Can't answer random calls after upgrade to 15.5 SP2 and Yealink 66.82.0.20

Discussion in '3CX Phone System - General' started by Jes.amos, Nov 23, 2017.

Thread Status:
Not open for further replies.
  1. Jes.amos

    Joined:
    Nov 1, 2017
    Messages:
    22
    Likes Received:
    0
    Since we installed the update to the system and upgraded the firmware on the phones last Friday we are getting calls with either %22 or a " in front of the CLID on random calls. When this happens the call is unanswerable from either a soft phone in CTI mode or a yealink desk phone.

    11/23/2017 9:33:27 AM %22HARKER (******2444) IVR (809) 00:00:10

    On the deskphone the CLID was displayed as "HARKER (******2444) and in the call log it is displayed with the %22 replacing the ".

    From Deskphone 107 we attempted to answer the call by pressing the answer button on the deskphone, by hitting the answer button in the soft phone in CTI mode, and by dragging the call to the extension from the reception view. The call had to be rejected in order to answer other calls in the queue.

    In the activity log there was no mention of Ext 107 attempting to pickup the call

    Anyone have any ideas?
     
  2. YiannisH_3CX

    YiannisH_3CX Support Team
    Staff Member 3CX Support

    Joined:
    May 10, 2016
    Messages:
    4,349
    Likes Received:
    274
    Hello @Jes.amos

    Your issue does not look like its related to the update. There is nothing in the update that would cause calls with weird call id's arriving to the PBX. Having said that do these call follow any inbound rules or do they hit the extension directly? Can you tell is the calls are arriving from the provider? Also are your phones provisioned as local or remote? Does this happen often?
    As a first step you should step the logging level to verbose so can get more details regarding the issue. You can set this up by navigating to Dashboard / Activity Log / Options and set it to verbose. Restart all services so that this applies. Once the issue re-occurs check your activity log for more details.
     
  3. lneblett

    lneblett Well-Known Member

    Joined:
    Sep 7, 2010
    Messages:
    2,061
    Likes Received:
    56
    It is most likely a hacker exploiting the open ports and doing direct SIP.

    You can protect yourself at the router level (assuming you are behind same) by implementing rules at the firewall to only allow the desired IP(s) and drop the others. Additionally, the phones will have a setting that you can use to tell the phone to only accept calls from the SIP server(s) associated to the account(s) - "Accept SIP Trust Server Only".

    I suppose it possible that somehow, during the firmware upgrade this setting got changed or if a new template came out it too may be affected. To find out, manually enable the setting and then re-provision the phone. If the setting changed, then you may need to edit the template to re-enable. If not, then perhaps it was the firmware. In any event, check the template to insure the setting is enabled. You could then re-provision all phones so that any missing the setting will now activate same.
     
  4. Jes.amos

    Joined:
    Nov 1, 2017
    Messages:
    22
    Likes Received:
    0
    Logging is already set to verbose, we have been unable to reproduce the on demand, the issue only seems to only present when it is another medical clinic calling. The clinic may be in the 3CX phonebook though so I'll check to see if there are any special characters in the phonebook entry.
     
  5. Jes.amos

    Joined:
    Nov 1, 2017
    Messages:
    22
    Likes Received:
    0
    It isn't that there are unwanted calls coming in, it is that important wanted calls coming over the SIP trunk are rendered unanswerable and have a weird CLID signature.
     
Thread Status:
Not open for further replies.