User getting phantom calls with caller id of 1000

Discussion in '3CX Phone System - General' started by c.holloway, May 12, 2016.

Thread Status:
Not open for further replies.
  1. c.holloway

    Joined:
    Oct 24, 2014
    Messages:
    23
    Likes Received:
    0
    I call them phantom calls because they don't show up in the logs, there is no extension 1000 (we use 3 digit extensions and the majority of them are in the 200 range), and when they user picks up there is just dead air. The past couple of days she says she's been getting them every 3-5 minutes. I've checked and there is NOTHING in the system that corresponds to 1000. The closest match i can find are the trunks. I see this in the logs for inbound calls. " Call to T:Line:10001" but i doubt its the trunk somehow calling her extension.

    I'm a bit of a loss to explain this one. She is the only one to receive these calls. She and several other employees work from their homes using a Yealink T42 that remotely registers but only she receives these calls. She's had this issue on and off since the system was deployed earlier this year. Has anyone run into anything like this before?
     
  2. complex1

    complex1 Active Member

    Joined:
    Jan 25, 2010
    Messages:
    752
    Likes Received:
    38
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. NickD_3CX

    NickD_3CX Support Team
    Staff Member 3CX Support

    Joined:
    Jun 2, 2014
    Messages:
    1,255
    Likes Received:
    63
    I usually suggest one of the following:

    - On the Remote Location router/firewall, if it has the feature, filter based on Source IP so that you allow only traffic from the 3CX Server to have access to the defined ports SIP/RTP ports of the phone.

    or

    - Use a really odd Local SIP Phone for the Remote Extension. The default Local SIP Port of the phone for Remote STUN Extensions is 5065. If instead of using this you use something completely different (e.g. port 34567) then usually these scanners that cause these ghost calls will not check those ports and not get through. Remember to adjust the remote location firewall accordingly as well.
     
Thread Status:
Not open for further replies.