CES/CEP in Intranet with single forest
In which scenario CES/CEP are preferred over Certificate Request Wizard (or alternatives) for requesting certificates when in Intranet with single forest?
I have read article http://social.technet.microsoft.com/wiki/contents/articles/7734.certificate-enrollment-web-services-in-active-directory-certificate-services.aspx#Intranet_with_a_Single_Forest.
In scenario when non domain joined users use perimeter CES for certificate renewal (http://social.technet.microsoft.com/wiki/contents/articles/7734.certificate-enrollment-web-services-in-active-directory-certificate-services.aspx#Renewal_Only_Mode) is it
correct to request original certificate using other way then internal CES/CEP?
> In which scenario CES/CEP are preferred over Certificate Request Wizard (or alternatives) for requesting certificates when in Intranet with single forest?
1) CEP/CES do not replace certificate request wizard.
2) CEP/CES in internal domains are preferred when you want to completely hide CA servers from forest members. For example, you put CAs in a dedicated VLAN with limited access (though, CA servers should have a full connectivity with domain controllers), so
only CES service can contact ICertRequest interface on CA server.
My weblog: en-us.sysadmins.lv
PowerShell PKI Module: pspki.codeplex.com
PowerShell Cmdlet Help Editor pscmdlethelpeditor.codeplex.com
Check out new: SSL Certificate Verifier
Check out new:
PowerShell FCIV tool.
Similar Messages
-
Identity firewall with Single Forest/Multi-Domain
I have a question with regard to setting up the ID firewall on the ASA 5585 in a single forest, multiple domain windows network.
Currently I have a semi-operational IDF at the top level but can't find users on the lower other domains, here is the setup:
I have 3 domains.
domain1.test.com
domain2.domain1.test.com
domain3.domain2.domain1.test.com
Both domains have a two way parent-child trust and I can look for users in AD Users/Computer on both domains. I initially setup the ASA to look at domain1.test.com using an LDAP aaa-server per the IDF instructions, and then proceeded to configure the ad-agent. I installed the adagent on the domain1.test.com domain controller configured the settings on that system and had no problem adding users to the firewall and getting functionality within domain1. I looked to see if I could see domain 2 and domain 3 users and found none. I went ahead and added the domain2 system to the adagent on the DC and the system says that it is up, but when I search for users is not pulling them from domain2. Instead, it shows domain1 users as domain2\user1. I also configured another adserver in the ASA to search ldap on domain 2 to no avail.
The cisco documentation states the following:
•Before you configure even a single domain controller machine using the adacfg dc create command, ensure that the AD Agent machine is first joined to a domain (for example, domain J) that has a trust relationship with each and every domain (for example, domain D[i]) that it will monitor for user authentications (through the domain controller machines that you will be configuring on the AD Agent machine).
Single Forest, Multiple Domains—All the domains in a single forest already have an inherent two-way trust relationship with each other. Thus, the AD Agent must first be joined to one of the domains, J, in this forest, with this domain J not necessarily being identical to any of the domains D[i] corresponding to the domain controller machines. Because of the inherent trust relationship between domain J and each of the domains D[i], there is no need to explicitly configure any trust relationships.
Reading that it sounds like it should just work. I had everything properly configured before I installed the adagent, but I'm guessing that there is a chance that you can't have the adagent on the top level DC and get to communicate with the lower level domains. I wanted to ask though before I blow everything up and start over. The instructions are not overwhelming clear on what needs to done in this scenario. Suggestions?Hi Matthew,
If I understand your post correctly, the problem is that the ASA is unable to search users in domain2, correct? This portion of the communication is unrelated to the AD Agent, but it sounds like the Agent can talk to the DC just fine. The ASA searches for users directly on the DC via LDAP queries. The communication between the ASA and the Agent is all done via RADIUS.
If the above is correct, I would focus on why the LDAP queries are failing between the ASA and the domain2 DC. Feel free to open a TAC case on this as well for additional assistance from the AAA experts.
-Mike -
Non domain-joined Clients (CES/CEP)
Hello Everyone!
