You can use an ACL on the router to accept only traffic from trusted devices for a quick fix to that.<div><br></div><div>The security guide also covers using IPSec auth and encryption between CUCM and H.323 GWs:</div><div>
<br></div><div>Cisco.com > Support > Voice and Unified Communicaitons > IP Telephony > Call Control > Cisco Unified Communications Manager > Maintain and Operate Guides > <span class="Apple-style-span" style="font-family: Arial; font-size: 12px; "><a href="http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/security/7_1_2/secugd/sec712-cm.html" target="_blank" style="color: rgb(0, 51, 153); ">Cisco Unified Communications Manager Security Guide, Release 7.1(2)</a> </span><br>
<br><div class="gmail_quote">On Sun, Sep 13, 2009 at 1:37 AM, Dane Newman <span dir="ltr"><<a href="mailto:dane.newman@gmail.com">dane.newman@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
<div>Hello All</div>
<div> </div>
<div>I am very new to cisco voip and just starting to learn alittle. Through my studies I was left with a question about h323 security. I am initially setting up a cisco 2801 router as a gateway for my CUCM 7.0. I have it setup but the though came to mind is there anyway to set up any kind of authentication between the CUCM and the cisco 2801 router? If a malicious user put up there own CUCM on the lan they could infact use my gateway to make calls without such authentication? Sorry if I am missing something obvious.</div>
<br>_______________________________________________<br>
cisco-voip mailing list<br>
<a href="mailto:cisco-voip@puck.nether.net">cisco-voip@puck.nether.net</a><br>
<a href="https://puck.nether.net/mailman/listinfo/cisco-voip" target="_blank">https://puck.nether.net/mailman/listinfo/cisco-voip</a><br>
<br></blockquote></div><br></div>