Skip to content
  • There are no suggestions because the search field is empty.

🔐 Kiwi VoIP – Securing Your VoIP Devices & PBX

Protect Your VoIP System: Security Recommendations and Best Practices

Due to an increase in fraudulent activity and network attacks, Kiwi VoIP strongly recommends all customers perform a security audit of their phone systems and network setup.

Whether you're using a hosted PBX, on-premises IP phone system, or SIP trunking — following these best practices can protect your business from toll fraud, service interruption, and unauthorized access.

✅ Security Best Practices

1. 🔥 Use NAT or a Firewall – Avoid Port Forwarding

  • DO NOT place your PBX in a DMZ or expose it directly to the internet.

  • Avoid port forwarding SIP/IAX2 ports unless absolutely necessary.

  • Most systems should operate securely behind a standard router with NAT.

Only open ports if you have advanced firewall rules in place to limit exposure.

2. 🔒 Restrict SIP Peering to Kiwi VoIP IPs

If you’re using SIP peering (not behind NAT or using port forwarding):

  • Only allow traffic from Kiwi VoIP’s network range: 27.111.14.0/24

  • For stricter control, allow only traffic from our SIP trunk IP: 27.111.14.66

  • This protects your system from SIP scanning or brute-force attacks from the public internet

3. 🚫 Block Anonymous Calls

On PBX systems (especially Asterisk-based):

  • Set allowguest=no in SIP general settings

  • Disable any settings that allow unauthenticated calls to reach your PBX

  • Review SIP or extension settings on all devices for anonymous access

4. 🔑 Use Strong Passwords

  • Use unique, complex passwords (8+ characters, upper/lowercase, numbers, symbols)

  • Avoid using extension numbers as passwords

  • Apply this to:

    • Kiwi VoIP account login

    • PBX extensions

    • Admin portals

5. 🧽 Wipe Devices Before Disposal

If you’re discarding or reselling any VoIP or computer hardware:

  • Fully reset or erase all configurations

  • Remove saved credentials, SIP settings, admin passwords, and server info

6. 📵 Block Voicemail Dial-Through

  • Disable outbound calling from voicemail systems

  • Ensure voicemail boxes use strong passwords

  • This prevents abuse from Dial-Through Fraud (DTF)

7. 💸 Set Auto Top-Up Limits

  • Use the Kiwi VoIP dashboard to:

    • Limit the auto top-up amount

    • Prevent runaway charges in case of fraud

8. 🌍 Lock Down International Dialing

  • Enable PIN protection for international calls via your Kiwi VoIP settings

  • Or block international calling entirely if not needed

⚠️ Risks of Poor Security

If your system is not properly secured, you may be vulnerable to:

Threat Description
Toll Fraud Hackers use your PBX or credentials to make international calls at your cost
Unauthorized Access Attackers gain control of your phone system, voicemail, or call logs
Denial of Service (DoS) Flooding your PBX or VoIP connection, disrupting phone service