Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
298
Views
0
Helpful
1
Replies

How can I block the following calls on VCS Exp - Source +@192.168.1.3

MaxBoeglich
Level 1
Level 1

‎05-24-2022 02:20 AM

What I am looking for is an easy way to block mulitple attacks on a vcs exp.
We have version 14.04 on our box.

We have had a CPL in effect for quite some time. It wasn't neccessary to change it that often, now we seem to be being hit extremely hard in the last months and it has led to calls getting through to a communication manager.  Some attempts are hitting internal numbers causing issues with our end-users.

One of the Sources from these abusive calls is from a +@192.168.1.3
This cannot be added to a CPL file as this format disables the complete file
Is there a more effective way to have the vcs block unwanted calls, editing a cpl file is tedious work and after the fact.
These calls generally come in batches all with the same source identitifer.
Will Cisco bring some sort of way of blocking DDOS types of calls in the future?  
Is there a way to add this above source identifier in the future?
Any asssistance would be appreciated

 

0 Helpful
1 Reply 1

b.winter
VIP
VIP

‎05-24-2022 02:36 AM

Similar questions have already been asked in the forum a lot of times. Maybe you check the forum.

 

Also, you should check the Cisco docs, on how to setup up Expressway in general (not only looking at CPL), to prevent toll fraud.

I would recommend the Cisco Live presentation BRKCOL-2018 from Cisco Live Barcelona 2019. There is a complete chapter about that topic.

https://www.ciscolive.com/c/dam/r/ciscolive/emea/docs/2019/pdf/BRKCOL-2018.pdf

 

Simple answer to your rule problem:

Escape the "+" with a slash: \+@192.168.1.3

0 Helpful
Customers Also Viewed These Support Documents