Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1473
Views
0
Helpful
7
Replies

Cisco Telepresence SX10 and SX20 Keep Getting Unknown Call with Same Public IP

lhngrouppl
Level 1
Level 1

‎06-04-2015 08:17 PM - edited ‎03-18-2019 12:43 PM

Dear Experts,

I am facing unknown call with same my telepresence WAN IP address on my Standalone Cisco SX10 and SX20.

Connection drop when this unknown call initiates in every 15 minutes or sometimes withing few seconds.

Both SX10 and SX20 are using as Standalone with Public IP address behind the Sonicwall with Transparent Mode.

I've only allow Device Public IP addresses which I need to communicate vice versa.

Now this unknown call become quite frequent and keep disturbing our teleconference session.

Normally I found the call display name start with 2003, 1014,1212 255,215, cisco @"device's public IP address" in Call History Logs.

Do you have any solutions of this scenario and how to prevent from such things happening?

Thanks.

Regards,

Zaw 

Labels:
0 Helpful
7 Replies 7

Patrick Sparkman
VIP Alumni
VIP Alumni

‎06-04-2015 08:52 PM

The issue is because the endpoint is open to the public internet, the only real solution is to close your firewall and only allow known IP addresses you want to allow to dial into the endpoints.  If you have a call control server the endpoints can register to such as CUCM or VCS, that can close the firewall to these endpoints completely and direct all incoming calls go to through the call control server.

See this discussion for more details on the issue you're facing: sourceh323idcisco-incomingcalls.

0 Helpful

lhngrouppl
Level 1
Level 1
In response to Patrick Sparkman

‎06-04-2015 09:05 PM

Dear Patrick,

Thanks for suggestion.

I do not have CUCM or VCS Server.

I've tried "off" SIP ListeningPort and "On" Outbound for SIP Profile.

I did allow specific device Public IP addresses as well.

But it is still having same issue.

Any idea for this.

Appreciate for your reply.

Thanks.

Regards,

Zaw

0 Helpful

Marius Nedregaard
Cisco Employee
Cisco Employee
In response to lhngrouppl

‎06-05-2015 01:44 AM

These are just normal toll-fraud and takeover attempts. I would recommend you to get infrastructure that can handle and filter the traffic for you.

//Marius

0 Helpful

Patrick Sparkman
VIP Alumni
VIP Alumni
In response to lhngrouppl

‎06-05-2015 08:21 AM

The "cisco" calls are not SIP based, so turning off SIP on the codec will not solve your issue.  Only being more proactive on the firewall will prevent these to block everything but known addresses you want to conference with.  Some have suggested putting an endpoint behind a NAT is another possible workaround.

0 Helpful

karmpal1
Level 1
Level 1
In response to lhngrouppl

‎10-22-2017 11:51 PM

Cisco Sx10 unwanted call issue,Call Id-100,101,102,2003.

How to fix this problem?

 

0 Helpful

Patrick Sparkman
VIP Alumni
VIP Alumni
In response to karmpal1

‎10-23-2017 12:03 PM

I presume your SX10 is using a public IP address. If you're not using SIP, you disable it on the endpoint, this will block most of these types of calls. As for those that use H323, see my replies in this thread. The recommendation is to deploy the endpoint behind a call control server such as CUCM or VCS/Expressway, this way the unwanted calls can be blocked at that level, otherwise you'll need to utilize your firewall to block them.
0 Helpful

johndavidit
Level 1
Level 1

‎08-31-2021 08:20 AM

I have similar problem but my sx10 works but my sx20 wont let me call out (have check all traffic on my firewall and there nothing that will block it. and it worked before the firmware update. any help?

0 Helpful
Customers Also Viewed These Support Documents