Best wireless deployment at Remote Sites - designe

Similar Messages

• Wireless deployment on remote site

  Hi all,
  I will deploy a 4400 series WLC and APs in HQ and about 10 remote sites soon. I have some requirments, the HQ and remote sites are running VPN, the WLC will be placed in HQ, the AP will run H-REAP mode and each site will have 2 SSID, one for public, one for internal. My question is, should each site use same SSID and subnet or create different SSID and subnet for the remote sites? Please help. Thank you.

  Kam,
       I'd go with all sites using the same SSID.  This will make the management easier, 2 SSID instead of 22( 20 remote, 2 local).  It will also make it easier if you have people that visit to a different site, they will already have a profile created to connect to the wireless.
  HTH,
  Steve
  *Please remember to rate helpful posts*

• Best Practice for SRST deployment at a remote site

  What is the best practice for a SRST deployment at a remote site? Should a separate router such as a 3800 series be deployed for telephony in addition to another router to be deployed for Data? Is there a need for 2 different devices?

  Hi Brian,
  This is typically done all on one ISR Router at the remote site :)There are two flavors of SRST. Here is the feature comparison;
  SRST Fallback
  This feature enables routers to provide call-handling support for Cisco Unified IP phones if they lose connection to remote primary, secondary, or tertiary Cisco Unified Communications Manager installations or if the WAN connection is down. When Cisco Unified SRST functionality is provided by Cisco Unified CME, provisioning of phones is automatic and most Cisco Unified CME features are available to the phones during periods of fallback, including hunt-groups, call park and access to Cisco Unity voice messaging services using SCCP protocol. The benefit is that Cisco Unified Communications Manager users will gain access to more features during fallback ****without any additional licensing costs.
  Comparison of Cisco Unified SRST and
  Cisco Unified CME in SRST Fallback Mode
  Cisco Unified CME in SRST Fallback Mode
  • First supported with Cisco Unified CME 4.0: Cisco IOS Software 12.4(9)T
  • IP phones re-home to Cisco Unified CME if Cisco Unified Communications Manager fails. CME in SRST allows IP phones to access some advanced Cisco Unified CME telephony features not supported in traditional SRST
  • Support for up to 240 phones
  • No support for Cisco VG248 48-Port Analog Phone Gateway registration during fallback
  • Lack of support for alias command
  • Support for Cisco Unity® unified messaging at remote sites (Distributed Exchange or Domino)
  • Support for features such as Pickup Groups, Hunt Groups, Basic Automatic Call Distributor (BACD), Call Park, softkey templates, and paging
  • Support for Cisco IP Communicator 2.0 with Cisco Unified Video Advantage 2.0 on same computer
  • No support for secure voice in SRST mode
  • More complex configuration required
  • Support for digital signal processor (DSP)-based hardware conferencing
  • E-911 support with per-phone emergency response location (ERL) assignment for IP phones (Cisco Unified CME 4.1 only)
  Cisco Unified SRST
  • Supported since Cisco Unified SRST 2.0 with Cisco IOS Software 12.2(8)T5
  • IP phones re-home to SRST router if Cisco Unified Communications Manager fails. SRST allows IP phones to have basic telephony features
  • Support for up to 720 phones
  • Support for Cisco VG248 registration during fallback
  • Support for alias command
  • Lack of support for features such as Pickup Groups, Hunt Groups, Call Park, and BACD
  • No support for Cisco IP Communicator 2.0 with Cisco Unified Video Advantage 2.0
  • Support for secure voice during SRST fallback
  • Simple, one-time configuration for SRST fallback service
  • No per-phone emergency response location (ERL) assignment for SCCP Phones (E911 is a new feature supported in SRST 4.1)
  http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps2169/prod_qas0900aecd8028d113.html
  These SRST hardware based restrictions are very similar to the number of supported phones with CME. Here is the actual breakdown;
  Cisco 880 SRST Series Integrated Services Router
  Up to 4 phones
  Cisco 1861 Integrated Services Router
  Up to 8 phones
  Cisco 2801 Integrated Services Router
  Up to 25 phones
  Cisco 2811 Integrated Services Router
  Up to 35 phones
  Cisco 2821 Integrated Services Router
  Up to 50 phones
  Cisco 2851 Integrated Services Router
  Up to 100 phones
  Cisco 3825 Integrated Services Router
  Up to 350 phones
  Cisco Catalyst® 6500 Series Communications Media Module (CMM)
  Up to 480 phones
  Cisco 3845 Integrated Services Router
  Up to 730 phones
  *The number of phones supported by SRST have been changed to multiples of 5 starting with Cisco IOS Software Release 12.4(15)T3.
  From this excellent doc;
  http://www.cisco.com/en/US/prod/collateral/voicesw/ps6788/vcallcon/ps2169/data_sheet_c78-485221.html
  Hope this helps!
  Rob

• Deploying unity connection at remote site with CUCM at central site

  I am planning to deploy Unity connection at remote site while the CUCM is at central site only. Will appreciate of someone can shd some light on this, has anyone already deplyed same scenario , any specific requirements to take care of please ?
  Thanks in advnace,
  AB

  AB,
  Yes, having your Unity Connection server at a different location than your CUCM is supported.  
  I cannot really help you with specifc requirements as it largely depends on exactly how you intend to deploy it and what features you intend to enable.  Clustering, Digital Networking, Unified Inbox, etc.. all have their own additional requirements the whole of which would not fit into a message board post.
  However, specific bandwidth and latency requirements are listed in the "System Requirements for Cisco Unity Connection Release 8.X.   http://www.cisco.com/en/US/partner/docs/voice_ip_comm/connection/8x/requirements/8xcucsysreqs.html
  The SRND and the System Requirements should get you on the  right  track.  I would encourage you to read both documents fully and  then  come back with any specific design questions you may have.
  -Steven

• Best Practices for Setting up a Windows 2012 R2 STD Domain Controller in a Remote Site

  So I'm looking for an article or writeup similar to the "Adding Domain Controllers in Remote Sites" TechNet article but for Windows Server 2012 STD R2.  Here is my scenario:
  1.  I want to setup the domain controller at Site A where the primary domain controller is located.  The primary domain controller is Windows Server 2008 R2. 
  2.  Once the DC is setup I plan on leaving it on our network for a few days before shipping it to remote Site B for installation
  Other key items:
  1.  The remote Site B will have a different IP range than Site A but will be connected to Site A via a single VPN tunnel.  All the DCs that replicate with each other are on the same domain. 
  2.  The 2012 DC that I setup for Site B (same domain in same forest) will be a DHCP, DNS, and WSUS server all replicating to the primary DC at Site A
  Questions:
  1.  What items can I setup while it's at Site A without effecting or conflicting with the existing network and domain controller?  Can I setup a scope once the DHCP role is added? 
  2.  All of our DCs replicate through Sites and Services, do I have to manually add this to our primary DC for the new DC going to remote Site B?  Or when does this happen automatically when I promote the DC? 
  All and all I'm just looking for a list of Best Practices for 2012 or a Step by Step Guide.  Any help would be appreciated. 

  Hi,
  Thanks for your posting.
  When you install AD DS in the hub or staging site, disconnect the installed domain controller, and then ship the computer to the remote site, you are disconnecting a viable domain controller from the replication topology.
  For more and detail information, please refer to:
  Best Practices for Adding Domain Controllers in Remote Sites
  http://technet.microsoft.com/en-us/library/cc794962(v=ws.10).aspx
  Regards.
  Vivian Wang

• Best option to transmit CSV file as POST data to remote site

  I'm quite new to the SAP scene and am tasked with getting some data out of our database and up to a third party web application.
  Their API requests the data be formatted as a CSV file and uploaded as an HTTP POST attachment (file upload) to their site.
  What's my best approach to this?
  We have PI, but I just learned about CL_HTTP_CLIENT and am hoping I can do this move directly from the ABAP environment but am unsure of the sorts of technicalities involved with either of these options.
  Can I setup a "service" in PI that simply posts data to a URL (as opposed to sending a SOAP request)?
  What sort of setup do I need to do to get CL_HTTP_CLIENT to talk to the remote site? I've tested with HTTP_POST and get an SSL error even when posting to a non-ssl url (http).

  public
  void Save(IPropertyBag
  propertyBag, bool clearDirty,
  bool saveAllProperties)
  object val2 = (object)_event;
  propertyBag.Write("Event",
  ref val2);
  object val3 = (object)_fullload;
  propertyBag.Write("FullLoad",
  ref val3);
  object val4 = (object)_sharedsecret;
  propertyBag.Write("SharedSecret",
  ref val4);
  object val5 = (object)_content;
  propertyBag.Write("Content",
  ref val5);
  object val6 = (object)_clienttype;
  propertyBag.Write("ClientType",
  ref val6);
  object val7 = (object)_clientinfo;
  propertyBag.Write("ClientInfo",
  ref val7);
  object val8 = (object)_clientversion;
  propertyBag.Write("ClientVersion",
  ref val8);
  #endregion
  #region IComponent
  public
  IBaseMessage Execute(IPipelineContext
  pc, IBaseMessage inmsg)
  //Convert Stream to a string
  Stream s =
  null;
  IBaseMessagePart bodyPart = inmsg.BodyPart;
  string separator =
  new
  Guid().ToString();
  inmsg.BodyPart.ContentType =
  string.Format("multipart/form-data;
  boundary={0}", separator);
  //inmsg.BodyPart.Charset = string.Format("US-ASCII");
  // NOTE inmsg.BodyPart.Data is implemented only as a setter in the http adapter API and a
  //getter and setter for the file adapter. Use GetOriginalDataStream to get data instead.
  if (bodyPart !=
  null)
  s = bodyPart.GetOriginalDataStream();
  byte[] bytes =
  new
  byte[s.Length];
  int n = s.Read(bytes, 0, (int)s.Length);
  string msg =
  new
  ASCIIEncoding().GetString(bytes).TrimEnd(null);
  //Get boundry value from first line of code
  string boundry = msg.Substring(2, msg.IndexOf("\r\n")
  - 2);
  //Create new start to message with MIME requirements.
  msg =
  "MIME-Version: 1.0\r\nContent-Type: text/plain; boundary=\"" + boundry +
  "\"\r\n" + msg;
  //Convert back to stram and set to Data property
  inmsg.BodyPart.Data =
  new
  MemoryStream(Encoding.UTF8.GetBytes(msg));
  //reset the position of the stream to zero
  inmsg.BodyPart.Data.Position = 0;
  return inmsg;
  #endregion

• Deploying multiple WLANs at a remote site

  At Site-A where the WLC4200 & DHCP server reside, we have the following subnets:
  - (vlan10) 10.10.10.0
  - (vlan11) 10.10.11.0
  Each VLAN corresponds to a dynamic interface on the WLC ("Int-10" & "Int-11") which is assigned to their own respective WLAN. Works fine.
  At remote Site-B where we have a 1242 (HREAP), we have the following subnets:
  (vlan100) 10.20.14.0
  (vlan101) 10.20.15.0
  If I want to assign vlan100 & vlan101 to their own respective local WLANs, will I need to create vlans 100 & 101 (define subnets 20.14 & 20.15 on my Site-A layer-3 switch) at Site-A?
  I ultimately want to create 2 WLANs at the remote site, one for voice (w/ QOS enabled) and one for data. The problem I keep running into is, the remote wireless clients authenticate but are unable to get a DHCP address.

  You need not create sepearate VLANs 100 and 101 on the site-A. Make sure the DHCP server is reachable. Ensure that IP helper pointing to your DHCP server is configured on the router at the remote site so that DHCP broadcast is from your client is forwarded to DHCP server. Refer http://www.cisco.com/en/US/docs/wireless/controller/4.0/configuration/guide/c40hreap.html for more information.

• Remote site best practice

  I have a main site with ccm 4.1 in a full cisco environment. working perfectly. this main site has two external links: E1 for PSTN and a broadband on fiber 6Mbps.
  I have a remote site with about 10 users, with a broadband link 2Mbps symetric.
  I configured a plain ipsec VPN between the remote router (2621 12.2(17) ) and the PIX of the main site (6.2).
  IP phones of the remote site work fine.
  However, at times, audio is lost. I have Qos on the 2621 and "show policy-map int fa 0/0" does not show dropped packets.
  Is this the best configuration ?
  Should I use the 2621 as a MGCP Gateway instead ? a H323 gateway instead ?
  what are the main criteria for these choices ?
  thnak you.

  I have less than 20 ms between routers and 22 ms within the ipsec tunnel.
  It's good to me.

• One WLC for Headquarter and Remote Site

  Hi
  I have a question about the WLC remote deployment.
  We have the following design at the moment:
  Headquarter
  - Network 192.168.49.0 /24
  - WLC 4402 Version 4.2.61.0
  -- 3 x LAP1252
  -- Layer 3 LWAPP
  -- SSID wep
  -- SSID wpa
  - Windows PDC with Active Directory, DHCP Server and local Data Storage
  - ACS Version 3.2 for TACACS and RADIUS authentication --> External DB to Active Directory
  Remote Site
  - Network 192.168.50.0 /24
  - 2 x LAP1252
  -- SSID wep
  -- SSID wpa
  - Windows PDC with Active Directory, DHCP Server and local Data Storage
  - ACS Version 3.2 for TACACS and RADIUS authentication --> External DB to Active Directory
  Connection between Headquarter and Remote Site
  - 2 Mbit ADSL
  The problem is, that the wireless clients on the remote site get an ip address out of the headquarter DHCP Range 192.168.49.0 /24. The users on the remote site
  most of the time only use the local data server in the remote office. With the actual design the hole traffic is switched over the 2 Mbit ADSL connection the the
  WLC in the headquarter and back to the remote site. That works but it is not that performant.
  The problem could be solved with HREAP, but what I think is, that it is not possible to have the same SSID at headquarter and remote site with different VLANs.
  How can I achieve, that the clients on the remote site connect to the same SSID (wep or wpa), get an ip address from the remote site DHCP server (192.168.50.0)
  and the traffic is switched localy.
  I hope you understand what the problem is.
  Thanks in advance for your help!

  Yes, putting the remote AP's in HREAP mode will allow the same WLANs to be available on the AP's but the traffic would be locally switched at the AP instead of being tunneled back to the controller. After you put the AP in HREAP mode you then would configure which VLAN you want traffic for each WLAN to be dumped onto for that AP.

• The WSDL data cannot be retrieve from remote site

  I am a new guy learning web services with NetBeans 5.5 and meet some problem in retrieving wsdl data from remote site.
  I create a web service "WSTestServer" at Sun Application Server PE8.2 with real IP, say 111.110.11.10:8888, and there's a class "TestWS" with a method "getWS" to return a String. The server (or machine) name is ultra20. So, by following steps in NetBeans, I can get a wsdl file after generating the web service and it can be viewed at
  http://111.110.11.10:8888/WSTestServer/TestWS?WSDL
  Then, I create a web service client at the same machine, it is available to test this method by clicking Web Service Reference item in NetBeans and select "getWS" method to get that String.
  However, when I create a web service client at remote site, it doesn't work and show exception message like
  cannot find domain http://ultra20:8888/WSTestServer/TestWS....
  I go back to check wsdl file, at the last line, it prints like
  <soap:address location="http://ultra20:8888/WSTestServer/TestWS".....
  If I test this case in LAN, e.g., the server IP becomes 192.168.1.2 and client IP is 192.168.1.3, then it works since machine name can be recognized within the same local area network. I try to revise the wsdl file above to replace machine name as real IP, but it is automatically changed back with machine name while deploying and copy the revised one as xxx.wsdl__orig.
  Should I do additional configuration setup for server site? Such as, registering a domain name like aaa.bbb.edu instead of 111.110.11.10?
  Any comment and help for this subject is appreciated!!
  Thank you so much!

  Works as designed,from documentation:
  The database also retrieves all triggers and constraints defined on the table except for referential integrity constraints that reference other tables.
  The retrieved indexes, triggers, and constraints have recycle bin names. Therefore it is advisable to query the USER_RECYCLEBIN view before issuing a FLASHBACK TABLE ... TO BEFORE DROP statement so that you can rename the retrieved triggers and constraints to more usable names.
  For details see the FLASHBACK TABLE command description for your unknown database version.
  Werner

• XMLType and remote sites

  hello,
  does someone has experience with xml queries and database links?
  In my experience the statement
  SELECT somefunction(xmltype_column) of table@remote_site;
  seems not to work in 9i2 because of CLOB restrictions!
  It seems that one has to work with different database handles in an application if you have to query columns of type xmltype at remote sites. Of course this has quite an impact on the application design. You cannot use many features that are comfortable with database links.
  Does someone know whether it is planned to provide this functionality in a future release or is this a bold restriction?
  Does someone know any other way to query xmltype columns at remote sites?
  With best regards
  Indu

  Only issue would be large bandwidth consumption. That too depends on the size of your image. 
  Arnav Sharma | http://arnavsharma.net/ Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• WiSM - Managing AP's at remote sites

  A quick wireless newbie question - I'm trying to sort out the design details using a WiSM. I have a new site and have budgeted a pair of 6513's with WiSM's. There are 9 branch offices that are going to be connected via 2821 routers over CSME and they need to provide Guest and Private wireless access. Do the remote sites need a WLAN controller module for the 2800? Or, can they still tunnel back to the WiSM for central management? What components are needed to achive "unified" wireless at the branch offices?
  Thanks,
  Greg

  you can centrally contorl your LAP's from the WiSM. You can even use regualer LAP at those sites if you wish. The one problem that you can run into, is if the WAN drops, you will lose wireless at those sites. The way to get around that is to get LAP that support REAP/HREAP, and run them in local switching mode. This will allow the wireless to stay up, if the WAN drops, for local subnets only. Obviously any subnet that is across the WAN is unaccesable.
  If you keep them in centralized switching mode, everything tunnels back to the controller, both corporate WLAN's and the guest, will go down if the WAN drops.

• Wireless posturing at branch sites

  Hi all,
  I have been looking in to an enterprise wide wireless solution for my company and I completely understand wireless posturing using WLC's & ISE's at our campus sites however what I am struggling to get a black and white answer for, is whether the same posturing can be done at the branch without having to tunnel all wireless traffic back to our DataCenters.
  We have a number of small sites (5 - 15 users on DSL), and we do not want to tunnel traffic back due to limited bandwidth so we want to know whether using Cisco kit can help us keep the wireless traffic locally switched and still apply posturing and automatic remediation techniques.
  Our Cisco partner have advised that we should use H-REAP or FlexConnect as its known now. But they advise that the drawback to this is that APs in H-REAP mode are not compatible with the ISE currently meaning that that the only way of achieving posturing is tunnelling all wireless traffic back to the DataCenter.
  I thought that posturing only requires to see the report from the NAC agent on the client machines. I did not think that posturing required that the ISE actually needs to look at the clients traffic.
  I can understand that maybe we will need a WLC at every site as the WLC supports the RADIUS CoA attribute, but will we need an ISE as well?
  Currently, I cannot find any Cisco Wireless / ISE design examples that fit our requirements. Effectively, we have 2 datacenters and then hundreds of very small DSL branch sites, and a few bigger branch sites with 10mbps ethernet bearers. Our end goal in security is that we want to provide 802.1x authentication at the network edge both wirelessly and wired. Can Cisco kit currently do this?
  I hope this all makes sense.
  thanks
  Mario De Rosa

  Hi,
  One important problem that we came up against with FlexConnect clients was that the ISE could not push an ACL when doing a CoA.
  So, when a client needs to go through posture, you can push out a VLAN, and an ACL restricting network access.
  BUT...
  once passed posture and the ISE issues a CoA, the ISE can only push a VLAN to place the client in to. The ISE completely removes the ACL, affectively permitting complete unrestricted access to the network. Meaning that you cannot push dACL's for particular user types.
  This is probably not much of an issue if you have full control and management of your own WAN. We do not, so to have VLANs added to remotes sites for particular groups of users would have cost us money every time. Plush changing any ACLs on our WAN routers would also have cost us money.
  I'm not sure whether this is a Wireless Controller limitation or an ISE limitation.
  Mario

• Cisco 3905 problem / remote site

  Hi all!
  Information:
  I have CUCM 8.6.2.20000-2 and many Cisco IP Phone 3905 (SIP). Some of them deployed in central office and some in remote sites.
  Phone information:
  Boot Version: 3905.0-0-0-01-01
  DSP Version: 12.0.0.8
  Application: 3905.9-2-2-0
  Symptoms:
  In remote sites only!
  The phone is registered and working fine. However, after few hours idle state I lift the handset, dial any number and nothing happens. Drop the call and try again 2-3 times. After that either call passed or get permanent busy tone (need to reboot the phone to work again).
  The phone is marked as registered on CUCM and I hear dial tone when lifted the handset.
  I cannot collect debug messages from phones, because as soon as I login via telnet it going work fine.
  There is no such problem in central office.
  Phones print following messages in terminal all the time:
  17:07:10:302 x [CENTRAL] CDP/LLDP-MED CB function is called
  17:07:26:491   [sip]  03:58:24.490    pjsua_acc.c  SIP outbound status for acc 0 is not active
  17:07:26:495   [sip]  03:58:24.494    pjsua_acc.c  "п°п╦я┘п╟п╦п╩ п я┐пЇя▄п╪п╦пҐ"<sip:[email protected]:5060>: registration success, status=200 (OK              ), will re-register in 120 seconds
  17:07:26:502   [sip]  03:58:24.500         pjcu.c  pjcu_on_reg_state2(), Account["п°п╦я┘п╟п╦п╩ п я┐пЇя▄п╪п╦пҐ"<sip:[email protected]:5060>] : OK,               status=200
  17:07:26:506 x [pcu] pcuRcvHandler(CALL), SRV_EV, eid=0, cid=65535,
  17:07:26:510 x [pcu] [pcux_insrv_cb():7071] CUCM_DateTime:Mon, 27 May 2013 11:07:26 GMT
  17:07:26:511 x [pcu] Sync time from server: Mon, 27 May 2013 11:07:26 GMT
  17:07:26:515 x [pcu] [set_svr_type][1599] Bfe active_server_idx=0, serverType=0
  17:07:26:515 x [pcu] [set_svr_type][1602] Aft  serverType=0, Server Number=2
  17:07:26:531   [ipps] ----- PCU: CC_SRV, pid=0, eid=0, cid=65535 -----
  17:07:26:532   [ipps] In func: remoteNtyEvtProcess(), lib = 0, cid = 65535, ntyEv = 0
  17:07:26:533 f [ipps] In func: remoteNtyEvtProcess(), recv inservice nty, svrType = 0, cause = 0
  17:07:26:534 f [MMI] <RCV>: In func: ui_nty(), lid = 0, cid = 65535, ntyEv = 0
  17:07:26:535 x [CENTRAL] IPPS CB function(RegStatus) is called (1) with Line (0)
  17:07:26:536 f [ipps] In func: mlcu_isKpmlEnabled(), KPML value = 3, blRet = 1
  17:07:26:537 x [CENTRAL] Enter FSM: State(STANDBY) | Event(REGISTER_OK) | Cause(0)
  17:07:26:540 x [CENTRAL] Unexpected event REGISTER_OK (cause=0) at STANDBY state
  17:07:26:541 x [CENTRAL] Waiting event in STANDBY
  17:07:58:990 x [CENTRAL] CDP/LLDP-MED CB function is called
  17:08:39:022   [sip]  03:59:37.021         pjcu.c  pjcuRcvHandler(KA), KA_REQUEST, eid=-1, p1=192.168.70.1:5060
  17:08:39:040   [sip]  03:59:37.036         pjcu.c  pjcu_rpt_ka_status(), target(192.168.70.1:5060): status=1, id=27
  17:08:39:044 x [pcu] pcuRcvHandler(KA), KA_RESPONSE, eid=0, addr=192.168.70.1:5060, status=1
  17:08:39:050 x [pcu] [pcu_polling_sipserver_thread():1478] mark!
  17:08:54:130 x [CENTRAL] CDP/LLDP-MED CB function is called
  Thanks for your help.

  There are 2 versions of firmware on cisco.com. cmterm-3905.9-2-1-0 is the default firmware going with CUCM 8.6.2.20000-2 for 3905 phones and cmterm-3905.9-2-2-0 I've installed recently. Both versions of firmware with same problems.
         Some new information. I get traffic dump with wireshark.
  INVITE sip:[email protected]:5060;transport=tcp SIP/2.0
  Via: SIP/2.0/TCP 192.168.70.86:3457;rport;branch=z9hG4bKPjdp3HjFLs7Dy03RL9ce.16qung.tOq5O3
  Max-Forwards: 70
  From: "............ .............." ;tag=5a25b465-747b-4c31-a020-1a9636827427
  To: sip:[email protected]
  Contact: ;+sip.instance="";+u.sip!devicename.ccm.cisco.com="SEP10BD18DD3F59";+u.sip!model.ccm.cisco.com="592"
  Call-ID: e9edcc43-6a9b-42b8-8efc-99f702b313d1
  CSeq: 28324 INVITE
  Allow: PRACK, INVITE, ACK, BYE, CANCEL, UPDATE, SUBSCRIBE, NOTIFY, REFER, MESSAGE, OPTIONS
  User-Agent: Cisco-CP3905/9.2.1
  Supported: replaces,join,sdp-anat,norefersub,extended-refer,X-cisco-callinfo,X-cisco-serviceuri,X-cisco-escapecodes,X-cisco-service-control,X-cisco-monrec,X-cisco-config,X-cisco-sis-4.0.0,X-cisco-xsi-7.0.1
  Expires: 900
  Accept: application/sdp
  Allow-Events: kpml,dialog
  Remote-Party-ID: "............ ..............";privacy=off
  Content-Type: application/sdp
  Content-Length:   294
  As you can see phone trying to invite [email protected]:5060, BUT I dial 7103 DN from 7102. So where are other numbers? Bug?

• Remote site redundancy IPSEC VPN between 2911 and ASA

  We already have IPSEC VPN connectivity established between sites but would like to introduce some resilience/redundancy at a remote site.
  Site A has an ASA with one internet circuit.
  Site B has a Cisco 2911 with one internet circuit and we have established site-to-site IPSEC VPN connectivity between the 2911 and the ASA.
  Prior to getting the new internet circuit, Site B had a Cisco 877 with an ADSL line which are still available but aren’t currently in use.
  The internet circuit at Site B has dropped a few times recently so we would like to make use of the ADSL circuit (and potentially the 877 router too) as a backup.
  What is the best way of achieving this?
  We thought about running HSRP between the 877 and 2911 routers at Site B and, in the event of a failure of the router or internet circuit, traffic would failover to the 877 and ADSL.
  However, how would Site A detect the failure? Can we simply rely on Dead Peer Detection and list the public IP address of the internet circuit at Site B first with the public IP address used on the ADSL line second in the list on the ASA? What would happen in a failover scenario and, just as important, when service was restored – I’m not sure DPD would handle that aspect correctly?
  I’ve read briefly elsewhere that GRE might be best to use in this scenario – but I can’t use GRE on the ASA. I have an L3 switch behind the ASA which I may be able to make use of? But I don’t want to disrupt the existing IPSEC VPN connectivity already established between the ASA and the 2911.   Can I keep IPSEC between the ASA and 2911 but then run GRE between the L3 switch and the 2911? If so, how would this best be achieved?  And how could I also introduce the 877 and ADSL line into things to achieve the neccessary redundancy?
  Any help/advice would be appreciated!

  Hello,
  I don't think GRE tunnel that you could set up on the switch  behind ASA would be really helpfull. Still site-2-site tunnel you want  to establish between ASA and some routers, but still it is ASA which needs to make decision about which peer to connect to.
  Possible solution would be to do HSRP between both routers on LAN side and with two independent tunnels/crypto maps (one on each of them). On ASA you would need to set up two hosts in set peer. Problem of this solution is that if one router at side B is going to go down and second ADSL line will take over ASA will not do preempt after you main Internet connection is up again. This would happen after ADSL Internet connection will be down.
  Solution to that would be to assign two different public IP addressess on two different interfaces of ASA. Then you attach two crypto maps to both interfaces and by using sla monitor (let's say icmp to main router, if it does not respond then you change routing for remote LAN to second interface) you are selecting which crypto map (with one peer this time) should be used.
  I hope what I wrote makes some sense.