Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2074
Views
0
Helpful
2
Replies

ISDN GW Hacks issue (How to Block at VCS-E)

f-foster
Level 1
Level 1

‎02-14-2012 10:06 AM - edited ‎03-17-2019 10:49 PM

I have been having a rash of external calls that are attempting a SIP connection to  my VCS-E then dialing up over our ISDN Tandberg GW.  We have had our phone lines blocked several times now because these calls go to Middle Eastern countries sometimes that are on watch lists.  I have been blocking them under Registrations one at a time but just wondering if there is some way of locking things down much further to not allow this type of hack to occur.

Call summary

You are here: Status Calls Calls Call summary

Call Information
StateConnection Failed
Start time2012-01-30 13:26:09
End time2012-01-30 13:26:09
Duration0 seconds
Tage10a5c10-4b6f-11e1-8a80-0010f31ada6c
Bandwidth
Requested 0 kbps
Allocated 0 kbps
Incoming call setup parameters
Source alias 1sip:unknown@194.73.113.96 (Url)
Target alias 1sip:000000442032987272@38.98.229.169 (Url)
ProtocolSIP
Address194.73.113.96:5060
TransportUDP
ReasonUnsupported URI Scheme
Cause416
Outgoing call setup parameters
Source alias 1unknown@194.73.113.96 (Url)
Target alias 1sip:000000442032987272@38.98.229.169 (Url)
ProtocolSIP
Address38.98.229.170:39031
TransportTLS
Labels:
0 Helpful
2 Replies 2

davidhouska
Level 1
Level 1

‎04-04-2012 06:26 AM

Hi,

Check this document:

Cisco TelePresence Video Communication Server Basic Configuration (Control with Expressway)

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Basic_Configuration_Cisco_VCS_Control_with_Cisco_VCS_Expressway_Deployment_Guide_X7-1.pdf

Chapter: Optional configuration steps/Step 16: Restrict access to ISDN gateways

Regards,

David

0 Helpful

Julio Cascante
Cisco Employee
Cisco Employee
In response to davidhouska

‎04-12-2012 04:51 PM

Hello,

What IOS ver is your GW running.

On newer versions there a command called Ip address trusted authenticate under voice service voip which is going to allow calls coming from devices that have a trusted IP address.

Try upgrading your IOS to the newest version.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents