Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

5300 gateway security

I want to prevent un-authorized directing of voip calls to my 5300....

I have an AS5300, doing voip termination to the LD PSTN..... I have other 5300s pointing at it directly... so my gateway IP Addr has been handed out a bit too much...

I think a Gatekeeper (w proxy) may be the answer,

but I find no gateway config samples on the CCO/TAC sites....

or it 'feels' like H.235 may be an answer....

how do I configure a gateway/gatekeeper pair such that other 5300s cannot point directly at my 5300, but must enter thru my gaekeeper or whatever....

Thanks,

Rich

4 REPLIES
Cisco Employee

Re: 5300 gateway security

New Member

Re: 5300 gateway security

This is one of the Cisco docs I read that lead me to the question.... how to take advantage of what is described in this reference. So far, still cannot find the config commands that make it happen in a gateway.

New Member

Re: 5300 gateway security

I have the same issue you posted in back in May. Did you ever find a solution?

Silver

Re: 5300 gateway security

There are multiple soltuions for this. you can use a gatekeeper, which will provide you security and you can use h235 to specify differnt security levels, on registration or on a per call basis. Look at this link for more info :

http://www.cisco.com/warp/public/788/voip/gw_security.html

You can also use the proxy and give your gateway an internal ip address so noone can access it without going through your gatekeeper.

You can also use the OSP solution to implement crypto security between your gateways and enroll them to an OSP server :

http://www.cisco.com/warp/public/cc/so/neso/vvda/pctl/clear/osp_qp.htm

87
Views
0
Helpful
4
Replies