Jump to content

Recommended Posts

Posted

TIP: Reserve UDP ports from windows' own services to prevent signaling & audio

problems with pbxnsip.

 

UDP is a big problem nowadays under windows. With the latest DNS patches to

Windows machines ports used for UDP SIP and RTP audio can be eaten by

Windows' own DNS client and server processes.

 

Listed below is a registry key that will prevent windows from using UDP ports in the

same range that pbxnsip requires for operation.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

ReservedPorts=

5060-5061

10000-12000

 

Separate values for ReservedPorts using enter to goto next line. You may change

reserved UDP port numbers to whatever ports above 1024 are required to operate

pbxnsip in your environment. In the sample above the first line is for inbound sip

on 5060 thru 5061 and RTP media using ports 10000 thru 12000.

 

 

Vulnerabilities in DNS Could Allow Spoofing (953230)

http://www.microsoft.com/technet/security/...n/ms08-037.mspx

 

You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)

http://support.microsoft.com/kb/956188/

 

-Isaac

Posted
TIP: Reserve UDP ports from windows' own services to prevent signaling & audio

problems with pbxnsip.

 

UDP is a big problem nowadays under windows. With the latest DNS patches to

Windows machines ports used for UDP SIP and RTP audio can be eaten by

Windows' own DNS client and server processes.

 

Listed below is a registry key that will prevent windows from using UDP ports in the

same range that pbxnsip requires for operation.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

ReservedPorts=

5060-5061

10000-12000

 

Separate values for ReservedPorts using enter to goto next line. You may change

reserved UDP port numbers to whatever ports above 1024 are required to operate

pbxnsip in your environment. In the sample above the first line is for inbound sip

on 5060 thru 5061 and RTP media using ports 10000 thru 12000.

 

 

Vulnerabilities in DNS Could Allow Spoofing (953230)

http://www.microsoft.com/technet/security/...n/ms08-037.mspx

 

You experience issues with UDP-dependent network services after you install DNS Server service security update 953230 (MS08-037)

http://support.microsoft.com/kb/956188/

 

Whow that is very interesting stuff!

  • 2 months later...
  • 5 months later...
Posted
Listed below is a registry key that will prevent windows from using UDP ports in the

same range that pbxnsip requires for operation.

 

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

ReservedPorts=

5060-5061

10000-12000

 

Separate values for ReservedPorts using enter to goto next line. You may change

reserved UDP port numbers to whatever ports above 1024 are required to operate

pbxnsip in your environment. In the sample above the first line is for inbound sip

on 5060 thru 5061 and RTP media using ports 10000 thru 12000.

 

Note to clarify this Registry edit:

 

You are not adding a new key to HKLM\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\

You are just adding a Multi-string Value called ReservedPorts (do not include the

= symbol in the name).

 

Details at http://support.microsoft.com/kb/812873/

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...