06-05-2009 09:49 AM - edited 03-15-2019 06:23 PM
I have an urgent need.
I have a site that has reported over 4000+ minutes of calls from our Mexico site to the Ukraine. I am running CME7.x and do not know how to set-up toll fraud/restrictions on outbound calls.
I need some help, point me in the right direction, to stop calls going to country code 380
How can this be done?
Can this be done?
06-05-2009 10:04 AM
Is this site exposed to internet and SIP ?
If so, put an ACL to allow only the SIP peers you allow.
06-05-2009 10:07 AM
we are not running sip.
Site in mexico has 20 trunks,
controller E1 0/3/0
framing NO-CRC4
ds0-group 1 timeslots 1-15,17-20 type r2-digital r2-compelled ani
cas-custom 1
country telmex use-defaults
category 2
answer-signal group-b 1
we have DMVPN connection to HQ with Gatekeeper.
I am looking at Cisco site now talking about:
telephony-service
after-hours block pattern 1 91
after-hours block pattern 2 9011
after-hours block pattern 3 91900 7-24
http://www.cisco.com/en/US/products/sw/voicesw/ps4625/products_tech_note09186a00809dc487.shtml
Not sure if this is the best way to set this up or not.
06-05-2009 10:13 AM
SIP is enabled by default, is the router directly connected to the internet ?
06-05-2009 11:26 AM
I suggest making this change:
voice service voip
sip
call service stop
Hackers frequently scan for open TCP/UDP 5060. If your router has a voice-port in it, it will listen on these ports by default. Additionally, any incoming H323 or SIP call will match dial peer 0 by default, and then will be eligible to be routed out of your T1. By disabling SIP completely if you're not using it, you will mostly avoid this. Nearly every case I've seen of this has been SIP related even though the same thing is possible with H323. I suggest blocking TCP 1720 and UDP/TCP 5060 from the public, among other general security ports like 23 for telnet.
hth,
nick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide