Showing results for 
Search instead for 
Did you mean: 

Video confererence codec Unwanted calls

nisar valappil


We are facing issues for video conference units like codec are  receiving calls from unknown locations and unknown numbers . when i search solution someone is saying this is a spam. The thing is some site codec is directly connected internet , i  mean there is no firewall or vcs expressway. How to fix these issues.  

6 Replies 6

Cisco Employee
Cisco Employee

Hello Nisar,

Could you please confirm if your VC device is congigured to receive H323 calls?If yes, then they use the standard network port and VC protocol, similar to any legitimate call, which makes it difficult for the VC system to identify and block it.

you can take one or more of the below actions to avoid nuisance calls:

    • Deploy a Traversal server (Videoconference Firewall) on your network to protect your system
    • Configure your firewall to block the source IP addresses (if known)
    • Disable the ‘Auto Answer’ option on your system when you don’t need it
    • Enable ‘Do Not Disturb’ (if it is supported by your system) when you are not expecting any inbound call / additional participant joining a Multiway conference




Thanks your support and responds. client don't want to deploy the Traversal server. they have only one codec at the site. is there any solution without using Traversal server. 

Hello Nisar,

Then,the only option left is whitelisting the IDs and extensions.



Since the endpoint is standalone, you can disable SIP, that will stop most of these attempts.  However, that will not stop those that try to use H323, for that you'll need to put the endpoint behind your firewall and as Prathibha mentions block all incoming traffic and allow only specific IPs in.  Giving the endpoint a public IP address is not recommended as it makes it vulnerable to attackers and those trying to use it for toll fraud.

If you search the forums for "unwanted calls", you'll find many discussions regarding this and possible solutions.


Thanks your support. The thing is some client have one unit and small network. so they dont have full infrastructure network . There is DSL modem and NAT to codec. The client want cost effective solutions. 

Hi Nisar,

As Patrick suggested, for stand alone H323 endpoint you need to disable SIP on the system as most of the toll fraud on the internet is looking for SIP enabled devices to route calls in to it. You may read about SIPVicious for more info.

Also, most DSL modem supports NAT and you may utilize it to protect and secure your system from unwanted attacks.

There are some tricks to avoid unwanted incoming calls like turning on the Do Not Disturb Mode on the codec.

All incoming calls will be rejected and they will be registered as missed calls. The calling side will receive a busy signal. A message telling that Do Not Disturb is switched on will display on the Touch controller or main display. NOTE: This setting is not recommended as all calls will be rejected until the setting is manually turned off. 



Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers