Re: Protecting the CME from inboud voip calls

CUBE, CME, it all runs on the same voice stack underneath.

Here's the feature described in a less-CME fashion if you're curious:
http://www.cisco.com/en/US/tech/tk652/tk90/technologies_tech_note09186a0080b3e123.shtml

-nick

On Thu, Mar 24, 2011 at 6:45 PM, George Goglidze <goglidze_at_gmail.com> wrote:

> Hi Ryan,
>
> Some new call fraud prevention features introduced with CUCME 8.5 are
> described in CUCME Configuration Guide:
>
> http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/admin/configuration/guide/cmetoll.html
>
>
> <http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/admin/configuration/guide/cmetoll.html>Hope
> this helps,
>
>
> On Thu, Mar 24, 2011 at 10:41 PM, Ryan West <rwest_at_zyedge.com> wrote:
>
>> That was the CUBE enhancement for 8.5, right nick? Do you have a link for
>> the behavior change?
>>
>> Sent from handheld
>>
>> On Mar 24, 2011, at 6:18 PM, "Nick Matthews" <matthn_at_gmail.com> wrote:
>>
>> > This is almost always SIP traffic. Block UDP and TCP port 5060 on your
>> > internet port and you won't have problems. While you're at it you
>> should
>> > block TCP 1720 (H.323) as well, although it's a much less used toll
>> fraud
>> > mechanism. They changed this behavior in 15.1(2)T where you won't
>> accept
>> > incoming calls unless they are on a outgoing dial peer.
>> >
>> > -nick
>> >
>> > On Thu, Mar 24, 2011 at 4:47 PM, Adel Abushaev <adel_at_netmasterclass.net
>> >wrote:
>> >
>> >> If u still want to have traffic (for what?) but block it in dialplan,
>> why
>> >> don't u just configure corlists?
>> >>
>> >> -----Original Message-----
>> >> From: Amin
>> >> Sent: Thursday, March 24, 2011 20:11
>> >> To: 'George Goglidze'
>> >> Cc: ccielab_at_groupstudy.com
>> >> Subject: RE: Protecting the CME from inboud voip calls
>> >>
>> >> My CME is using FXO ports, i.e. I don't have DID, I am using PLAR,
>> can't I
>> >> configure a dial-peer voice 20 voip using the incoming called-number
>> .T,
>> >> then block the call.
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> From: George Goglidze [mailto:goglidze_at_gmail.com]
>> >> Sent: Thursday, March 24, 2011 9:40 AM
>> >> To: Amin
>> >> Cc: ccielab_at_groupstudy.com
>> >> Subject: Re: Protecting the CME from inboud voip calls
>> >>
>> >>
>> >>
>> >> Hi,
>> >>
>> >>
>> >>
>> >> You can use access-list for that purpose... and allow connections only
>> from
>> >> known hosts...
>> >>
>> >>
>> >>
>> >> Regards,
>> >>
>> >> On Fri, Mar 25, 2011 at 1:30 AM, Amin <amin_at_axizo.com> wrote:
>> >>
>> >> Hi experts,
>> >>
>> >>
>> >>
>> >> How I can protect my CME from someone configuring a VOIP dial-peer
>> pointing
>> >> to my CME real IP, then my CME match inbound dial-peer 0 and route it
>> using
>> >> one of my outgoing dial-peer??
>> >>
>> >>
>> >>
>> >> Regards,
>> >>
>> >> Amin
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>> >>
>> >>
>> >> Blogs and organic groups at http://www.ccie.net
>> >>
>> >> _______________________________________________________________________
>> >> Subscription information may be found at:
>> >> http://www.groupstudy.com/list/CCIELab.html
>> >
>> >
>> > Blogs and organic groups at http://www.ccie.net
>> >
>> > _______________________________________________________________________
>> > Subscription information may be found at:
>> > http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Thu Mar 24 2011 - 21:47:03 ART