This is my first post to the security forum and it is not an overly familiar tech for me so please be gentle. :)
I am looking at building a lab to test a web based application for a client. The client has very stringent security requirements and as such have mandated the need for both the web server to be secured using SSL certs and requires the connecting
users to have a certificate. The infrastructure will be hosted in a central DC in it's own AD forest whilst the users connecting in will have their own AD as they work for different companies. Each user will have an AD account within the hosted
environment. My initial thought was to provide public certs for the web servers but my problem was providing certificates to the clients. Clearly using public certs would be very expensive. After a bit of research I stumbled across the following:
http://blogs.technet.com/b/askds/archive/2010/05/25/enabling-cep-and-ces-for-enrolling-non-domain-joined-computers-for-certificates.aspx
What I am trying to understand is, will the combination of Certificate services & CES/CEP effectively do away with the need for public certs in this instance? Can I simply use the internal authority to publish certificates to the web server and
to the end users?Yes - I think this is one of the scenarios CES/CEP have been developed for.
End users would have to trust your internal CA and validate the chain, so intermediate CAs should be found via AIA URLs. But since you need user - not computer - certificates this is simpler than described in the article as users do not need to be local
admins to import a root. (But on principle the admin of a user's home AD could restrict this though I have never encountered that.)
You would need to publish the CES/CEP services via a reverse proxy and external users would have to configure the enrollment HTTP URLs and enter their AD credentials in the hosted AD when connecting.
As users have imported your CA certificate they will also trust the web server's certificate issued from the same CA.
Elke -
How many ADFS farms can you have in a single forest/single domain?
Hi
I may have some terminology incorrect...please let me know if I do. :)
My question is, how many ADFS farms can you have in a single forest/single domain? If you want to know why I am asking...please read on.
We have 1 ADFS Farm and we are looking adding services to it. However not every cloud vendor provides a "Identity Broker" with there services.
We have a consultant that is advising that we need to enable a SAML-based IdP-initiated single sign-on (SSO) ie using "IdpInitiatedSignOnPage"
However to do this we need to modify the ADFS website to have "drop down" list so the user can select the "Relying Party" and then authentication with them.
This means we are exposing a list of every company/party we have federated with. The exposure of this information, is deemed a security concern by our company....which I agree with.
So the consultant advises that we need a separate ADFS farm. I have searched online, but haven't found any information that confirms multiple ADFS farms can be implemented in a single forest/single domain.
Thanks for reading and if you have any other suggestions...I'd appreciate it.
NyobiThis is not exactly FIM related question - there is ADFS forum available on Technet. However - technically there is no limit of ADFS farms in a forest \ domain. It is just a service which uses AD and is not altering it in any way or storing some forest-wide
information like Exchange. So you can setup two ADFS services in single forest - no problem.
If it is a best solution to your problem? I can't say with that limited information but maybe just customization of pages on ADFS side would be enough?
Tomek Onyszko, memberOf Predica FIM Team (http://www.predica.pl), IdAM knowledge provider @ http://blog.predica.pl -
Exchange 2003 migrate to Exchange 2010 - single forest multiple domain. Active Sync problem
Hi All,
I have AD single forest and multiple domain. for example, the forest domain is jakarta.co.id, and the other domain is bali.co.id.
Exchange 2003 deployed in jakarta.co.id, User mail enabled in domain jakarta.co.id and bali.co.id.
Then, I upgrade to Exchange 2010 (deploy in jakarta.co.id) and move mailbox from Exchange 2003 to Exchange 2010.
All users in bali.co.id are able to access email from Owa, BlackBerry (BIS), Outlook, but cannot access from Android, Windows Phone. (Active-Sync).
I got error information generated from https://testconnectivity.microsoft.com, as following:
Attempting the FolderSync command on the Exchange ActiveSync session.
The test of the FolderSync command failed.
Tell me more about this issue and how to resolve it
Additional Details
Exchange ActiveSync returned an HTTP 500 response (Internal Server Error).
Active-Sync still not work even I check option "Include inheritable permissions from this object" in security tab.
any idea to fix this issue?
Thanks.
Endrik
Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread.Hi Sathish,
We are planning to migrate Exchange 2003 to Exchange 2013, all user already in Exchange 2010 and Exchange 2003 was decommissioned
Event Viewer log as following:
Log Name: Application
Source: MSExchange ActiveSync
Date: 1/17/2014 10:00:48 PM
Event ID: 1008
Task Category: Requests
Level: Warning
Keywords: Classic
User: N/A
Computer: EXC2010.jakarta.co.id
Description:
An exception occurred and was handled by Exchange ActiveSync. This may have been caused by an outdated or corrupted Exchange ActiveSync device partnership. This can occur if a user tries to modify the same item from multiple computers. If this is the case,
Exchange ActiveSync will re-create the partnership with the device. Items will be updated at the next synchronization.
URL=/Microsoft-Server-ActiveSync/default.eas?Cmd=Sync&User=bali%5Csteveng&DeviceId=SAMSUNG123456789&DeviceType=SAMSUNGGTN7000
--- Exception start ---
Exception type: Microsoft.Exchange.AirSync.AirSyncPermanentException
Exception message: A null value was received for the NTSD security descriptor of container CN=ExchangeActiveSyncDevices,CN=Steven Gerrard,OU=IT,DC=bali,DC=co,DC=id.
Exception level: 0
HttpStatusCode: 500
AirSyncStatusCode: 110
XmlResponse:
This request does not contain a WBXML response.
Exception stack trace: at Microsoft.Exchange.AirSync.ADDeviceManager.SetActiveSyncDeviceContainerPermissions(ActiveSyncDevices container)
at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDeviceContainer(Boolean retryIfFailed)
at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime, Boolean retryIfFailed)
at Microsoft.Exchange.AirSync.ADDeviceManager.CreateActiveSyncDevice(GlobalInfo globalInfo, ExDateTime syncStorageCreationTime)
at Microsoft.Exchange.AirSync.Command.UpdateADDevice(GlobalInfo globalInfo)
at Microsoft.Exchange.AirSync.Command.CompleteDeviceAccessProcessing()
at Microsoft.Exchange.AirSync.Command.WorkerThread()
--- Exception end ---.
I think KB817379 is not related because Exchange 2003 was decommissioned.
Regards,
Endrik
Endrik | blog: itendrik.wordpress.com Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading
the thread. -
Scenario for a single forest model
Kind greetings.
Could anybody please help me to know the best suited scenarios for a single forest model?
I would be much appreciated. Thank you.Hi Tino,
Thanks for your reply.
The deployment below is a simple environment with a single domain in a single forest, you can take it as an example:
Server1: Domain Controller and DNS server (only one NIC with a static IP address and DNS server points to itself)
Server2: Domain member (in the same subnet with Server1, DNS server points to Server1)
Install AD DS in server manager on server1, choose Create a new forest on Choose a Deployment Configuration page. On the Domain Controller Options page, select DNS server option and create the first domain controller with DNS role in a new forest.
Then promote server1 to a Domain Controller. After that, add Server2 to the domain.
More information:
Installing a New Forest by Using the Graphical User Interface (GUI)
http://technet.microsoft.com/en-us/library/cc755059(v=ws.10).aspx
How to Join Your Computer to a Domain
http://technet.microsoft.com/en-us/library/bb456990.aspx
Best regards,
Susie -
Multiple Hierarchies in Single Forest
Hi,
I’m really struggling to understand how SCCM 2012 would work in this scenario.
We have a single forest with 3 child domains. In the first of the child domains we have a SCCM 2007 hierarchy and in the second we have a SCCM 2012 hierarchy. We’d like to install a new hierarchy in the parent domain which will support clients in the third
domain (and longer term the other two).
If we install a primary server in the parent domain and allow it to publish it’s MP to the Sys Man container, will the SCCM clients in the existing child domains (with SCCM installations) query AD and attempt to use the primary server in the parent
domain?
Thanks,
GarethThe answer is both yes and no. It will all depend on how you setup your boundaries. If the clients are not withing the boundaries then they will not try to use it.
Garth Jones | My blogs: Enhansoft and
Old Blog site | Twitter:
@GarthMJ -
SCCM 2012 AD Publishing in a Single Forest Multiple Domains
Hi there,
Let me explain the situation first so that you get the idea. We have a single forest, multiple child domains AD environment. For some reasons each domain is being managed separately by their geographic location IT.
Forest has been extended for SCCM by the site who holds the forest root domain. Since everyone wants to manage their own domain and systems, each child domain have their own primary site server.
In one of the domains I have installed brand new SCCM 2012 R2. I haven't done anything yet, havent turned on any discovery except Heartbeat. Now I see one device, which belongs to another domain with totally separate IP address, shows in my SCCM site. I dont
know why.
