random ports you are wasting your time, it may stop the noise of the bots that scan defaults.
just before you go to replay and tell.me.i am wrong spend some time on shodan :-)
strong passwords and good security policy, only allow what is needed.
don't have the webinterface exposed to the Internet.
I just use tls and the inbuilt firewall with fail2ban using a script to update a firewall blacklist rule.
due to the scammers you will find, an international Voip call will be blocked, and you will struggle to get a local sip provider to provide international sip trunks due to local regulations.
we use a local cloud pbx provider to a local address and ship the ip phones they use a vpn back to the local cloud system.
astricks may be a better choice for you
yes, you can use cat 3 (cw1308) cabling for 10/100 if the cable is direct end to end.
it is not recommended, though, and does comply with any standard you should use ca5/5a/6
you could use a multi port ata and use analogue phones for the phones that do not have the correct cabling. an alternative solution would be wifi adapters on the ip phone on a dedicated wifi network, which is not an ideal solution. with wifi, ensure you know the limitations, i.e., the number of concurrent connections,
just my opinion, though:-)
a switch in default all port are on vlan 1 untagged.
you need to tell the switch which ports have vlan 3 assigned as a tagged vlan.
if you use a show ports membership, you will see vlan 1 and tagged vlan3
hope it helps
basically yes, the voice vlan priorities the voice traffic, so you create the Vlan and tell the switch vlan 3 is voice ( this may differ on the hpe switch you have )
the switch will have default vlan 1 and tagged vlan 3 on all ports that have phones connected.
the router will have to be configured for a tagged vlan 3
the pbx, you have two options set the port The phone system connects to to a access port to vlan3 or set the pbx to vlan3
hope it helps
me too, using the wireguard Clent.
pfsence https://m.youtube.com/watch?v=8jQ5UE_7xds
if you don't have pfsence, google wireguard vpn docker.
I use the wireguard client on android.
I use wireguard back to a pfsence box. I don't notice any increased battery drain
I just need access to my home network, so it dose the job.
coustom script, it's a bash script that looks at fail2ban logs, then adds an ip address to the firewall block list.