cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Welcome to the Cisco Small Business Community

Have a question? Click on a topic board below to get started in the community.

1125
Views
5
Helpful
4
Replies
jeffkushner
Beginner

UC560 CME toll fraud issue

Hello,

We have a UC560 still in production. AT&T detected toll fraud, calls were being made outbound using the main number every second, they were international numbers. So AT&T has shut down our international dialing until we fix the issue. I am not sure how the calls were being done, the allow external calls on the auto attendant is not checked. I have attached a copy of the CME configuration

2 ACCEPTED SOLUTIONS

Accepted Solutions

Add Unified CME endpoints as trusted by entering the IP address or subnet of the trusted phone under the iptrust-list configuration.

 

For CUE Restriction Tables. Refer below link and go to section Configuring Restriction Tables.

 

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/unity_exp/administrator/AA_and_VM/guide/vmadmin_book/advVM.html#12266

 

 

 



Response Signature


View solution in original post

Okay, so I will change the trust to just the voice subnet. 

And thank you for the link, that is exactly what I was looking for, how to do the restrictions for CUE

View solution in original post

4 REPLIES 4
Nithin Eluvathingal
VIP Mentor

Configure proper Trust list first.With 0.0.0.0 it allows all source IP. That would  be the First thing to do.  Trust list is feature to block Toll fraud. 

 

voice service voip
ip address trusted list
ipv4 0.0.0.0 0.0.0.0>>>> this allow incoming call setup from all IP. Restrict to your IP's. 

 

After making changes on trust list , if  still you see call made by unknown users then  we need to work on other security measures. 

 



Response Signature


Hello Nithin,

Thank you for the reply. Yes I figured that was the first place to start, I left in at this point to get verification. Should I just allow the CME address? Currently, the carrier has blocked long distance and we need to sign off that all security has been enabled before they will allow long distance again. So, that is why I posted, is there anything else that would be a best practice to block the outbound fraudulent calling? In Unity Connection I know I can set the restriction tables in case the calls are coming from there, is there something like that in Unity Express, I didn't see anything. 

Add Unified CME endpoints as trusted by entering the IP address or subnet of the trusted phone under the iptrust-list configuration.

 

For CUE Restriction Tables. Refer below link and go to section Configuring Restriction Tables.

 

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/unity_exp/administrator/AA_and_VM/guide/vmadmin_book/advVM.html#12266

 

 

 



Response Signature


Okay, so I will change the trust to just the voice subnet. 

And thank you for the link, that is exactly what I was looking for, how to do the restrictions for CUE