cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
910
Views
15
Helpful
15
Replies

CME Intrusion

jjgoncalves
Level 1
Level 1

I have a CME directly connected to the Internet. And i found out that someone is using my ISDN access to make calls. Who can i block outgoing calls that are not from registered phones?

1 Accepted Solution

Accepted Solutions

good luck

Please, if helpful Rate

View solution in original post

15 Replies 15

Marwan ALshawi
VIP Alumni
VIP Alumni

u can make restrection on the dial-peers and who is allwed to dial out or in with CME by using a nice feature called COR List

for detailed instructions see the following link:

http://www.cisco.com/en/US/tech/tk652/tk90/technologies_configuration_example09186a008019d649.shtml

good luck

please, if helpful Rate

Thanks for your help.

But i already have a corlist working. My question is if someone has some kind of softphone that is not configured on the CME, how can i be sure that he can not make the call.

Only the registered phones should be able to do so.

look at the following prevous issue which is similer but not same as urs

i am sure will be useful

the idea is to block all calls in all times and make exmptions to the phones registered with ur CME so only the phones u configre will be allowed to make calls

http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Telephony&topicID=.ee6c829&CommCmd=MB%3Fcmd%3Dpass_through%26location%3Doutline%40%5E1%40%40.2cc17c28/5#selected_message

please, if helpful Rate

Thanks for your help.

I believe that was what the answer.

Best regards

good luck

Please, if helpful Rate

Arthur Kant
Level 1
Level 1

Am I naive in thinking that using the IOS firewall feature set in your CME router connected to the Internet would prevent this from happening?

I think that could do the trick.

The funny think is that i don't understand how they can make the call!

*Aug 25 12:18:06: //19899/xxxxxxxxxxxx/CCAPI/cc_api_caps_ind:

Call Entry Is Not Found

*Aug 25 12:18:06: //-1/E9D8D7E61217/CCAPI/cc_api_display_ie_subfields:

cc_api_call_setup_ind_common:

cisco-username=xxxxxxxxxxxx

----- ccCallInfo IE subfields -----

cisco-ani=xxxxxxxxxxxx

cisco-anitype=0

cisco-aniplan=0

cisco-anipi=0

cisco-anisi=0

dest=zzzzzzzzzzzzz

cisco-desttype=0

cisco-destplan=0

cisco-rdie=FFFFFFFF

cisco-rdn=

cisco-rdntype=0

cisco-rdnplan=0

cisco-rdnpi=-1

cisco-rdnsi=-1

cisco-redirectreason=-1 fwd_final_type =0

final_redirectNumber =

hunt_group_timeout =0

This is the first time this has happen to me.

I think that they are using a PC to make the outbound call.

Hi,

Did you ever solved this issue?

I think I'm having the same issue. I have a UC500 that started to make calls I don't know where they came from.

All calls have a calling number=0000 and they dial numbers around the world.

It seems the UC500 starts the calls itself...

Regards

You likely have CME exposed to the internet, they call via SIP or more rarely H.323.

Generally, this is easily addressed with an access-list.

Hi,

Thanks for your reply.

I got some more info on this with some debugs, and now have "asterisk" as a Call Name.

The UC500 does have a public IP address. Does it receive and accept SIP calls on this public interface without any config? It's just a Dialer with pppoe.

Regards

Yes, it does, "just pppoe" is a perfectly valid public address.

You can also check new features to prevent that:

http://www.cisco.com/en/US/tech/tk652/tk90/technologies_tech_note09186a0080b3e123.shtml

please remember to rate useful posts clicking on the stars below.

How can I achieve this with early firmware version? I have 15.0.1XA on a UC520.

Or where can I get 15.1.2 IOS, in the software page I only have 12.4.

Many thanks

Enter "toll fraud" in cisco.com search box, and read relevant documents.

Sorry to bother again,

Do you know if there's already a 15.1.2T version for the UC520? I'm not able to find it anywhere.

Many thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: