Sometimes administrators have to block calls harassing, scam, or other undesirable calls. In newer versions of CUCM, this can be done in CUCM, or it can be done on an h.323 or SIP gateway.
Which should you use? There are good reasons to use both. Blocking on CUCM centralizes call routing, so you don’t need to touch gateways, and can be configured so that placing a number in once blocks it at all gateways. Blocking it at the gateway can be easier to implement, and stops the call at the ingress, so that no internal resources are ever used. Properly configured, blocking at the gateway will maintain protection in SRST, as well. So either way has benefits, use the one that fits into the existing environment best.
Blocking on the gateway uses translation profiles, which can be applied to the ingress port, and the inbound or outbound dial peers. Placing the blocking patterns on the port stops them right away, but may require placement on multiple ports.
To configure blocking, first create the translation rules:
Router(config)#voice translation-rule 10 ! ID Number Between 1-2147483647 Router(cfg-translation-rule)#rule 1 reject /14145551212/ Router(cfg-translation-rule)#rule 2 reject /12625551212/
Then, create a voice translation profile:
Router(config)#voice translation-profile BLOCK_STALKERS Router(cfg-translation-profile)#translate calling 10 ! Apply to calling number.
And apply it to the voice port or dial peer:
Router(config)#voice-port 0/0/0:23 Router(config-voiceport)#translation-profile incoming BLOCK_STALKERS
Apply the translation profiles according to how the rest of your environment is configured. I would tend to apply them on the port, leaving the dial peers open to apply translations for calls that should be routed.