Table of Contents
Advertisement
In order to prevent toll fraud, CCA creates an access list (ACL) that allows inbound SIP
traffic only from known IP addresses and blocks all other incoming SIP calls. Incoming
SIP calls coming from the IP address of the Proxy and Registrar server are automatically
allowed through the UC500 firewall. If incoming calls from a second SIP proxy server
needs to be allowed, you can add the IP address to the secondary proxy server field. The
CLI below is a sample of the ACL generated for the generic SIP trunk provider option.
Note: A.B.C.D represents the IP address of the buddy POD UC500 used for this
multisite voice lab (1.1.100.xx where xx is POD # - drop the leading 0, only enter 1
for POD 01).
access-list 2 remark CCA_SIP_SOURCE_GROUP_ACL
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 1.1.100.254
access-list 2 permit 10.1.10.1
access-list 2 permit A.B.C.D
access-list 2 deny any
10.1.10.1 is the default IP address of the Cisco Unity Express (CUE.) Inbound SIP calls
from the CUE are allowed to enable outbound calls for CUE features such as
Autoattendant and message notification to work over a SIP trunk
8. Click on the "Dial Plan" tab:
o Ensure the following defaults for North American dialing:
Numbering Plan Locale
Default Access code
Digit Collection Timeout
Cisco Unified Communications Technical Training
LAB 8B: UC520 Multi-site Setup
Template: North American
9
5
Page 136 of 171
- Quick Links:
- Lab 1: Plug & Play
Hide quick links:
Advertisement
Table of Contents
