Quote Originally Posted by burris View Post
I'm not Mike but I still have the original PAP2T through my 3801HGV Uverse modem and have those same ports forwarded for years without the experiences you mentioned.
For the very first time, I'm using a modem/router package and so far, not a single problem with speed or anything.

In the past, I would always insist on a separate modem & router. This modem doesn't really want to be bridged and although I could do so, it is working so well that I don't want to fool with it.
Thanks for the response Burris. I read in another topic that Mike doesn't forward any ports but also doesn't have the router firewall enabled.

I have all the logging turned on and the log is consistently full of these attempts. What worries me is since the Grandstream is basically part of my internal network, if an vulnerability is found, they can use these forwarded ports to access other devices/computers on my network. A couple years ago, I only need to forward range 5004-6000 with my old Dlink DIR-655 and Voipo service worked great. But then that router died and I replaced it with the Netgear. I believe I tried to use the same range and it didn't work, so support said I had to use that huge range. The service has been fine but lately we've noticed some slowness at times and when the logs are checked, I've discovered botnets basically DoSing my connection on those forwarded ports (usually in the 33000+ range).

I'm wondering if port triggering could be used in conjunction with port forwarding. For example, if the incoming call always hits port 5060 first then negotiates a different/dynamic port, it seems like I could forward only 5060 to the ATA and then use port triggering to open that huge range which would only stay open while on the call and timeout/close when finished. I haven't had time to research this more or try it (WAF needs to stay high).