RE: Protecting the CME from inboud voip calls

I configured the following access list and test it with SIP and H323 it
works fine

access-list 102 deny tcp any any range 1718 1720

access-list 102 deny tcp any any range 11000 11999

access-list 102 deny udp any any range 1718 1720

access-list 102 deny udp any any eq 11720

access-list 102 deny tcp any any eq 5060

access-list 102 deny udp any any eq 5060

access-list 102 permit ip any any

From: George Goglidze [mailto:goglidze_at_gmail.com]
Sent: Thursday, March 24, 2011 9:41 AM
To: Amin
Cc: ccielab_at_groupstudy.com
Subject: Re: Protecting the CME from inboud voip calls

Hi,

You can use access-list for that purpose... and allow connections only from
known hosts...

Regards,

On Fri, Mar 25, 2011 at 1:30 AM, Amin <amin_at_axizo.com> wrote:

Hi experts,

How I can protect my CME from someone configuring a VOIP dial-peer pointing
to my CME real IP, then my CME match inbound dial-peer 0 and route it using
one of my outgoing dial-peer??

Regards,

Amin

Blogs and organic groups at http://www.ccie.net
Received on Fri Mar 25 2011 - 07:41:49 ART