From here question arises for me. Correct me if I'm wrong and please advice what to do domain/forest wide.
1. System Container is needed in each child domain, not in the forest, right?
2. Where does/should each SCCM primary site publish information; in each domain or in the forest root domain?
3. Under Administration > Overview > Site Configuration > Sites > Properties > Publishing I see forest root domain name and its checked.
Under Administration > Overview > Hierarchy Configuration > Active Directory Forests > Properties > Publishing my site is checked and its the only one in there. In that same window I went ahead and specified my own domain hoping
to cure the possible problem.
So, why would that one device show up in this site? I have disabled Heartbeat together with other discoveries for now till I make everything ready.
Thanks for your help in advance.1. Under Administration > Overview > Site Configuration > Sites > Properties > Publishing If I uncheck forest root domain will devices on my child domain still be able to find my site server?
2. Under Administration > Overview > Hierarchy Configuration > Active Directory Forests > Properties > Publishing my site is checked and its the only one in there. In that same window I went ahead and specified my own domain
hoping to cure the possible problem. Is this a good practice?
3. "When clients look for ConfigMgr info, they use GC lookups meaning they return objects from every System Management container in the forest." So, which one do clients choose and how?
4. "For that one device, have you opened its properties and examined it?" Yes, what abou it? Its found based on Heartbeat Discovery agent (when heartbeat was enabled).
5. "Have you reviewed the boundaries and boundary groups set up for site assignment?" Yes, as I mentioned this device belongs to different domain and totally outside of my AD site and SCCM boundaries.
This is fresh install and not in production yet. I have disabled Heartbeat temporarily so that I fix this problem. I will enable it after. -
Lync Server 2013 Deployment - Cross domain within Single Forest
Hello Team,
We have 5 separate domains in a Single Forest with two-way trust between domains. We are planning to deploy Lync 2013 On-Premise across all domains.
1) What would be best possible approach to deploy Lync Servers ?
2) We are planning to get 16000 Users (spread across 5 different domains) on Lync account, Can we have a Single pool managing all users ?
3) What high availability options should we opt for ?Hello Saleesh,
Thanks for the update.
I could just go ahead with below steps, Could you advise ?
1) add additional sip domains as part of Lync pool configuration
2) Install Certificates on all the domains
3) update DNS suffix for all the domains - Any other changes i need to do with respect to DNS.
4) Web publishing rules - Do i need to add seperate simple URLS for all domains ?
5) Should i do any further changes on Office web app servers to make sure it works for all users from 5 seperate domains.
Thanks,
Shady -
Configuring JCo3 Connection Pool with single sign on on non SAP Java server
Hi Everyone,
i have configured a connection pool on JBoss as per JCo3 Documentation and is working great.
Now I need help to configure this connection pool with single sign on so that RFc on SAP ECC systems are executed using end users credential rather than using single user name password used to configure JCo connection pool.
On SAP Java stack I am sure its possible within Java WebDynpro and i assume using JCA resource adapter. But what if we don't want to use SAP Java App server.
Any help will be appreciated.
Thanks,
Divyakumar JainEason, 你好!
I have exactly the same problem. Did you find a solution to this problem? If so, please let me know! -
Dynamic SQL and Data with Single Quotes in it.
Hi There,
I have a problem in that I am using dynamic SQL and it happens that one of the columns does contain single quotes (') in it as part of the data. This causes the resultant dynamic SQL to get confused as the single quote that is part of the data is taken to mean end of sting, when in fact its part of the data. This leaves out a dangling single quote that was meant to enclose the string. Here is my dynamic SQL and the result of the parsed SQL that I have captured:
****Dynamic SQL*****
l_sql:='select NOTE_TEMPLATE_ID '||
'FROM TMP_NOTE_TEMPLATE_VALUES '||
'where TRIM(LEGACY_NOTE_CODE)='''||trim(fp_note_code)||''' '||
'and TRIM(DISPLAY_VALUE)='''||trim(fp_note_text)||''' ';
execute immediate l_sql INTO l_note_template_id;
Because the column DISPLAY_VALUE contains data with single quotes, the resultant SQL is:
******PARSED SQL************
select NOTE_TEMPLATE_ID
FROM TMP_NOTE_TEMPLATE_VALUES
where TRIM(LEGACY_NOTE_CODE)='INQ' and TRIM(DISPLAY_VALUE)='Cont'd'
And the problem lies with the single quote between teh characters t and d in the data field for DISPLAY_ITEM. How can I handle this?
