DoS and Flood Protection in Firewall Configurations

So you have now installed 3CX Phone System, your VoIP Provider account registers fine, a couple of  successful test calls prove that all is working well. It’s now time to put things into production. Then you discover that as soon as you have more than a couple of simultaneous calls, things stop working correctly!!!Calls do not come in, registrations fail, unexplained one-way-audio or no-audio behavior, and you are left wondering what is going on.

Introduction to Firewalls and NAT

Firewalls and NAT Devices today are always trying to do MORE to protect your network.  In some cases it is very possible that they may be doing TOO MUCH. Check out your device and see whether it has features to protect your network against “Flood” type attacks. A VoIP call from a VoIP provider will deliver a constant stream of UDP RTP packets to your network to deliver the audio content of the call – which some Firewall devices may easily misinterpret as a Flood attack or a DoS (Denial of Service) attack on your network.

The example above shows what a typical DoS Protection option might look like in a Firewall device(DoS defence is disabled here) – so you could change, or tweak some of these settings (especially UDP flood defense) to get things working correctly. Disabling DoS defense completely (for troubleshooting purposes only) is a simple way of identifying whether this is the cause of your problems.

Consider this as a quick hint to stop you from spiraling into despair  and treat it as one of the first thing to check for once things start going south for no apparent reason.

Liked this article?


Get notified of new articles
or share
You might also be interested in:
  1. Privacy, business & trust seals

    I need to write a paper on DoS attacks and I need some info on what the best defense against UDP flood attacks is …

    August 31, 2009 at 9:51 pm