone directly. In this case, you cannot block every port; otherwise, survivability will not work. Instead, you can use the Source Port field to block individual ports, such as 23, 161, 443, 5061, or 5081. Each port requires a separate entry. For example, to block port 443, set both Start Port and End Port to 443.
7. Confirm that you can still configure the device after you make all of your firewall changes.
Last Updated
7th of September, 2017