Many thanks,I have been reliably informed that if one doesn't enclose char/varchar2 data items in quotes, the right indices may not be usedI am into oracle for past 4 years and for the first time i am hearing this.
Your reliable source is just wrong. Bind variables are variables that store your value and which are used in SQL. They are the proper way to use values in your SQL. By default all variables in PL/SQL is bind variable.
When you can do some thing in just straight SQL just do it. Dynamic SQL does not make any sense to me here.
Thanks,
Karthick. -
AP Tax Calculation issue with SINGLE TAX vs TAX GROUP
Hi Gurus,
i need your help on below, please advise!!
i have to calculate ap VAT tax on AP invoice,
(Rounding = nearest, precession=2, tax calcualtion= Include tax)
if i calculate 5% is the tax rate, then the tax amount is 0.47cents,this is in case of single tax calculation.
here my requirement was i need calculate 2 Taxes(TAX A AND TAX B (Rates are 5 AND 5%)
EG:
Invoce Base amount = 10 dollars
in case of single tax = 5/105 * 10 = 0.4761 cents(this is 48cents in apps with rouning nearest and precession 2)
tax mode = Include tax
In case of tax group = Tax A and Tax B = 5 + 5 = 10%, when i calculate this in apps its showing 45cents and 45 cents as tax A and B
why this tax caluclation is different with single tax and tax group.
tax code actual amount tax amount remaining amount
single tax 10 0.4761 10 - 0.48cents = 9.52 cents
tax group 10 45+45=90 cents 9.10 cents
Please Help !!!
Thanks,
SatishHi Vineeth,
This is Kathy from BSI Support. I wanted to make sure that you understood that the TF80 Like Reciprocal flag was made available in TF90 for testing purposes only. This was meant as a tool for customers to be able to compare their TF90 results to their TF80 output, to insure a successful upgrade. This funcitonality, however, was never intended to be utilized going forward. There have been significant changes implemented in BSI TaxFactory 9.0 regarding multi-state withholding (also known as reciprocity). There is information available on our website that explains these changes. If you log onto our website, please look under the "Whats New" section for an explanation of reciprocal functionality in BSI TaxFactoryu2122 9.0
If you have specific scenarios that you need help with, please contact us and we will be happy to assist you.
Regards,
BSI Support - Kathy -
SIP Trunk - No voice with Single Number Reach
Hi Community.
I setup SIP Trunk with the CCA. Everything is working Call In and Call Out. Call Forward and so on.
But with Single Number reach is something wrong. The mobile phone is ringing and I can get the call, but I hear not any voice.
Can someone please help me out? Below the config.
version 15.1
parser config cache interface
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service internal
service compress-config
service sequence-numbers
dot11 ssid cisco-data
vlan 1
authentication open
dot11 ssid cisco-voice
vlan 100
authentication open
ip source-route
ip cef
ip dhcp relay information trust-all
ip dhcp excluded-address 10.1.1.1 10.1.1.9
ip dhcp excluded-address 10.1.1.241 10.1.1.255
ip dhcp pool phone
network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
option 150 ip 10.1.1.1
ip domain name site1.365873.trk.ipvoip.ch
ip name-server 8.8.8.8
ip inspect WAAS flush-timeout 10
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp router-traffic
ip inspect name SDM_LOW udp router-traffic
ip inspect name SDM_LOW vdolive
no ipv6 cef
multilink bundle-name authenticated
stcapp ccm-group 1
stcapp
isdn switch-type basic-net3
voice call send-alert
voice rtp send-recv
voice service voip
ip address trusted list
ipv4 0.0.0.0 0.0.0.0
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
supplementary-service h450.12
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw
sip
registrar server expires max 3600 min 3600
localhost dns:site1.365873.trk.ipvoip.ch
no update-callerid
voice class codec 1
codec preference 1 g711alaw
voice register global
