can anyone tell me the best way to lock down 5060 UDP so that only one ip can use the service on a draytek 2830?

ive tried the firewall rules but they dont seem to block anything!

thanks in advance Gary

Yes, far too many SIP scanners around...!

Obviously you need to know the IP or IP ranges(s) of your legitimate VoIP services, but then creating firewall filter set rules like:

1) Direction: WAN -> LAN | Source IP <your VoIP provider> | Destination IP <your internal IP of VoIP device> | Service type UDP port from 5060 to 5060 | Fragments Don't Care | Filter Pass Immediately

then

2) Direction: WAN -> LAN | Source IP any | Destination IP any | Service type UDP port from 5060 to 5060 | Fragments Don't Care | Filter Block Immediately

This assumes you have port forwarding set up so port 5060 traffic is routing to a specific internal IP/device <your internal IP of VoIP device>.

This works on my 2860 and 2 previous generations of Draytek devices! Some devices seem to need a reeboot before filter rules take effect.

Chris