Hi Jens,

If I make my SIP UDP port off from Config-Protocol-Sip- UDP mode off then what will affected becoz of this changes, as my setup is live and i dont wanna take any risk.

kindly guide me whether this will affect any incoming call or any outgoing call or both ?

SIP UDP is disabled by default by Cisco, and should only be turned on if you need to support voice services on the Expressway, it is not required for video.

(See the admin guide).

An upside to having SIP UDP turned off is that outbound calls will connect quicker - only "downside" I have found is that I'm not able to call hostnames, ie. fishtank.lifesize.com - but that's an address type we never use anyway. :)

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Hi jens,

now i am getting such type of callls on my EXP_E..can you suggest how i stop such calls.

also let me know steps as i am not complete familiar with EXP_E.

Thanks

Turning off SIP udp will stop those particular calls, however, you won't be able to stop the H.323 calls, you can only ensure they don't succeed.

They will still show up in your call history though, just like the ones in your screenshot. (None of those calls shown in your screenshot have succeeded by the way.)

Suggest you implement CPL to ensure these types of calls won't succeed, see the admin guide http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/admin_guide/Cisco-Expressway-Administrator-Guide-X8-7.pdf

page 242 onwards for CPL information and examples.

/jens

Please rate replies and mark question(s) as "answered" if applicable.

H jens,

I created some call policy to block such type of call.. source -destination-reject..

i have 1 question ...

in our premises aur dialing pattern for External call is extension@EXP_E ip. our extension is of 6 digit only ...so anything comes more than 6 digit then how should i block ???

EX. 3000000@EXP_P IP  ....here extension is having 7 digit so this must be block....

if 300000@EXP_IP ip then this must be allow..... so on....

.*@EXP_IP  indicates any digit with exp_E_ip.....  so i want to block more then 6 digit then how i can ??????

Even though you specified an "Unauthenticated User", the built in web interface for the CPL rules are based on authenticated requests.  If you look at the generated CPL script, it uses "origin" as the source, it should read "unauthenticated-origin".  You'll need to look in the search history of the calls to see if they appear as authenticated or unauthenticated.  If unauthenticated, you'll need to create a custom CPL script yourself to block these calls.  You can use the VCS Locate tool under Maintenance > Tools to check if a CPL is working as intended.

Just to confirm, did you disable SIP UDP, as that will prevent most of these calls without the need of a CPL script.

We can help with creating a CPL script, just need to know some of the source/destination address and if the calls are authenticated or not.

As Jens suggests, you should disable SIP UDP, as it's not recommended for video and even disabled by Cisco by default.  This will prevent most of these unwanted calls, however as mentioned this will not stop all attempts.  You can use CPL to prevent the remaining calls from consuming call licenses, there are some example CPL scripts in the forums depending on the how the incoming call is formatted.

Dear Nikhil,

I think u blocked everything :D

Kindly check ur Destination Field...dont make any( .* )

Regards,

Vinod Gupta

Nikhil didn't block everything, the rules are based on source and destination, so the calls must match both fields in order to take affect.  So because he used .* as the destination which does mean anything, that rule won't work unless the source address is matched as well.