Skip to main content

In pursuit of security I'm beginning to segment my network to put "things" outside of my core network, including my VOIP phones. I'm running pfense 2.60 on a Protectli FW4C with 4 ports, and I'm using 3 of them as follows:

Following this documentation I've allowed traffic as follows:

where RingCentral_Supernets is an alias to all the networks from Table 2.1 and PolyCom_Provisioning is an alias to the FQDNs from Table 3.2.6 for my PolyCom phone.

The good news is that my phone works, and it has the correct time. :LOL:

But am I being overly permissive with the * ports for the RingCentral_Supernets? Should I enable only the port ranges required in Table 3.2.6?

Or can we trust the entire RingCentral_Supernets?

Be the first to reply!

Reply