CES/CEP in Intranet with single forest

Similar Messages

• Identity firewall with Single Forest/Multi-Domain

  I have a question with regard to setting up the ID firewall on the ASA 5585 in a single forest, multiple domain windows network.
  Currently I have a semi-operational IDF at the top level but can't find users on the lower other domains, here is the setup:
  I have 3 domains.
  domain1.test.com
  domain2.domain1.test.com
  domain3.domain2.domain1.test.com
  Both domains have a two way parent-child trust and I can look for users in AD Users/Computer on both domains.  I initially setup the ASA to look at domain1.test.com using an LDAP aaa-server per the IDF instructions, and then proceeded to configure the ad-agent.  I installed the adagent on the domain1.test.com domain controller configured the settings on that system and had no problem adding users to the firewall and getting functionality within domain1.  I looked to see if I could see domain 2 and domain 3 users and found none.  I went ahead and added the domain2 system to the adagent on the DC and the system says that it is up, but when I search for users is not pulling them from domain2.  Instead, it shows domain1 users as domain2\user1.  I also configured another adserver in the ASA to search ldap on domain 2 to no avail.
  The cisco documentation states the following:
  •Before you configure even a single domain controller machine using the adacfg dc create command, ensure that the AD Agent machine is first joined to a domain (for example, domain J) that has a trust relationship with each and every domain (for example, domain D[i]) that it will monitor for user authentications (through the domain controller machines that you will be configuring on the AD Agent machine).
  Single Forest, Multiple Domains—All the domains in a single forest already have an inherent two-way trust relationship with each other. Thus, the AD Agent must first be joined to one of the domains, J, in this forest, with this domain J not necessarily being identical to any of the domains D[i] corresponding to the domain controller machines. Because of the inherent trust relationship between domain J and each of the domains D[i], there is no need to explicitly configure any trust relationships.
  Reading that it sounds like it should just work.  I had everything properly configured before I installed the adagent, but I'm guessing that there is a chance that you can't have the adagent on the top level DC and get to communicate with the lower level domains.  I wanted to ask though before I blow everything up and start over.  The instructions are not overwhelming clear on what needs to done in this scenario.  Suggestions?

  Hi Matthew,
  If I understand your post correctly, the problem is that the ASA is unable to search users in domain2, correct? This portion of the communication is unrelated to the AD Agent, but it sounds like the Agent can talk to the DC just fine. The ASA searches for users directly on the DC via LDAP queries. The communication between the ASA and the Agent is all done via RADIUS.
  If the above is correct, I would focus on why the LDAP queries are failing between the ASA and the domain2 DC. Feel free to open a TAC case on this as well for additional assistance from the AAA experts.
  -Mike

• Non domain-joined Clients (CES/CEP)

  Hello Everyone!
  This is my first post to the security forum and it is not an overly familiar tech for me so please be gentle. :)
  I am looking at building a lab to test a web based application for a client.  The client has very stringent security requirements and as such have mandated the need for both the web server to be secured using SSL certs and requires the connecting
  users to have a certificate.  The infrastructure will be hosted in a central DC in it's own AD forest whilst the users connecting in will have their own AD as they work for different companies.  Each user will have an AD account within the hosted
  environment.  My initial thought was to provide public certs for the web servers but my problem was providing certificates to the clients.  Clearly using public certs would be very expensive.  After a bit of research I stumbled across the following:
  http://blogs.technet.com/b/askds/archive/2010/05/25/enabling-cep-and-ces-for-enrolling-non-domain-joined-computers-for-certificates.aspx
  What I am trying to understand is, will the combination of Certificate services & CES/CEP effectively do away with the need for public certs in this instance?  Can I simply use the internal authority to publish certificates to the web server and
  to the end users?

  Yes - I think this is one of the scenarios CES/CEP have been developed for.
  End users would have to trust your internal CA and validate the chain, so intermediate CAs should be found via AIA URLs. But since you need user - not computer - certificates this is simpler than described in the article as users do not need to be local
  admins to import a root. (But on principle the admin of a user's home AD could restrict this though I have never encountered that.)
  You would need to publish the CES/CEP services via a reverse proxy and external users would have to configure the enrollment HTTP URLs and enter their AD credentials in the hosted AD when connecting.
  As users have imported your CA certificate they will also trust the web server's certificate issued from the same CA.
  Elke

• How many ADFS farms can you have in a single forest/single domain?

  Hi
  I may have some terminology incorrect...please let me know if I do. :)
  My question is, how many ADFS farms can you have in a single forest/single domain? If you want to know why I am asking...please read on.
  We have 1 ADFS Farm and we are looking adding services to it. However not every cloud vendor provides a "Identity Broker" with there services.
  We have a consultant that is advising that we need to enable a SAML-based IdP-initiated single sign-on (SSO) ie using "IdpInitiatedSignOnPage"
  However to do this we need to modify the ADFS website to have "drop down" list so the user can select the "Relying Party" and then authentication with them.
  This means we are exposing a list of every company/party we have federated with. The exposure of this information, is deemed a security concern by our company....which I agree with.
  So the consultant advises that we need a separate ADFS farm. I have searched online, but haven't found any information that confirms multiple ADFS farms can be implemented in a single forest/single domain.
  Thanks for reading and if you have any other suggestions...I'd appreciate it.
  Nyobi

  This is not exactly FIM related question - there is ADFS forum available on Technet. However - technically there is no limit of ADFS farms in a forest \ domain. It is just a service which uses AD and is not altering it in any way or storing some forest-wide
  information like Exchange. So you can setup two ADFS services in single forest - no problem. 
  If it is a best solution to your problem? I can't say with that limited information but maybe just customization of pages on ADFS side would be enough? 
  Tomek Onyszko, memberOf Predica FIM Team (http://www.predica.pl), IdAM knowledge provider @ http://blog.predica.pl

• Exchange 2003 migrate to Exchange 2010 - single forest multiple domain. Active Sync problem

  Hi All, 
  I have AD single forest and multiple domain. for example, the forest domain is jakarta.co.id, and the other domain is bali.co.id.
  Exchange 2003 deployed in jakarta.co.id, User mail enabled in domain jakarta.co.id and bali.co.id.
  Then, I upgrade to Exchange 2010 (deploy in jakarta.co.id) and move mailbox from Exchange 2003 to Exchange 2010.
  All users in bali.co.id are able to access email from Owa, BlackBerry (BIS), Outlook, but cannot access from Android, Windows Phone. (Active-Sync).
  I got error information generated from https://testconnectivity.microsoft.com, as following:
  Attempting the FolderSync command on the Exchange ActiveSync session.
  The test of the FolderSync command failed.
  Tell me more about this issue and how to resolve it
  Additional Details
  Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).
  Active-Sync still not work even I check option "Include inheritable permissions from this object" in security tab.
  any idea to fix this issue?
  Thanks.
  Endrik
  Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

  Hi Sathish, 
  We are planning to migrate Exchange 2003 to Exchange 2013, all user already in Exchange 2010 and Exchange 2003 was decommissioned
  Event Viewer log as following:
  Log Name:      Application
  Source:        MSExchange ActiveSync
  Date:          1/17/2014 10:00:48 PM
  Event ID:      1008
  Task Category: Requests
  Level:         Warning
  Keywords:      Classic
  User:          N/A
  Computer:      EXC2010.jakarta.co.id
  Description:
  An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case,
  Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization. 
  URL=/Microsoft-Server-ActiveSync/default.eas?Cmd=Sync&User=bali%5Csteveng&DeviceId=SAMSUNG123456789&DeviceType=SAMSUNGGTN7000
  --- Exception start ---
  Exception type: Microsoft.Exchange.AirSync.AirSyncPermanentException
  Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevices,CN=Steven Gerrard,OU=IT,DC=bali,DC=co,DC=id.
  Exception level: 0
  HttpStatusCode: 500
  AirSyncStatusCode: 110
  XmlResponse: 
  This request does not contain a WBXML response.
  Exception stack trace:    at Microsoft.Exchange.AirSync.ADDeviceManager.SetActiveSyncDeviceContainerPermissions(ActiveSyncDevices container)
     at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDeviceContainer(Boolean retryIfFailed)
     at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime, Boolean retryIfFailed)
     at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime)
     at Microsoft.Exchange.AirSync.Command.UpdateADDevice(GlobalInfo globalInfo)
     at Microsoft.Exchange.AirSync.Command.CompleteDeviceAccessProcessing()
     at Microsoft.Exchange.AirSync.Command.WorkerThread()
  --- Exception end ---.
  I think KB817379 is not related because Exchange 2003 was decommissioned.
  Regards, 
  Endrik
  Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
  the thread.

• Scenario for a single forest model

  Kind greetings.
  Could anybody please help me to know the best suited scenarios for a single forest model?
  I would be much appreciated. Thank you.

  Hi Tino,
  Thanks for your reply.
  The deployment below is a simple environment with a single domain in a single forest, you can take it as an example:
  Server1: Domain Controller and DNS server (only one NIC with a static IP address and DNS server points to itself)
  Server2: Domain member (in the same subnet with Server1, DNS server points to Server1)
  Install AD DS in server manager on server1, choose Create a new forest on Choose a Deployment Configuration page. On the Domain Controller Options page, select DNS server option and create the first domain controller with DNS role in a new forest.
  Then promote server1 to a Domain Controller. After that, add Server2 to the domain.
  More information: 
  Installing a New Forest by Using the Graphical User Interface (GUI)
  http://technet.microsoft.com/en-us/library/cc755059(v=ws.10).aspx
  How to Join Your Computer to a Domain
  http://technet.microsoft.com/en-us/library/bb456990.aspx
  Best regards,
  Susie

• Multiple Hierarchies in Single Forest

  Hi,
  I’m really struggling to understand how SCCM 2012 would work in this scenario.
  We have a single forest with 3 child domains. In the first of the child domains we have a SCCM 2007 hierarchy and in the second we have a SCCM 2012 hierarchy. We’d like to install a new hierarchy in the parent domain which will support clients in the third
  domain (and longer term the other two).
  If we install a primary server in the parent domain and allow it to publish it’s MP to the Sys Man container, will the SCCM clients in the existing child domains (with SCCM installations) query AD and attempt to use the primary server in the parent
  domain?
  Thanks,
  Gareth

  The answer is both yes and no. It will all depend on how you setup your boundaries. If the clients are not withing the boundaries then they will not try to use it.
  Garth Jones | My blogs: Enhansoft and
  Old Blog site | Twitter:
  @GarthMJ

• SCCM 2012 AD Publishing in a Single Forest Multiple Domains

  Hi there,
  Let me explain the situation first so that you get the idea. We have a single forest, multiple child domains AD environment. For some reasons each domain is being managed separately by their geographic location IT.
  Forest has been extended for SCCM by the site who holds the forest root domain. Since everyone wants to manage their own domain and systems, each child domain have their own primary site server.
  In one of the domains I have installed brand new SCCM 2012 R2. I haven't done anything yet, havent turned on any discovery except Heartbeat. Now I see one device, which belongs to another domain with totally separate IP address, shows in my SCCM site. I dont
  know why.
  From here question arises for me. Correct me if I'm wrong and please advice what to do domain/forest wide.
  1. System Container is needed in each child domain, not in the forest, right?
  2. Where does/should each SCCM primary site publish information; in each domain or in the forest root domain?
  3. Under Administration > Overview > Site Configuration > Sites > Properties > Publishing I see forest root domain name and its checked. 
  Under Administration > Overview > Hierarchy Configuration > Active Directory Forests > Properties > Publishing my site is checked and its the only one in there. In that same window I went ahead and specified my own domain hoping
  to cure the possible problem.
  So, why would that one device show up in this site? I have disabled Heartbeat together with other discoveries for now till I make everything ready.
  Thanks for your help in advance.

  1. Under Administration > Overview > Site Configuration > Sites > Properties > Publishing If I uncheck forest root domain will devices on my child domain still be able to find my site server?
  2. Under Administration > Overview > Hierarchy Configuration > Active Directory Forests > Properties > Publishing my site is checked and its the only one in there. In that same window I went ahead and specified my own domain
  hoping to cure the possible problem. Is this a good practice?
  3. "When clients look for ConfigMgr info, they use GC lookups meaning they return objects from every System Management container in the forest." So, which one do clients choose and how?
  4. "For that one device, have you opened its properties and examined it?" Yes, what abou it? Its found based on Heartbeat Discovery agent (when heartbeat was enabled).
  5. "Have you reviewed the boundaries and boundary groups set up for site assignment?" Yes, as I mentioned this device belongs to different domain and totally outside of my AD site and SCCM boundaries.
  This is fresh install and not in production yet. I have disabled Heartbeat temporarily so that I fix this problem. I will enable it after. 

• Lync Server 2013 Deployment - Cross domain within Single Forest

  Hello Team,
  We have 5 separate domains in a Single Forest with two-way trust between domains. We are planning to deploy Lync 2013 On-Premise across all domains.
  1) What would be best possible approach to deploy Lync Servers ?
  2) We are planning to get 16000 Users (spread across 5 different domains) on Lync account, Can we have a Single pool managing all users ? 
  3) What high availability options should we opt for ?

  Hello Saleesh,
  Thanks for the update.
  I could just go ahead with below steps, Could you advise ?
  1) add additional sip domains as part of Lync pool configuration
  2) Install Certificates on all the domains
  3) update DNS suffix for all the domains - Any other changes i need to do with respect to DNS.
  4) Web publishing rules - Do i need to add seperate simple URLS for all domains ?
  5) Should i do any further changes on Office web app servers to make sure it works for all users from 5 seperate domains.
  Thanks,
  Shady

• Configuring JCo3 Connection Pool with single sign on on non SAP Java server

  Hi Everyone,
  i have configured a connection pool on JBoss as per JCo3 Documentation and is working great.
  Now I need help to configure this connection pool with single sign on so that RFc on SAP ECC systems are executed using end users credential rather than using single user name password used to configure JCo connection pool.
  On SAP Java stack I am sure its possible within Java WebDynpro    and i assume using JCA resource adapter. But what if we don't want to use SAP Java App server.
  Any help will be appreciated.
  Thanks,
  Divyakumar Jain

  Eason, 你好！
  I have exactly the same problem.  Did you find a solution to this problem?  If so, please let me know!

• Dynamic SQL and Data with Single Quotes in it.

  Hi There,
  I have a problem in that I am using dynamic SQL and it happens that one of the columns does contain single quotes (') in it as part of the data. This causes the resultant dynamic SQL to get confused as the single quote that is part of the data is taken to mean end of sting, when in fact its part of the data. This leaves out a dangling single quote that was meant to enclose the string. Here is my dynamic SQL and the result of the parsed SQL that I have captured:
  ****Dynamic SQL*****
  l_sql:='select NOTE_TEMPLATE_ID '||
  'FROM TMP_NOTE_TEMPLATE_VALUES '||
  'where TRIM(LEGACY_NOTE_CODE)='''||trim(fp_note_code)||''' '||
  'and TRIM(DISPLAY_VALUE)='''||trim(fp_note_text)||''' ';
  execute immediate l_sql INTO l_note_template_id;
  Because the column DISPLAY_VALUE contains data with single quotes, the resultant SQL is:
  ******PARSED SQL************
  select NOTE_TEMPLATE_ID
  FROM TMP_NOTE_TEMPLATE_VALUES
  where TRIM(LEGACY_NOTE_CODE)='INQ' and TRIM(DISPLAY_VALUE)='Cont'd'
  And the problem lies with the single quote between teh characters t and d in the data field for DISPLAY_ITEM. How can I handle this?
  Many thanks,

  I have been reliably informed that if one doesn't enclose char/varchar2 data items in quotes, the right indices may not be usedI am into oracle for past 4 years and for the first time i am hearing this.
  Your reliable source is just wrong. Bind variables are variables that store your value and which are used in SQL. They are the proper way to use values in your SQL. By default all variables in PL/SQL is bind variable.
  When you can do some thing in just straight SQL just do it. Dynamic SQL does not make any sense to me here.
  Thanks,
  Karthick.

• AP Tax Calculation issue with SINGLE TAX vs TAX GROUP

  Hi Gurus,
  i need your help on below, please advise!!
  i have to calculate ap VAT tax on AP invoice,
  (Rounding = nearest, precession=2, tax calcualtion= Include tax)
  if i calculate 5% is the tax rate, then the tax amount is 0.47cents,this is in case of single tax calculation.
  here my requirement was i need calculate 2 Taxes(TAX A AND TAX B (Rates are 5 AND 5%)
  EG:
  Invoce Base amount = 10 dollars
  in case of single tax = 5/105 * 10 = 0.4761 cents(this is 48cents in apps with rouning nearest and precession 2)
  tax mode = Include tax
  In case of tax group = Tax A and Tax B = 5 + 5 = 10%, when i calculate this in apps its showing 45cents and 45 cents as tax A and B
  why this tax caluclation is different with single tax and tax group.
  tax code actual amount tax amount remaining amount
  single tax 10 0.4761 10 - 0.48cents = 9.52 cents
  tax group 10 45+45=90 cents 9.10 cents
  Please Help !!!
  Thanks,
  Satish

  Hi Vineeth,
  This is Kathy from BSI Support.  I wanted to make sure that you understood that the TF80 Like Reciprocal flag was made available in TF90 for testing purposes only.  This was meant as a tool for customers to be able to compare their TF90 results to their TF80 output, to insure a successful upgrade.  This funcitonality, however, was never intended to be utilized going forward.  There have been significant changes implemented in BSI TaxFactory 9.0 regarding multi-state withholding (also known as reciprocity).  There is information available on our website that explains these changes.  If you log onto our website, please look under the "Whats New" section for an explanation of reciprocal functionality in BSI TaxFactoryu2122 9.0
  If you have specific scenarios that you need help with, please contact us and we will be happy to assist you.
  Regards,
  BSI Support - Kathy

• SIP Trunk - No voice with Single Number Reach

  Hi Community.
  I setup SIP Trunk with the CCA. Everything is working Call In and Call Out. Call Forward and so on.
  But with Single Number reach is something wrong. The mobile phone is ringing and I can get the call, but I hear not any voice.
  Can someone please help me out? Below the config.
  version 15.1
  parser config cache interface
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  service internal
  service compress-config
  service sequence-numbers
  dot11 ssid cisco-data
   vlan 1
   authentication open
  dot11 ssid cisco-voice
   vlan 100
   authentication open
  ip source-route
  ip cef
  ip dhcp relay information trust-all
  ip dhcp excluded-address 10.1.1.1 10.1.1.9
  ip dhcp excluded-address 10.1.1.241 10.1.1.255
  ip dhcp pool phone
   network 10.1.1.0 255.255.255.0
   default-router 10.1.1.1
   option 150 ip 10.1.1.1
  ip domain name site1.365873.trk.ipvoip.ch
  ip name-server 8.8.8.8
  ip inspect WAAS flush-timeout 10
  ip inspect name SDM_LOW dns
  ip inspect name SDM_LOW ftp
  ip inspect name SDM_LOW h323
  ip inspect name SDM_LOW https
  ip inspect name SDM_LOW icmp
  ip inspect name SDM_LOW imap
  ip inspect name SDM_LOW pop3
  ip inspect name SDM_LOW netshow
  ip inspect name SDM_LOW rcmd
  ip inspect name SDM_LOW realaudio
  ip inspect name SDM_LOW rtsp
  ip inspect name SDM_LOW esmtp
  ip inspect name SDM_LOW sqlnet
  ip inspect name SDM_LOW streamworks
  ip inspect name SDM_LOW tftp
  ip inspect name SDM_LOW tcp router-traffic
  ip inspect name SDM_LOW udp router-traffic
  ip inspect name SDM_LOW vdolive
  no ipv6 cef
  multilink bundle-name authenticated
  stcapp ccm-group 1
  stcapp
  isdn switch-type basic-net3
  voice call send-alert
  voice rtp send-recv
  voice service voip
   ip address trusted list
    ipv4 0.0.0.0 0.0.0.0
   allow-connections h323 to h323
   allow-connections h323 to sip
   allow-connections sip to h323
   allow-connections sip to sip
   supplementary-service h450.12
   no supplementary-service sip refer
   fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw
   sip
    registrar server expires max 3600 min 3600
    localhost dns:site1.365873.trk.ipvoip.ch
    no update-callerid
  voice class codec 1
   codec preference 1 g711alaw
  voice register global
   mode cme
   source-address 10.1.1.1 port 5060
   load 9971 sip9971.9-2-2
   load 9951 sip9951.9-2-2
   load 8961 sip8961.9-2-2
   timezone 23
  voice source-group CCA_SIP_SOURCE_GROUP_CUE_CME
   access-list 2
   translation-profile incoming SIP_Incoming
  voice source-group CCA_SIP_SOURCE_GROUP_EXTERNAL
   access-list 3
  voice translation-rule 9
   rule 1 /0041449475090/ /90/
   rule 2 /0041449475091/ /91/
   rule 3 /0041449475092/ /92/
   rule 4 /0041449475093/ /93/
   rule 5 /0041449475094/ /94/
   rule 6 /0041449475095/ /95/
   rule 7 /0041449475096/ /96/
   rule 8 /0041449475097/ /97/
   rule 9 /0041449475098/ /98/
   rule 10 /0041449475099/ /99/
  voice translation-rule 410
   rule 1 /^0\(.*\)/ /\1/
   rule 15 /^..$/ /0041449475090/
  voice translation-rule 411
   rule 1 /^0\(.*\)/ /ABCD0\1/
  voice translation-rule 412
   rule 1 /^ABCD\(.*\)/ /\1/
  voice translation-rule 422
   rule 15 /^ABCD\(.*\)/ /\1/
  voice translation-rule 1000
   rule 1 /.*/ //
  voice translation-rule 1111
   rule 1 /^9\([1-9]\)$/ /004144947509\1/
   rule 15 /^..$/ /0041449475090/
  voice translation-rule 1112
   rule 1 /^0/ //
  voice translation-rule 2000
   rule 1 /0041449475098/ /98/
  voice translation-rule 2001
   rule 1 /0041449475097/ /97/
  voice translation-rule 2002
   rule 1 /^6/ //
  voice translation-rule 2222
  voice translation-profile AA_Profile
   translate called 2001
  voice translation-profile CALLER_ID_TRANSLATION_PROFILE
   translate calling 1111
  voice translation-profile CallBlocking
   translate called 2222
  voice translation-profile OUTGOING_TRANSLATION_PROFILE
   translate called 1112
  voice translation-profile PSTN_CallForwarding
   translate redirect-target 410
   translate redirect-called 410
  voice translation-profile PSTN_Outgoing
   translate calling 1111
   translate called 1112
   translate redirect-target 410
   translate redirect-called 410
  voice translation-profile SIP_Called_9
   translate calling 3265
   translate called 9
  voice translation-profile SIP_Incoming
   translate called 411
  voice translation-profile SIP_Passthrough
   translate called 412
  voice translation-profile SIP_Passthrough_CallBlocking
   translate called 422
  voice translation-profile VM_Profile
   translate called 2000
  voice translation-profile XFER_TO_VM_PROFILE
   translate redirect-called 2002
  voice translation-profile nondialable
   translate called 1000
  voice-card 0
   dspfarm
   dsp services dspfarm
  fax interface-type fax-mail
  license udi pid UC540W-BRI-K9 sn FGL163220SL
  archive
   log config
    logging enable
    logging size 600
    hidekeys
  username admin privilege 15 secret xxx
  username xxx password 0 ""
  username xxx password 0 ""
  ip tftp source-interface Loopback0
  bridge irb
  interface Loopback0
   description $FW_INSIDE$
   ip address 10.1.10.2 255.255.255.252
   ip access-group 101 in
   ip nat inside
   ip virtual-reassembly in
  interface FastEthernet0/0
   description $FW_OUTSIDE$
   no ip address
   ip inspect SDM_LOW out
   ip virtual-reassembly in
   ip verify unicast reverse-path
   load-interval 30
   shutdown
   duplex auto
   speed auto
  interface Integrated-Service-Engine0/0
   description cue is initialized with default IMAP group
   ip unnumbered Loopback0
   ip nat inside
   ip virtual-reassembly in
   service-module ip address 10.1.10.1 255.255.255.252
   service-module ip default-gateway 10.1.10.2
  interface FastEthernet0/1/0
   no ip address
   macro description cisco-desktop
   spanning-tree portfast
  interface FastEthernet0/1/1
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/2
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/3
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/4
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/5
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/6
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/7
   switchport voice vlan 100
   no ip address
   macro description cisco-phone
   spanning-tree portfast
  interface FastEthernet0/1/8
   no ip address
   macro description cisco-desktop
   spanning-tree portfast
  interface BRI0/1/0
   no ip address
   isdn switch-type basic-net3
   isdn point-to-point-setup
   isdn incoming-voice voice
   isdn sending-complete
   isdn static-tei 0
  interface BRI0/1/1
   no ip address
   shutdown
   isdn switch-type basic-net3
   isdn point-to-point-setup
   isdn incoming-voice voice
   isdn sending-complete
   isdn static-tei 0
  interface Dot11Radio0/5/0
   no ip address
   ssid cisco-data
   ssid cisco-voice
   speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
   station-role root
   antenna receive right
   antenna transmit right
  interface Dot11Radio0/5/0.1
   encapsulation dot1Q 1 native
   bridge-group 1
   bridge-group 1 subscriber-loop-control
   bridge-group 1 spanning-disabled
   bridge-group 1 block-unknown-source
   no bridge-group 1 source-learning
   no bridge-group 1 unicast-flooding
  interface Dot11Radio0/5/0.100
   encapsulation dot1Q 100
   bridge-group 100
   bridge-group 100 subscriber-loop-control
   bridge-group 100 spanning-disabled
   bridge-group 100 block-unknown-source
   no bridge-group 100 source-learning
   no bridge-group 100 unicast-flooding
  interface Vlan1
   no ip address
   bridge-group 1
   bridge-group 1 spanning-disabled
  interface Vlan100
   no ip address
   bridge-group 100
   bridge-group 100 spanning-disabled
  interface BVI1
   description $FW_INSIDE$
   ip address 192.168.10.2 255.255.255.0
   ip access-group 102 in
   ip nat inside
   ip virtual-reassembly in
  interface BVI100
   description $FW_INSIDE$
   ip address 10.1.1.1 255.255.255.0
   ip access-group 103 in
   ip nat inside
   ip virtual-reassembly in
  ip forward-protocol nd
  ip http server
  ip http authentication local
  ip http secure-server
  ip http path flash:/gui
  ip dns server
  ip nat inside source list 1 interface FastEthernet0/0 overload
  ip route 0.0.0.0 0.0.0.0 192.168.10.1
  ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0
  access-list 1 remark SDM_ACL Category=2
  access-list 1 permit 10.1.1.0 0.0.0.255
  access-list 1 permit 192.168.10.0 0.0.0.255
  access-list 1 permit 10.1.10.0 0.0.0.3
  access-list 2 remark CCA_SIP_SOURCE_GROUP_ACL_INTERNAL
  access-list 2 remark SDM_ACL Category=1
  access-list 2 permit 192.168.10.2
  access-list 2 permit 10.1.10.0 0.0.0.3
  access-list 2 permit 192.168.10.0 0.0.0.255
  access-list 2 permit 10.1.1.0 0.0.0.255
  access-list 3 remark CCA_SIP_SOURCE_GROUP_ACL_EXTERNAL
  access-list 3 remark SDM_ACL Category=1
  access-list 3 permit 212.147.47.216
  access-list 3 deny   any
  access-list 100 remark auto generated by SDM firewall configuration
  access-list 100 remark SDM_ACL Category=1
  access-list 100 deny   ip 192.168.10.0 0.0.0.255 any
  access-list 100 deny   ip host 255.255.255.255 any
  access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 100 permit ip any any
  access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_8##
  access-list 101 remark SDM_ACL Category=1
  access-list 101 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any
  access-list 101 permit udp 10.1.1.0 0.0.0.255 eq 2000 any
  access-list 101 deny   ip 10.1.1.0 0.0.0.255 any
  access-list 101 deny   ip 192.168.10.0 0.0.0.255 any
  access-list 101 deny   ip 192.168.1.0 0.0.0.255 any
  access-list 101 deny   ip host 255.255.255.255 any
  access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 101 permit ip any any
  access-list 102 remark auto generated by SDM firewall configuration##NO_ACES_6##
  access-list 102 remark SDM_ACL Category=1
  access-list 102 deny   ip 10.1.10.0 0.0.0.3 any
  access-list 102 deny   ip 10.1.1.0 0.0.0.255 any
  access-list 102 deny   ip 192.168.1.0 0.0.0.255 any
  access-list 102 deny   ip host 255.255.255.255 any
  access-list 102 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 102 permit ip any any
  access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_8##
  access-list 103 remark SDM_ACL Category=1
  access-list 103 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
  access-list 103 permit udp 10.1.10.0 0.0.0.3 any eq 2000
  access-list 103 deny   ip 10.1.10.0 0.0.0.3 any
  access-list 103 deny   ip 192.168.10.0 0.0.0.255 any
  access-list 103 deny   ip 192.168.1.0 0.0.0.255 any
  access-list 103 deny   ip host 255.255.255.255 any
  access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 103 permit ip any any
  access-list 104 remark auto generated by SDM firewall configuration##NO_ACES_14##
  access-list 104 remark SDM_ACL Category=1
  access-list 104 deny   ip 10.1.10.0 0.0.0.3 any
  access-list 104 deny   ip 10.1.1.0 0.0.0.255 any
  access-list 104 permit ip any any
  access-list 104 permit udp host 8.8.8.8 eq domain any
  access-list 104 permit icmp any any echo-reply
  access-list 104 permit icmp any any time-exceeded
  access-list 104 permit icmp any any unreachable
  access-list 104 deny   ip 10.0.0.0 0.255.255.255 any
  access-list 104 deny   ip 172.16.0.0 0.15.255.255 any
  access-list 104 deny   ip 192.168.0.0 0.0.255.255 any
  access-list 104 deny   ip 127.0.0.0 0.255.255.255 any
  access-list 104 deny   ip host 255.255.255.255 any
  access-list 104 deny   ip host 0.0.0.0 any
  access-list 104 deny   ip any any
  control-plane
  bridge 1 route ip
  bridge 100 route ip
  voice-port 0/0/0
   cptone CH
   station-id name FAX
   station-id number 99
   caller-id enable
  voice-port 0/0/1
   cptone CH
   shutdown
   caller-id enable
  voice-port 0/0/2
   cptone CH
   shutdown
   caller-id enable
  voice-port 0/0/3
   cptone CH
   shutdown
   caller-id enable
  voice-port 0/1/0
   compand-type a-law
   cptone CH
   bearer-cap Speech
  voice-port 0/1/1
   compand-type a-law
   cptone CH
   bearer-cap Speech
  voice-port 0/4/0
   auto-cut-through
   signal immediate
   input gain auto-control -15
   description Music On Hold Port
  sccp local Loopback0
  sccp ccm 10.1.1.1 identifier 1 version 4.0
  sccp
  sccp ccm group 1
   associate ccm 1 priority 1
   associate profile 2 register mtpa4934c6ee4e0
  dspfarm profile 2 transcode
   description CCA transcoding for SIP Trunk VTX
   codec g711ulaw
   codec g711alaw
   codec g729ar8
   codec g729abr8
   maximum sessions 10
   associate application SCCP
  dial-peer cor custom
   name internal
   name local
   name local-plus
   name international
   name national
   name national-plus
   name emergency
   name toll-free
  dial-peer cor list call-internal
   member internal
  dial-peer cor list call-local
   member local
  dial-peer cor list call-local-plus
   member local-plus
  dial-peer cor list call-national
   member national
  dial-peer cor list call-national-plus
   member national-plus
  dial-peer cor list call-international
   member international
  dial-peer cor list call-emergency
   member emergency
  dial-peer cor list call-toll-free
   member toll-free
  dial-peer cor list user-internal
   member internal
   member emergency
  dial-peer cor list user-local
   member internal
   member local
   member emergency
   member toll-free
  dial-peer cor list user-local-plus
   member internal
   member local
   member local-plus
   member emergency
   member toll-free
  dial-peer cor list user-national
   member internal
   member local
   member local-plus
   member national
   member emergency
   member toll-free
  dial-peer cor list user-national-plus
   member internal
   member local
   member local-plus
   member national
   member national-plus
   member emergency
   member toll-free
  dial-peer cor list user-international
   member internal
   member local
   member local-plus
   member international
   member national
   member national-plus
   member emergency
   member toll-free
  dial-peer voice 1 pots
   destination-pattern 99
   port 0/0/0
   no sip-register
  dial-peer voice 2 pots
   port 0/0/1
   no sip-register
  dial-peer voice 3 pots
   port 0/0/2
   no sip-register
  dial-peer voice 4 pots
   port 0/0/3
   no sip-register
  dial-peer voice 5 pots
   description ** MOH Port **
   destination-pattern ABC
   port 0/4/0
   no sip-register
  dial-peer voice 6 pots
   description tcatch all dial peer for BRI/PRIv
   translation-profile incoming nondialable
   incoming called-number .%
   direct-inward-dial
  dial-peer voice 50 pots
   description ** incoming dial peer **
   incoming called-number ^AAAA$
   direct-inward-dial
   port 0/1/0
  dial-peer voice 51 pots
   description ** incoming dial peer **
   incoming called-number ^AAAA$
   direct-inward-dial
   port 0/1/1
  dial-peer voice 2000 voip
   description ** cue voicemail pilot number **
   translation-profile outgoing XFER_TO_VM_PROFILE
   destination-pattern 98
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   voice-class sip outbound-proxy ipv4:10.1.10.1
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 2001 voip
   description ** cue auto attendant number **
   translation-profile outgoing PSTN_CallForwarding
   destination-pattern 97
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   voice-class sip outbound-proxy ipv4:10.1.10.1
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 2012 voip
   description ** cue prompt manager number **
   translation-profile outgoing PSTN_CallForwarding
   destination-pattern 96
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   voice-class sip outbound-proxy ipv4:10.1.10.1
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 1000 voip
   permission term
   description ** Incoming call from SIP trunk (VTX) **
   session protocol sipv2
   session target sip-server
   incoming called-number .%
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   fax rate 14400
   fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1001 voip
   corlist outgoing call-local
   description ** star code to SIP trunk (VTX) **
   destination-pattern *..
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   fax rate 14400
   fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1003 voip
   description ** Passthrough Inbound Calls for PSTN from CUE **
   translation-profile incoming SIP_Passthrough
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   incoming called-number ABCDT
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 1005 voip
   description ** Passthrough Inbound Calls for MWI from CUE **
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   incoming called-number A80T
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 1009 voip
   description ** Passthrough Inbound Calls for Internal Extensions from CUE **
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   incoming called-number ^..$
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 1033 voip
   corlist outgoing call-local
   description **CCA*Switzerland*Short Code Services**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 0187
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1042 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*Ambulance / Poisioning**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 0014[45]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1041 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*REGA Air Rescue**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 00333333333
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1025 voip
   corlist outgoing call-national
   description **CCA*Switzerland*National Destination Numbers**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00[789]1.......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1020 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Regional Announcement VM**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 01600
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1040 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*REGA Air Rescue**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 000333333333
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1043 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*Ambulance / Poisioning**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 014[45]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1035 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Mobile Numbers**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 007[46789].......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1024 voip
   corlist outgoing call-national-plus
   description **CCA*Switzerland*Personal Numbering**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00878......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1029 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Voicemail Access**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00860.........
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1036 voip
   corlist outgoing call-national
   description **CCA*Switzerland*VPN Access**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00869.............
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1027 voip
   corlist outgoing call-national-plus
   description **CCA*Switzerland*Premium Rate (Business)**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00900......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1026 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Test Numbers**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00868T
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1034 voip
   corlist outgoing call-national-plus
   description **CCA*Switzerland*Shared Cost numbers**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 0084[0248]......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1038 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*Emergency**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 0011[278]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1037 voip
   corlist outgoing call-toll-free
   description **CCA*Switzerland*Toll Free Numbers**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00800......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1039 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*Emergency**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 011[278]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1032 voip
   corlist outgoing call-national
   description **CCA*Switzerland*National Destination Numbers**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 00[23456]........
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1023 voip
   corlist outgoing call-international
   description **CCA*Switzerland*International Calls**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 000T
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1031 voip
   description **CCA*Switzerland*Premium Rate (Social)**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 0090[16]......
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1030 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Short Code**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 014[0357]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1045 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*REGA/Glaciers Air Rescue**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 0141[45]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1028 voip
   corlist outgoing call-national-plus
   description **CCA*Switzerland*Directory Enquiries**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 018[15].
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1021 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Short Code**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 011[45].
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1022 voip
   corlist outgoing call-national
   description **CCA*Switzerland*Short Code Services**
   translation-profile outgoing PSTN_Outgoing
   preference 1
   destination-pattern 01[67].
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 1044 voip
   corlist outgoing call-emergency
   description **CCA*Switzerland*REGA/Glaciers Air Rescue**
   translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
   preference 1
   destination-pattern 00141[45]
   session protocol sipv2
   session target sip-server
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  dial-peer voice 2002 voip
   description ** cue voicemail PSTN number **
   translation-profile outgoing VM_Profile
   destination-pattern xxx$
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   voice-class sip outbound-proxy ipv4:10.1.10.1
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 2003 voip
   description ** cue auto attendant PSTN number **
   translation-profile outgoing AA_Profile
   destination-pattern xxx$
   b2bua
   session protocol sipv2
   session target ipv4:10.1.10.1
   voice-class sip outbound-proxy ipv4:10.1.10.1
   dtmf-relay rtp-nte
   codec g711ulaw
   no vad
  dial-peer voice 1110 pots
   preference 9
   destination-pattern xxx
   port 0/0/0
   no sip-register
  dial-peer voice 3006 voip
   description SIP
   translation-profile incoming SIP_Called_9
   session protocol sipv2
   session target sip-server
   incoming called-number xxx.
   voice-class codec 1
   voice-class sip dtmf-relay force rtp-nte
   dtmf-relay rtp-nte
   ip qos dscp cs5 media
   ip qos dscp cs4 signaling
   no vad
  no dial-peer outbound status-check pots
  sip-ua
   keepalive target dns:site1.365873.trk.ipvoip.ch
   authentication username xxx password 7 xxx
   no remote-party-id
   retry invite 2
   retry register 10
   timers connect 100
   timers keepalive active 100
   registrar dns:site1.365873.trk.ipvoip.ch expires 3600
   sip-server dns:site1.365873.trk.ipvoip.ch
   host-registrar
  telephony-service
   sdspfarm units 5
   sdspfarm transcode sessions 10
   sdspfarm tag 2 mtpa4934c6ee4e0
   video
   fxo hook-flash
   max-ephones 40
   max-dn 300
   ip source-address 10.1.1.1 port 2000
   auto assign 1 to 1 type bri
   calling-number initiator
   service phone videoCapability 1
   service phone ehookenable 1
   service phone ehookEnable 1
   service dnis overlay
   service dnis dir-lookup
   service dss
   timeouts interdigit 5
   system message SwissT.Net
   url services http://10.1.10.1/voiceview/common/login.do
   url authentication http://10.1.10.1/voiceview/authentication/authenticate.do
   cnf-file location flash:
   cnf-file perphone
   user-locale U4 load CME-locale-de_DE-German-8.1.2.2.tar
   network-locale U4
   load 521G-524G cp524g-8-1-17
   load 525G spa525g-7-5-4
   load 501G spa50x-30x-7-5-2b
   load 502G spa50x-30x-7-5-2b
   load 504G spa50x-30x-7-5-2b
   load 508G spa50x-30x-7-5-2b
   load 509G spa50x-30x-7-5-2b
   load 525G2 spa525g-7-5-4
   load 301 spa50x-30x-7-5-2b
   load 303 spa50x-30x-7-5-2b
   time-zone 23
   time-format 24
   date-format dd-mm-yy
   keepalive 30 auxiliary 4
   voicemail 98
   max-conferences 8 gain -6
   call-forward pattern .T
   call-forward system redirecting-expanded
   hunt-group logout HLog
   moh flash:/media/music-on-hold.au
   multicast moh 239.10.16.16 port 2000
   web admin system name cisco secret 5 xxx
   dn-webedit
   time-webedit
   transfer-system full-consult dss
   transfer-pattern .T
   transfer-pattern 0.T
   transfer-pattern 6.. blind
   secondary-dialtone 0
   night-service day Sun 17:00 09:00
   night-service day Mon 17:00 09:00
   night-service day Tue 17:00 09:00
   night-service day Wed 17:00 09:00
   night-service day Thu 17:00 09:00
   night-service day Fri 17:00 09:00
   night-service day Sat 17:00 09:00
   fac standard
   create cnf-files version-stamp Jan 01 2002 00:00:00
  ephone-template  1
   url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
   service phone webAccess 0
   softkeys remote-in-use  Newcall
   softkeys idle  Redial Pickup Mobility Newcall Cfwdall Gpickup Dnd Login
   softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
   softkeys connected  Hold Endcall Trnsfer Mobility TrnsfVM Confrn Acct Park
   button-layout 7931 2
  ephone-template  15
   url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
   softkeys remote-in-use  Newcall
   softkeys idle  Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
   softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
   softkeys connected  Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
   button-layout 7931 2
  ephone-template  16
   url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
   softkeys remote-in-use  Newcall
   softkeys idle  Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
   softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
   softkeys connected  Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
  ephone-template  17
   url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
   softkeys remote-in-use  CBarge Newcall
   softkeys idle  Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
   softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
   softkeys connected  Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
  ephone-template  18
   url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
   softkeys remote-in-use  CBarge Newcall
   softkeys idle  Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
   softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
   softkeys connected  Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
   button-layout 7931 2
  ephone-dn  9
   number BCD no-reg primary
   description MoH
   moh out-call ABC
  ephone-dn  292
   number xxx
   description SIP Main Number registration
   preference 10
  ephone-dn  293  dual-line
   number 90 secondary xxx no-reg both
   label Zentrale
   description 90
   name Zentrale
   call-forward busy 98
   call-forward noan 98 timeout 20
  ephone-dn  294  dual-line
   number 94 secondary xxx no-reg both
   label LL
   description Lehrling Lehrnende
   name Lehrling Lehrnende
   mobility
   snr xxx delay 1 timeout 30 cfwd-noan 98
   snr ring-stop
   call-forward busy 98
   call-forward noan 98 timeout 20
  ephone-dn  295  dual-line
   number 93 secondary xxx no-reg both
   label CM
   description
   name
   snr xxx delay 1 timeout 30 cfwd-noan 98
   snr ring-stop
   call-forward busy 98
   call-forward noan 98 timeout 10
  ephone-dn  296  dual-line
   number 92 secondary xxx no-reg both
   label EE
   description
   name
   mobility
   call-forward busy 98
   call-forward noan 98 timeout 20
  ephone-dn  297  dual-line
   number 91 secondary xxx no-reg both
   label RS
   description
   name
   mobility
   snr xxx delay 1 timeout 30 cfwd-noan 98
   snr ring-stop
   call-forward busy 98
   call-forward noan 98 timeout 10
  ephone-dn  298
   number 6.. no-reg primary
   description ***CCA XFER TO VM EXTENSION***
   call-forward all 98
  ephone-dn  299
   number A801.. no-reg primary
   mwi off
  ephone-dn  300
   number A800.. no-reg primary
   mwi on
  ephone  1
   device-security-mode none
   mac-address A44C.11A0.B648
   ephone-template 1
   max-calls-per-button 2
   username "xxx" password xxx
   type 525G2
   button  1:296 2:293 3m297 4m295
   button  5m294
  ephone  2
   device-security-mode none
   mac-address A44C.11A0.B566
   ephone-template 1
   max-calls-per-button 2
   username "xxx" password xxx
   type 525G2
   button  1:297 2:293 3m296 4m295
   button  5m294
  ephone  3
   device-security-mode none
   mac-address A44C.11A0.B5C4
   ephone-template 1
   max-calls-per-button 2
   username "xxx" password xxx
   type 525G2
   button  1:295 2:293 3m297 4m296
   button  5m294
  ephone  4
   device-security-mode none
   mac-address A44C.11A0.B67A
   ephone-template 1
   max-calls-per-button 2
   username "xxx" password xxx
   type 525G2
   button  1:294 2:293 3m297 4m296
   button  5m295
  alias exec cca_voice_mode PBX
  alias exec cca_vm_notification schedule from_time=00 to_time=24
  alias exec clid-ALL_BRI ;1:0-4;1:0-9;1:0-9;1:1-9
  alias exec clid-SIP ;1:1-9;1:1-9;1:1-9
  banner login ^CCisco Configuration Assistant. Version: 3.2 (3). Fri Jul 04 13:18:33 CEST 2014^C
  line con 0
   no modem enable
  line aux 0
  line 2
   no activation-character
   no exec
   transport preferred none
   transport input all
  line vty 0 4
   transport preferred none
   transport input all
  line vty 5 100
   transport preferred none
   transport input all
  ntp master
  ntp server 91.240.0.5 prefer
  en

  Hi Patrick
  I am working on this one as well. I have a UC560 with SIP Trunk provider Les.NET.
  It was working fine until a few weeks ago when something changed on the provider end and broke it. My hunch it is something to do with the SIP REFER.
  http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-express/91535-cme-sip-trunking-config.html
  Here is an excerpt from the above page:
  Call Transfer
  When a call comes in on an SIP trunk to an SCCP Phone or CUE AutoAttendant (AA) and is transferred, the CME by default will send a SIP REFER message to the SP proxy. Most SP Proxy Servers do not support the REFER method. This needs to be configured in order to force the CME to hairpin the call:
  Router(config)#voice service voip
  Router(conf-voi-serv)#no supplementary-service sip refer
  Figure 3 shows the behavior of the CME system with the REFER method disabled.

• Problem with Set/Get volume of input device with single channel

  from Symadept <[email protected]>
  to Cocoa Developers <[email protected]>,
  coreaudio-api <[email protected]>
  date Thu, Dec 10, 2009 at 2:45 PM
  subject Problem with Set/Get volume of input device with single channel
  mailed-by gmail.com
  hide details 2:45 PM (2 hours ago)
  Hi,
  I am trying to Set/Get Volume level of Input device which has only single channel but no master channel, then it fails to retrieve the kAudioDevicePropertyPreferredChannelsForStereo and intermittently kAudioDevicePropertyVolumeScalar for each channel. But this works well for Output device.
  So is there any difference in setting/getting the volume of input channels?
  I am pasting the downloadable link to sample.
  http://www.4shared.com/file/169494513/f53ed27/VolumeManagerTest.html
  Thanks in advance.
  Regards
  Mustafa
  Tags: MacOSX, CoreAudio, Objective C.

  That works but the the game will not be in full screen, it will have an empty strip at the bottom.
  I actually found out what's the problem. I traced the stageWidth and stageHeight during resizing event. I found out that when it first resized, the stage width and height were the size with the notification bar. So when I pass the stage into startling, myStarling = new Starling(Game,stage), the stage is in the wrong size. For some reason, I can only get the correct stage width and height after the third resizing event.
  So now I need to restart Starling everytime a resizing event happened. It gives me the right result but I am not sure it is a good idea to do that.
  And thanks a lot for your time kglad~I really appriciate your help.

• How to deal with single quote (') in a field value?

  I can successfully insert value with single quoet using
  Prepared statement with placeholder(?) construct .
  I can also successfuly use value with single quote(') in
  WHERE clause.
  My question is, is there a way to use string with single
  quote if a Statement like:
  String slqString ="INSERT INTO customers (name, address) VALUES ( 'O'Reilly Bob', 'St Mary's Street') ";
  Statement sqlStmt = con.createStatement();
  sqlStmt.executeUpdate(sqlString);
  The last statement will thow an SQLException because due to single quotes
  Any ideas?

  I think the question was regarding the ' in O'Reily. Use ' twice when using the Statement interface, i.e.
  ("O''Reilly Bob", "St Mary''s Street")
  So that's two single quotes, not a double quote, to successfully insert a single quote, if you know what I mean....
  But like you said PreparedStatement does things like this for you.