I tried to created a call policy rule on our VCSe to stop unwanted call a tempts trough our VCS.
I use a GDS (Global Dialing Scheme) dailing scheme connected to the Dutch national gatekeeper organization. The connection is made by using a Neighbor zone.
I got can use the following numbers: 0505257000 to 0505257999 to register H323 endpoint to our VCS.
This all works fine.
In the logs of the VCS I can see that a lot of unwanted call atempts are made to the VCS, I tried blocking these calls by blocking the IP adresses (or a range of adresses) in our firewall, this of course helps, but new IP adressen are used so this is not a solution.
I made a simple call policy rule that should work I thought but I'm getting an error on the VCS
The call policy rule I made looks like this:
- Source pattern: 0505257(\d*)
- Destination pattern: 0505257\1
- Action -> Allow
The error I get is:
- Failed to load Call Policy file Line 7: Error: invalid destination regex '0505257\1' in rule node Raised Warning
the call policy rule generator won't allow you to do this. The source and destination fields are both for doing matching, not for transforming/modifying a called alias, you would have to use transforms, search rules or regular CPL for this.
When you fill out the 'Source' and 'Destination' fields, the VCS will attempt to match an incoming call with these values.
Can you describe in more detail exactly what you want to achieve in terms of who is to be allowed to call who, and who should get their call rejected?
in that case, you could create one call policy rule allowing calls with source 0505257\d\d\d and destination .*, (as the topmost rule since rules are processed top-down), and one call policy rule rejecting calls with source .* and destination .*.
This will allow authenticated call requests from aliases 0505257000-0505257999 to any destination, while rejecting all other calls.
When using the CPL rule generator, an unauthenticated call will be matched with source .* since the source field equals the authenticated-origin CPL field (Authenticated-origin will equal to nothing when the call is not authenticated).
For this to work, the default zone on your VCS needs to be set to 'Do not check credentials' to ensure that calls coming in via this zone are not authenticated.
Please consult the VCS admin guide and the 'Authenticating devices' deployment guide for more information and deployment tips regarding authentication and blocking of unauthenticated calls.
SIP traces provide key information in troubleshooting SIP Trunks, SIP
endpoints and other SIP related issues. Even though these traces are in
clear text, these texts can be gibberish unless you understand fully
what they mean. This document attempts to br...
Please find the attached HTML document, download and open it on your PC.
This provides an easy to use form where you simply answer a few
questions and it will render the proper jabber-config.xml file for you
to copy/paste. There is built in logic to verif...
CUCM Database Replication is an area in which Cisco customers and
partners have asked for more in-depth training in being able to properly
assess a replication problem and potentially resolve an issue without
involving TAC. This document discusses the bas...