Need a little help with stopping hackers trying to register to my phone system

Hi All,

recently i picked up a Netgate SG-2100 and have gotton my Allworx phone system working
quite well, but having a little trouble blocking random ip addresses trying to register to the system
there is more but there are four of them today

so my question is how can i block these right at the wan?

sample from my reports in the system
tSip: Disconnecting UDP client REGISTER failed (404 Not Found)

seems i need a url to block inbound traffic
I have enabled pfBlocker and have enabled a certificate
also some of the IPv4 Source definitons, all seems fine

any way i can create my own source?
Is there any recommended ipblock list just for Voip traffic? is really all i need

how can i create an alias with just wan ip addresses
because port 5060 UDP is open, they just penetrate there

so ive been kicking the tires on this for a few days and i feel i need a little direction

Thank you in advance


If the port is open and you need more than one IP to access it then this will happen. Either filter the port to only the IP’s that need to access it or close it. I keep my phone system behind a VPN to avoid these issues.

I can “filter” the ips with pfsense for port 5060?

never heard of VPN inside of a LAN ( I dont pretend to to know it all)

so can your team sort this out? for monetary rewards?


is it possible to block them all and create a white list


You can create an address list of your allowed IPs (the public IPs that your phones will be connecting from) then modify the firewall rule that is associated with your port forward to change the Source from “Any” to just that address list.

thank you
see if i can figure that out


so after 3 days of head banging i got it - finally as follows if any body would like settings



ASN Reporting-disable

MaxMind GeoIP configuration
MaxMind License Key- i have one dont know if it matters or not

IPv4 Suppression

IP Interface/Rules Configuration

Inbound Firewall Rules-WAN-reject

Outbound Firewall Rules-LAN-reject

Firewall ‘Auto’ Rule Order dropdown menu | pfB_Block/Reject | All other Rules(Defaultformat)

Firewall ‘Auto’ Rule Suffix- auto rule

Kill States unchecked

saved it all

works like a charm