Adtran
Help
The Adtran community holiday season is starting next week! The holiday period will span from December 21, 2024 to January 6, 2025. During this time, responses to feedback form submissions may be delayed. If you are encountering product issues, you can reach out to Adtran support at any time.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Anonymous
Not applicable
‎12-02-2019 08:37 AM

Trunk Calls from Adtran TA 908

Hello,

I have a customer that is reporting errant calls from the trunk side of their phone system, and an Adtran 908 2nd Gen is being used as their SIP to PRI. I don't see anything from the Adtran side that would suggest there has been any compromise or any logs of calls from the Adtran side. Can someone take a look at this config and see if there is anything unusual or would suggest a compromise? Thank you!

!

!

!

!

hostname "Host"

enable password ------

!

!

ip subnet-zero

ip classless

ip routing

!

!

ip domain-name "Domain"

ip domain-proxy

ip name-server 8.8.8.8

!

!

no auto-config

!

event-history on

no logging forwarding

no logging email

!

no service password-encryption

!

username "user" password "------"

!

!

!

no ip firewall alg msn

no ip firewall alg h323

!

!

!

!

!

no dot11ap access-point-control

!

!

!

!

!

!

!

!

!

!

!

!

interface eth 0/1

  ip address  -.-.-.-  -.-.-.-

  media-gateway ip primary

  no shutdown

!

!

!

!

interface t1 0/1

  description Not used

  tdm-group 1 timeslots 1-24 speed 64

  shutdown

!

interface t1 0/2

  description PRI Port

  tdm-group 1 timeslots 1-24 speed 64

  no shutdown

!

!

interface pri 1

  connect t1 0/2 tdm-group 1

  role network b-channel-restarts disable

  no shutdown

!

!

interface fxs 0/1

  no shutdown

!

interface fxs 0/2

  no shutdown

!

interface fxs 0/3

  no shutdown

!

interface fxs 0/4

  no shutdown

!

interface fxs 0/5

  no shutdown

!

interface fxs 0/6

  no shutdown

!

interface fxs 0/7

  no shutdown

!

interface fxs 0/8

  no shutdown

!

!

isdn-group 1

  connect pri 1

!

!

!

!

!

!

!

!

!

ip route 0.0.0.0 0.0.0.0 -.-.-.-

!

no ip tftp server

no ip tftp server overwrite

ip http server

no ip http secure-server

no ip snmp agent

no ip ftp server

no ip scp server

no ip sntp server

!

!

!

!

!

!

!

!

voice feature-mode network

voice forward-mode network

!

!

!

!

!

voice dial-plan 1 local NXX-NXX-XXXX

!

!

!

!

!

voice codec-list trunk

  codec g711ulaw

  codec g729

!

!

voice trunk T01 type sip

  description "Provider"

  sip-server primary (server)

  authentication username "user" password "------"

  sip-keep-alive options 120

  register user auth-name "user" password "------"

  trust-domain

  codec-group trunk

!

voice trunk T02 type isdn

  resource-selection circular descending

  connect isdn-group 1

  modem-passthrough

  t38

  rtp delay-mode adaptive

!

!

voice grouped-trunk SIP

  no description

  trunk T01

  accept $ cost 0

  accept NXX-NXX-XXXX cost 0

  accept 1-NXX-NXX-XXXX cost 0

  accept 1-800-NXX-XXXX cost 0

  accept 1-888-NXX-XXXX cost 0

  accept 1-877-NXX-XXXX cost 0

  accept 1-866-NXX-XXXX cost 0

  accept 1-855-NXX-XXXX cost 0

  accept 911 cost 0

  accept 10-10-XXX-$ cost 0

  accept 411 cost 0

  accept 611 cost 0

  reject 011-$

  reject X-011-$

  reject XX-011-$

  reject XXX-011-$

  reject NXX-976-XXXX

  reject 1-900-NXX-XXXX

  reject 1-976-NXX-XXXX

!

!

voice grouped-trunk PRI

  description "** Connect calls to - from PRI **"

  trunk T02

  accept $ cost 10

  accept NXX-NXX-XXXX cost 0

  accept 1-NXX-NXX-XXXX cost 0

  accept 1-800-NXX-XXXX cost 0

  accept 1-888-NXX-XXXX cost 0

  accept 1-877-NXX-XXXX cost 0

  accept 1-866-NXX-XXXX cost 0

  accept 1-855-NXX-XXXX cost 0

  accept 411 cost 0

  accept 611 cost 0

  accept 911 cost 0

  accept 10-10-XXX-$ cost 0

  reject NXX-976-XXXX

  reject 1-900-NXX-XXXX

  reject 1-976-NXX-XXXX

  reject 011-$

  reject X-011-$

  reject XX-011-$

  reject XXX-011-$

!

!

!

!

!

!

ip sip

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

line con 0

  login

!

line telnet 0 4

  login

  password ------

  no shutdown

line ssh 0 4

  login local-userlist

  no shutdown

!

!

end

Labels (3)
Labels
0 Kudos
Reply
1 Reply
jayh
Honored Contributor
Honored Contributor
‎12-13-2019 02:31 PM

Re: Trunk Calls from Adtran TA 908

Are the errant calls typically to/from numbers like 100, 1000, 1234, etc.? Could be SIP Vicious or friendly-scanner.

Create an IP access list containing the address(es) of your SIP provider. Apply it to the SIP process. For example:

ip access-list standard sip-access

permit x.x.x.x y.y.y.y ! (IP address of your SIP provider listed as sip-server primary)

Apply that list to the SIP services on the device.

ip sip access-class sip-access in

Also, I'd clean up the voice grouped-trunk PRI to only include the numbers or ranges that are valid users of the PBX. For example, if it accepts 311-555-23XX modify as follows:

voice grouped-trunk PRI

  description "** Connect calls to - from PRI **"

  trunk T02

  accept 311-555-23XX cost 0

0 Kudos
Accept as Solution Reply