That would depend on the sending UA's ability to answer such challenges, unless you're referring to some setting to white-list IPs or restrict sources to previously called endpoints. On August 8, 2018 1:43:45 PM EDT, Carlos Alvarez <caalvarez at gmail.com> wrote:
Do most of you have the phones authenticate incoming calls? We haven't been, but occasionally find a router that has unfiltered full cone NAT (Cisco) or that puts one phone on 5060 with no filtering by IP. The result is that the phone will start ringing at random as script kiddies hit the IP and port 5060 trying to find servers to exploit. I don't see a downside to changing to auth, but not having done it outside of a few tests of a small number of phones, I figured I would ask.
-- Alex -- Sent via mobile, please forgive typos and brevity.