03-25-2015 08:16 AM - edited 03-17-2019 02:27 AM
Hi,
I didn't find anywhere if it was possible to have some rules/restrictions on SIP call routing. I explain our needs:
We have a Cisco router 3925 acting as an SBC, and which is interfaced to several IP networks (which are all connected to separate RJ45 ports):
Office ----- SBC ------- Network 1
|______ Network 2
|______ Network 3
The users in our office can call the users in each network (and vice versa). However we would like to improve security and avoid our SBC to act as a relay between the external networks: e.g. user in Network 1 must not be able to call someone in Network 2.
How could we implement such rule in the SBC configuration? We thought about call-block parameter in inbound dial-peers, is it the right way to do it?
dial-peer voice 1 voip description Office - Network 1 incoming called-number 100T destination-pattern 010T session protocol sipv2 session target sip-server-Office ! dial-peer voice 3 voip description Office - Network 2 incoming called-number 200T destination-pattern 020T session protocol sipv2 session target sip-server-Office ! dial-peer voice 3 voip description Office - Network 3 incoming called-number 300T destination-pattern 030T session protocol sipv2 session target sip-server-Office ! dial-peer voice 10 voip description Network 1 - Office incoming called-number 010T destination-pattern 100T session protocol sipv2 session target sip-server-Office ! dial-peer voice 20 voip description Network 2 - Office incoming called-number 020T destination-pattern 200T session protocol sipv2 session target sip-server-Office ! dial-peer voice 30 voip description Network 3 - Office incoming called-number 030T destination-pattern 300T session protocol sipv2 session target sip-server-Office
If someone in Network 1 with telephone number 1001 tries to call someone in Network 2 with telephone number 1021 (and if he knows the correct prefix to use), he may be able to send to our SBC an invite from 1001001 to 2001021. When the call arrives at the SBC, it will match the inbound dial-peer 3 and then the outbound dial-peer 20 and the call will be placed!
(or we would like dial-peer 3 to work as inbound only for calls from our office...)
Thanks for your help
Solved! Go to Solution.
03-25-2015 09:44 AM
You're probably looking for corlist if the requirement is to do this permissioning on ios.
03-25-2015 09:44 AM
You're probably looking for corlist if the requirement is to do this permissioning on ios.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: