Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

ACL behaviour with voice source-groups

Hello.

I need to match incoming VoIP calls by IP and reject calls from unknown hosts. I using voice source-groups for this and got unexpected behavour. There are 2 source groups with acl in each. First acl permits 10.1.1.1 and second permits 10.1.1.2. In this scenario i can call from any IP (listed and unlisted), translation profiles are applied correctly. If I append deny any to acl 1 I can call from 10.1.1.1 only, calls from 10.1.1.2 are rejected.

Is this a bug or I doing something wrong? At this time I use acls without deny rules. I append prefixes to known hosts in source groups and than remove them in corresponding incoming dial-peers, calls from unknown hosts are rejected by default incoming VoIP peer. This works but looks too complicated. Is it possible to make it more correctly?

Regards, Maxim

Sent from Cisco Technical Support iPad App

167
Views
0
Helpful
0
Replies
CreatePlease login to create content