Solved: Cisco Expressway - Allow only CUCM authenticated users

AdamDenter8259 · ‎11-11-2020

I know next to nothing about MRA and Expressway. I am supporting a very basic install of ExpE and ExpC that is connected to CUCM 12. I have recently discovered bad actor from UK ip addresses have used made up DN@<configureddomain.com> as a src alias and they have discovered extensions that go directly to voicemail. From Unity they press * and were allowed to dial Internationally. I have removed the vm pilot from the CSS that was allowing that but how was an outside actor that wasn't authenticated able to make calls much less even access Unity?

Mohammed al Baqari · ‎11-11-2020

Hi,

To start with, go through this doc (start from slide 21).

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/BRKCOL-2425.pdf

That can happen as by default offNet-to-offNet transfer is allowed by
default. In addition, mis-configured CSSes can allow outbound calls from
Unity which should not be allowed in most cases.

In short, it can happen when unauthenticated calls and widely allowed CSSes
are configured.

***** please remember to rate useful posts

View solution in original post

Mohammed al Baqari · ‎11-11-2020

Hi,

To start with, go through this doc (start from slide 21).

https://www.ciscolive.com/c/dam/r/ciscolive/us/docs/2016/pdf/BRKCOL-2425.pdf

That can happen as by default offNet-to-offNet transfer is allowed by
default. In addition, mis-configured CSSes can allow outbound calls from
Unity which should not be allowed in most cases.

In short, it can happen when unauthenticated calls and widely allowed CSSes
are configured.

***** please remember to rate useful posts