As an Amazon Associate I earn from qualifying purchases.

New Gateway Feature - Toll-Fraud Prevention in IOS 15.1(2)T

This post is a big warning for anyone upgrading a voice gateway to 15.1(2)T or later.  Without additional configuration, all inbound VoIP call setups will be blocked after the upgrade.  Yup.  Blocked.  Additionally, two-stage dialing is no longer enabled by default.

Per Cisco's explanation of the new Toll-Fraud Prevention Feature, a "trusted list" must be configured on the voice gateway so that the sources generating the VoIP call setups will be accepted.

Note:  If you have "session target" defined within dial-peers that you currently use, those calls will be accepted even if no "trusted list" is defined.

Debug Example - Blocked Call 

debug voice ccapi inout
%VOICE_IEC-3-GW: Application Framework Core: Internal Error (Toll fraud call rejected): 
IEC=1.1.228.3.31.0 on callID 3 GUID=F146D6B0539C11DF800CA596C4C2D7EF 
000183: *Apr 30 14:38:57.251: //3/F146D6B0800C/CCAPI/ccCallSetContext: 
   Context=0x49EC9978 
000184: *Apr 30 14:38:57.251: //3/F146D6B0800C/CCAPI/cc_process_call_setup_ind: 
   >>>>CCAPI handed cid 3 with tag 1002 to app "_ManagedAppProcess_TOLLFRAUD_APP" 
000185: *Apr 30 14:38:57.251: //3/F146D6B0800C/CCAPI/ccCallDisconnect: 
   Cause Value=21, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=0)

Disable Toll-Fraud Prevention Feature

If you need to quickly return your router to it's previous functionality after an upgrade, take one of these two paths:
  1. Configure the router to accept incoming call setups from all source IP addresses.
    voice service voip
 ip address trusted list
  ipv4 0.0.0.0 0.0.0.0
  2. Disable the toll-fraud prevention application completely.
    voice service voip
 no ip address trusted authenticate

Restore Two-Stage Dialing After Upgrade

If two-stage dialing is required, the following can be configured to return behavior to match previous releases.

For inbound ISDN calls:
voice service pots
 no direct-inward-dial isdn
For inbound FXO calls:
voice-port <fxo-port>
 secondary dialtone

1 comment:

  1. 9npf2jg33dJanuary 18, 2023 at 3:40 AM

    After uploading your part design, you will receive a web-based quote that features manufacturing analysis to assist enhance part manufacturability. Within your quote, could also|you can even} adjust amount and materials and see worth modifications in real-time. Further details, similar to undercuts, or Kids Shower Caps any feature that wants extra tooling, increases mould cost. Surface end of the core and cavity of moulds further influences cost.

    ReplyDelete

Subscribe to: Post Comments (Atom)