Cisco VG Trust List

Why?

When someone gets access to a company’s voice gateway, a door is opened to use this gateway to make calls to all over the world, which costs the company huge amount of money, in addition to reputation/security issues that may arise.
Cisco has introduced a security feature in IOS 15.1(2)T to combat this vulnerability, voice gateway Toll-Fraud, and to secure it against such behavior.

The Config

router1(config)#voice service voip
router1(conf-voi-serv)#ip address trusted list
router1(cfg-iptrust-list)#ipv4 x.x.x.x

Where x.x.x.x is your CUCM server, if there are more than 1 server/IP, just repeat the command for each IP address.

The default action in IOS 15.1(2)T and later is to deny access to voice services and drop any attempt made. So, it is mandatory to have such configuration to get a complete working voice gateway.