Grandstream Networks GRP26 Series Page 10 Security Manual Download

Page: 10 / 18

P a g e

GRP26XX Security Manual

When SIP TLS is used, the GRP also offer additional configurations:

Validate Server Certificates

This feature allows users to validate server certificates with our trusted list of TLS connections

Trusted CA Certificates

: Uses the certificate for Authentication

Figure 8 : Additional SIP TLS Settings

•

Local SIP port when using UDP/TCP:

Starting from 5060 for Account 1, the port numbers increase by 2 for each account. For example, 5062
is the default local SIP port for Account 2.

•

Local SIP port when using TLS:

The SIP TLS port is the UDP SIP port plus 1. For example, if Account 1 SIP port is 5060, its TLS port
would be 5061.

Anonymous/Unsolicited Calls Protection

If the user would like to have anonymous calls blocked, please go to GRP’s

Web GUI

→

Account X

→

Call Settings

and set “

Anonymous Call Rejection

“to “

Yes

” : The GRP will then reject all incoming calls

with anonymous caller ID by sending a “486 Busy here” message.

Figure 9 : Anonymous Call Rejection

Summary of Contents for GRP26 Series

Page 1: ...Grandstream Networks Inc GRP26XX Series Security Manual...

Page 2: ...I Access Protocols 4 Admin Login 5 User Management Levels 6 SECURITY FOR SIP ACCOUNTS AND CALLS 8 Protocols and Ports 8 Anonymous Unsolicited Calls Protection 9 SRTP 11 SNMP 11 SECURITY FOR GRP SERVIC...

Page 3: ...Figure 5 Change User Level password 7 Figure 6 Configure TLS as SIP Transport 8 Figure 7 SIP TLS Settings 8 Figure 8 Additional SIP TLS Settings 9 Figure 9 Anonymous Call Rejection 9 Figure 10 Setting...

Page 4: ...ecific port for signaling and media stream transmission It also offers configurable options to block anonymous calls and unsolicited calls Security for GRP Services GRP supports service such as HTTP H...

Page 5: ...are supported to access the GRP s web UI and can be configured under web UI Maintenance Security settings Security To secure transactions and prevent unauthorized access it is highly recommended to 1...

Page 6: ...password available on the sticker at the back of the unit Changing the default password at first time login is highly recommended When accessing the GRP phones for the first time or after factory rese...

Page 7: ...3 Only Status and Basic Settings Administrator Level admin Random password available on the sticker at the back of the unit All pages NOTES It is recommended to keep admin login for administrator only...

Page 8: ...P a g e 7 GRP26XX Security Manual Figure 5 Change User Level password...

Page 9: ...under Settings Call Features Set Disable Direct IP Call to Yes SIP transport protocol The GRP supports SIP transport protocol UDP TCP and TLS By default it s set to UDP It s recommended to use TLS so...

Page 10: ...Account 1 the port numbers increase by 2 for each account For example 5062 is the default local SIP port for Account 2 Local SIP port when using TLS The SIP TLS port is the UDP SIP port plus 1 For ex...

Page 11: ...m ringing the phones Please see below the settings Validate Incoming SIP Messages Set Yes to Validate incoming messages by checking caller ID and CSeq headers If the message does not include the heade...

Page 12: ...an be configured under Web GUI Account X Audio Settings Figure 11 SRTP Settings Selects SRTP mode to choose No Enabled but not forced Enabled and forced or Optional Default is No It uses SDP Security...

Page 13: ...ERVICES Firmware Upgrade and Provisioning The GRP IP Phones support downloading configuration file via TFTP HTTP HTTPS FTP FTPS Below figure shows the related options under Web GUI Maintenance Upgrade...

Page 14: ...ted the GRP must supply the correct password in this field so it can decrypt XML configuration file after downloading it Then the configuration can be applied Please note this feature is supported on...

Page 15: ...urity Manual CPE SSL Certificate Configures the Cert File for the ATA to connect to the ACS via SSL CPE SSL Private Key Specifies the Cert Key for the ATA to connect to the ACS via SSL Figure 14 TR 06...

Page 16: ...GRP supports sending Syslog to a remote syslog server By default it s sent via UDP and we recommend changing it to SSL TLS so the syslog messages containing device information will be sent securely o...

Page 17: ...the feature Local SIP Port defines the local SIP port used to listen and transmit The default value when using SIP transport protocol UDP TCP is 5060 for Account 1 5062 for Account 2 5064 for Account...

Page 18: ...cess to public network for normal usage Use HTTPS for firmware downloading and config file downloading Use HTTPS for firmware downloading and provisioning Besides that set up username and password for...

Search results

Summary of Contents for GRP26 Series

Reviews:

Related manuals for GRP26 Series

Brands by name

Popular brands

Grandstream Networks GRP26 Series, Security Manual

Search results

Summary of Contents for GRP26 Series

Reviews:

Related manuals for GRP26 Series

Brands by name

Popular brands