Many phones support Direct IP calls.
Direct IP calling allowings one VoIP phone to call another VoIP phone by dialling the destination phone's IP address directly without using a service like sipgate.
Unwanted or nuisance Direct IP Calls are called SPIT calls (Spam over Internet Telephony).
These calls aren't being made to your sipgate phone number or routing over our network. You'll need to review your local network and VoIP phone configuration to block these types of calls.
As a local network and phone security issue, the best support and assistance will be provided by your VoIP device and/or router manufacturer's support teams.
Using a Local or Listen SIP Port value other than the default port value 5060 (say 46160) should put an end to these types of calls. While this may stop these calls, this step alone is not a solution.
At the very minimum as an initial step, please change your sipgate login and SIP Password, change the administrator passwords and update the firmware used by your VoIP phones, routers and other networked devices as well as scanning your computers, smartphones, etc for viruses and malware.
If your router firewall supports the option, you could limit VoIP traffic to our IP ranges:
Your router should also have a wide range of security options. You should contact your router manufacturer's support for advice and recommendations.
Ultimately your local network's configuration and its security is your responsibility and outside sipgate's scope of support. The best source of help will be provided by your VoIP phone and/or router manufacturer's support staff.
Most recent VoIP phones will have options to disable Direct IP Calls:
(Firmware Version v8)
Set the option "Filter packets from Registrar" to Yes:
In your Yealink deskphone's web configuration menus, please disable 'Allow Direct IP Call' and enable the 'SIP trust' feature:
The options available will depend on the model of your phone.
- Under Settings -> Advanced Settings check for an option to "Disable Direct IP Calls"
- Under Profile/Account set Check SIP User ID for incoming INVITE to Yes.
- Otherwise please open Account x -> SIP Settings -> Security Settings and set the option Accept Incoming SIP from Proxy Only to Yes.
Cisco/Linksys SPA & PAP2:
Under Voice -> EXT or Line set Restrict Source IP to Yes.
Panasonic KX series phones:
Enable the option 'SSAF' (SIP Source Address Filter) in your phone's web interface.
You can restrict which IP addresses that can connect to your Obi using the 'X_AccessList' setting. The 'X_InboundCallRoute' optoin can be used to limit inbound calls to those intended for your Obi's 'AuthUserName' (sipgate SIP-ID).