hi,

i have a 2820 with 2 wan on NAT i configured open port for wan1 and wan2 of 5060-5065 range and rtp ports on lan ip, on firewall in filter setup i specify the only ip that have access to the lan ip of PBX !!

i received an attach on 5060 port open on my pbx....

why the dryteck did not block other ip that tried to open 5060 port !!

faaai wrote: ...why the dryteck did not block other ip that tried to open 5060 port ...

Hello, does your 2820 have built in VoIP ? In this case the Vigors own on board VoIP takes precedance.

So I think what you need is the telnet command to disable VOIP:

'voip sip misc -D 1'

then to commit this to memory, and restart with the amended functionality

sys commit
sys reboot

Regards, Neal

no i haven't build-in voip...how ever the problem is that an wan attack bypass the firewall rules ( or i make a wrong )

this is probably down the the firewall rule itself.

Go to the edit button under the service type for the block rule and ensure you only specify the DESTINATION PORT as 5060, leave the source port as 1~65535