cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9444
Views
35
Helpful
15
Replies

SX20 Block unwanted call during video conference session

Hi All

 

Would need your advise on this

 

I have a set of SX20 that is configured as a standalone device (No CUCM, VCS).

Its work fine, able to make and receive call via IP address.

 

The things is, during our Video Conference meeting, sometimes an unwanted number would call us and disturb the flow of the meeting.

I'm not sure how they get our IP address, but we do not expect their call.

 

Is there any way/setting to block the unwanted number from calling us or disturb us during the Video conference meeting.

Is there any configuration on that i need to set on SX20 itself to prevent this unwanted number from calling us 

 

Please advise

Syahrir

1 Accepted Solution

Accepted Solutions

Wayne DeNardi
VIP Alumni
VIP Alumni

It's likely a SIPVicious scan or similar which is how the call is "finding you".

I haven't tried it myself, but there's an option select whether or not to allow incoming calls when already in a call/conference:

Conference 1 IncomingMultisiteCall Mode: Deny

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

 

Wayne
--
Please remember to mark helpful responses and to set your question as answered if appropriate.

View solution in original post

15 Replies 15

Wayne DeNardi
VIP Alumni
VIP Alumni

It's likely a SIPVicious scan or similar which is how the call is "finding you".

I haven't tried it myself, but there's an option select whether or not to allow incoming calls when already in a call/conference:

Conference 1 IncomingMultisiteCall Mode: Deny

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

 

Wayne
--
Please remember to mark helpful responses and to set your question as answered if appropriate.

...and, if you don't need to use SIP for any particular reason; turn it off. ;)

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Please rate replies and mark question(s) as "answered" if applicable.

Patrick Sparkman
VIP Alumni
VIP Alumni

Sounds like you're seeing the following issue: CSCue55239.  My guess is that your endpoint is sitting out with a public IP address and sip scanning applications such as SipVicious are being used to detect possibilities for exploiting PSTN trunks.  If your endpoint is on a public IP address you can make the following change on the codec and the issue should go away.

xConfiguration SIP ListenPort: Off

If you can access the codec via SSH and show us some examples of the call history using the xHistory command, we can be able to tell you better what's going on.

If I turn off the SIP ListenPort, will I still be able to make/receive VC from the public?

 

Thanks...

If you turn off SIP ListenPort, you will only be able to receive calls if the codec is registered to either CUCM or VCS.  One other work around is only open the necessary ports on your firewall, leaving 5060 UDP closed.

Hi Patrick, For this, we are only deploying it in standalone mode. So if I were to place a firewall in between ISP router and the SX20, only way to block spam calls is to block UDP 5060 from passing thru the firewall? Just to confirm that if calls are dialed via IP address, they're running on H.323 protocol? Previously, the SX20 were set with static Public IP and able to make/receive calls from Public. No other settings except the IP address of the SX20. Recently, we installed an ASA5505 between ISP and SX20. On the firewall, static one-to-one NAT configured properly and for testing purposes we open all ports to it. Tested to access the SX20 via https:// and able to do so. However, it is not able to receive calls from Public, but can make calls to Public. Any other settings need to be done on the SX20? Searched online and seems that the settings below is needed on the SX20? Configuration->Advance Configuration->H323->Profile 1->Callsetup Mode: Direct Configuration->Advance Configuration->H323->Profile 1->PortAllocation : Static Configuration->Advance Configuration->H323->NAT->Address : Public_IP_SX20 Configuration->Advance Configuration->H323->NAT->Mode: Auto Appreciate your kind advise on this. Thank you. ----- Regards, Danny Cheng

From the sounds of it, you're using H323, you can disable SIP without any affect on those calls.  Either disable SIP entirely or SIP ListenPort.

Hi Patrick,

 

Currently, SX20 can't make/receive calls to external, as tested by my own. Within internal, no issue.

 

Hence, it's either some NAT settings on the firewall or SX20. Have you had any experience of such setup? If yes, hope you can share on the settings for NAT.

 

Thank you.

-----

Regards,

Danny Cheng

If you're using H323, you need to have the following ports open:

1719 UDP
1720 TCP
5555-6555 TCP
2326-2487 UDP

You'll also need to set H323 ports to static.

SX20 Config > H323 > Profile 1 > PortAllocation

Hi,

 

There's 2 SX20 and 1 Tandberg connected to the ASA5505. All 3 can make successful call connection and transmit video/audio. However, only 1 SX20 was able to receive video/audio successfully. Any ideas on this?

 

On ASA5505, already did static NAT from Public_IP to LAN_IP. Policies are also set to allow all ports from the Internet to the VCs.

 

Appreciate your kind help.

Hi All,

 

Just to update that calls are successful for both incoming and outgoing now. Apart from H323 NAT settings on SX20, NAT settings and policies on ASA, you may need to disable inspect h323 on the ASA too. Else, you may have a problem in getting incoming calls.

 

Thanks everyone for the advise.

Setting up an SX20 as a standalone unit has been asked many times before in these forums.

There's a good response in this thread: https://supportforums.cisco.com/discussion/11606926/sx20-standalone with respect to NAT and the ports required.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

Wayne
--
Please remember to mark helpful responses and to set your question as answered if appropriate.

why port udp 5060 particularly? the sip scanning is only done on this one port??? also wouldn't closing udp 5060 interfere with other application like jabber or other solutions???

It shouldn't interfer, SIP UDP isn't recommended these days anyway for video, and SIP its off by default on the VCS/Expressway Series. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: