Per Cisco's explanation of the new Toll-Fraud Prevention Feature, a "trusted list" must be configured on the voice gateway so that the sources generating the VoIP call setups will be accepted.
Note: If you have "session target" defined within dial-peers that you currently use, those calls will be accepted even if no "trusted list" is defined.
Debug Example - Blocked Call
debug voice ccapi inout
%VOICE_IEC-3-GW: Application Framework Core: Internal Error (Toll fraud call rejected):
IEC=1.1.228.3.31.0 on callID 3 GUID=F146D6B0539C11DF800CA596C4C2D7EF
000183: *Apr 30 14:38:57.251: //3/F146D6B0800C/CCAPI/ccCallSetContext:
Context=0x49EC9978
000184: *Apr 30 14:38:57.251: //3/F146D6B0800C/CCAPI/cc_process_call_setup_ind:
>>>>CCAPI handed cid 3 with tag 1002 to app "_ManagedAppProcess_TOLLFRAUD_APP"
000185: *Apr 30 14:38:57.251: //3/F146D6B0800C/CCAPI/ccCallDisconnect:
Cause Value=21, Tag=0x0, Call Entry(Previous Disconnect Cause=0, Disconnect Cause=0)
Disable Toll-Fraud Prevention Feature
If you need to quickly return your router to it's previous functionality after an upgrade, take one of these two paths:- Configure the router to accept incoming call setups from all source IP addresses.
voice service voip ip address trusted list ipv4 0.0.0.0 0.0.0.0
- Disable the toll-fraud prevention application completely.
voice service voip no ip address trusted authenticate
Restore Two-Stage Dialing After Upgrade
If two-stage dialing is required, the following can be configured to return behavior to match previous releases.
For inbound FXO calls:voice service pots no direct-inward-dial isdn
voice-port <fxo-port> secondary dialtone
