Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4315
Views
10
Helpful
9
Replies

voice service voip no ip address trusted authenticate? Do I still need a Trusted List

Go to solution
lowfell
Level 3
Level 3

‎04-30-2019 12:32 AM

Can someone please explain WHY you would run this command on VGW

 

1. #no ip address trusted authenticate  ?

Surely you WANT ip address authenticate??

 

2. if I did run this command

#no ip address trusted authenticate

Would I still MUST define a trusted list?

Thanks in advance

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
lowfell
Level 3
Level 3
In response to acampbell

‎04-30-2019 07:29 AM

OK. I get that but why would you want to allow alk connections?

View solution in original post

0 Helpful
9 Replies 9

Go to solution
acampbell
VIP Alumni
VIP Alumni

‎04-30-2019 01:14 AM

Hi,

 

I remember this feature coming into play a few years ago.

This was all about anti-fraud

 

Have a read at this document:-

https://www.cisco.com/c/en/us/support/docs/voice/call-routing-dial-plans/112083-tollfraud-ios.html

 

Regards, Alex. Please rate useful posts.
0 Helpful

Go to solution
lowfell
Level 3
Level 3
In response to acampbell

‎04-30-2019 01:52 AM

Hello Alex. I've read that, but I'm still don't understand why you firstly say

 

#no ip address trusted authenticate

Does this allow all connections?

 

 

Or once you've said

#no ip address trusted authenticate

do you then have to define a trusted list?

If you do then surely that's a contradiction?

0 Helpful

Go to solution
acampbell
VIP Alumni
VIP Alumni
In response to lowfell

‎04-30-2019 03:00 AM

Hi,

If you want to turn off the anti-fraud feature on the voice gateway:-

!
voice service voip
no ip address trusted authenticate
!


REMEMBER -- If you turn off the feature you are leaving your device open to
fraudulent calls. -- BE AWARE

So in answer to yor question all calls will be allowed

Regards, Alex. Please rate useful posts.

Go to solution
lowfell
Level 3
Level 3
In response to acampbell

‎04-30-2019 05:52 AM

Hello Alex. So are you saying if you turn this off you wouldn't need a trusted list?
0 Helpful

Go to solution
acampbell
VIP Alumni
VIP Alumni
In response to lowfell

‎04-30-2019 06:30 AM

If you apply

 

!
voice service voip
no ip address trusted authenticate
!

You are turning OFF the call anti-fraud feature.

You will not need any trust lists at all

 

 

Regards, Alex. Please rate useful posts.
0 Helpful

Go to solution
lowfell
Level 3
Level 3
In response to acampbell

‎04-30-2019 07:29 AM

OK. I get that but why would you want to allow alk connections?
0 Helpful

Go to solution
lowfell
Level 3
Level 3
In response to lowfell

‎04-30-2019 08:11 AM

Thaks again for your help. Greatly appreciated.
0 Helpful

Go to solution
lowfell
Level 3
Level 3
In response to lowfell

‎04-30-2019 06:46 AM

Why would you want to turn this off, for what scenario would you want to allow the possibility of Toll Fraud?
0 Helpful

Go to solution
Ayodeji Okanlawon
VIP Alumni
VIP Alumni
In response to lowfell

‎04-30-2019 07:25 AM - edited ‎04-30-2019 07:26 AM

+ 5 to Alex for the excellent points he has provided

 

There maybe cases where you want to turn this off temporarily. If you are doing an integration with a SIP provider and you dont know all their subnet range for signaling/media traffic you want want to turn it off just to get you going. Once you ascertain the IP addresses you need to enable IP address trust list with those IPs. There may be other cases as well, this is just one I could think of

Please rate all useful posts
Customers Also Viewed These Support Documents