@avayax wrote:
I have been receiving ghost calls to one of my remote phones, which connects to my PBX over openvpn.
My PBX is behind a NAT firewall (which also hosts the VPN server). SIP port 5060 is open, but whitelisted to only allow traffic from my SIP provider IP addresses and a FQDN of a remote FPBX box.Anonymous Inbound SIP Calls are not allowed, SIP guests aren't allowed either.
The phone receives calls from extensions that don't exist on my PBX, but are registered to public IP addresses.
The logs on the phone show something like this:
Call from
800@67.245.163.64
1002@67.245.167.74
10@67.245.163.64
1004@67.245.167.74I haven't found anything in the Asterisk logs referencing those IP addresses.
Are those calls touching the FBPX server at all?Where are those calls coming in on?
Is it the firewall in front of the remote phone that's the problem?Also, what are those calls probing for?
Sure the incentive is toll fraud, but what information are those calls trying to gather?
Posts: 7
Participants: 3