mode cme
source-address 10.1.1.1 port 5060
load 9971 sip9971.9-2-2
load 9951 sip9951.9-2-2
load 8961 sip8961.9-2-2
timezone 23
voice source-group CCA_SIP_SOURCE_GROUP_CUE_CME
access-list 2
translation-profile incoming SIP_Incoming
voice source-group CCA_SIP_SOURCE_GROUP_EXTERNAL
access-list 3
voice translation-rule 9
rule 1 /0041449475090/ /90/
rule 2 /0041449475091/ /91/
rule 3 /0041449475092/ /92/
rule 4 /0041449475093/ /93/
rule 5 /0041449475094/ /94/
rule 6 /0041449475095/ /95/
rule 7 /0041449475096/ /96/
rule 8 /0041449475097/ /97/
rule 9 /0041449475098/ /98/
rule 10 /0041449475099/ /99/
voice translation-rule 410
rule 1 /^0\(.*\)/ /\1/
rule 15 /^..$/ /0041449475090/
voice translation-rule 411
rule 1 /^0\(.*\)/ /ABCD0\1/
voice translation-rule 412
rule 1 /^ABCD\(.*\)/ /\1/
voice translation-rule 422
rule 15 /^ABCD\(.*\)/ /\1/
voice translation-rule 1000
rule 1 /.*/ //
voice translation-rule 1111
rule 1 /^9\([1-9]\)$/ /004144947509\1/
rule 15 /^..$/ /0041449475090/
voice translation-rule 1112
rule 1 /^0/ //
voice translation-rule 2000
rule 1 /0041449475098/ /98/
voice translation-rule 2001
rule 1 /0041449475097/ /97/
voice translation-rule 2002
rule 1 /^6/ //
voice translation-rule 2222
voice translation-profile AA_Profile
translate called 2001
voice translation-profile CALLER_ID_TRANSLATION_PROFILE
translate calling 1111
voice translation-profile CallBlocking
translate called 2222
voice translation-profile OUTGOING_TRANSLATION_PROFILE
translate called 1112
voice translation-profile PSTN_CallForwarding
translate redirect-target 410
translate redirect-called 410
voice translation-profile PSTN_Outgoing
translate calling 1111
translate called 1112
translate redirect-target 410
translate redirect-called 410
voice translation-profile SIP_Called_9
translate calling 3265
translate called 9
voice translation-profile SIP_Incoming
translate called 411
voice translation-profile SIP_Passthrough
translate called 412
voice translation-profile SIP_Passthrough_CallBlocking
translate called 422
voice translation-profile VM_Profile
translate called 2000
voice translation-profile XFER_TO_VM_PROFILE
translate redirect-called 2002
voice translation-profile nondialable
translate called 1000
voice-card 0
dspfarm
dsp services dspfarm
fax interface-type fax-mail
license udi pid UC540W-BRI-K9 sn FGL163220SL
archive
log config
logging enable
logging size 600
hidekeys
username admin privilege 15 secret xxx
username xxx password 0 ""
username xxx password 0 ""
ip tftp source-interface Loopback0
bridge irb
interface Loopback0
description $FW_INSIDE$
ip address 10.1.10.2 255.255.255.252
ip access-group 101 in
ip nat inside
ip virtual-reassembly in
interface FastEthernet0/0
description $FW_OUTSIDE$
no ip address
ip inspect SDM_LOW out
ip virtual-reassembly in
ip verify unicast reverse-path
load-interval 30
shutdown
duplex auto
speed auto
interface Integrated-Service-Engine0/0
description cue is initialized with default IMAP group
ip unnumbered Loopback0
ip nat inside
ip virtual-reassembly in
service-module ip address 10.1.10.1 255.255.255.252
service-module ip default-gateway 10.1.10.2
interface FastEthernet0/1/0
no ip address
macro description cisco-desktop
spanning-tree portfast
interface FastEthernet0/1/1
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/2
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/3
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/4
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/5
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/6
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/7
switchport voice vlan 100
no ip address
macro description cisco-phone
spanning-tree portfast
interface FastEthernet0/1/8
no ip address
macro description cisco-desktop
spanning-tree portfast
interface BRI0/1/0
no ip address
isdn switch-type basic-net3
isdn point-to-point-setup
isdn incoming-voice voice
isdn sending-complete
isdn static-tei 0
interface BRI0/1/1
no ip address
shutdown
isdn switch-type basic-net3
isdn point-to-point-setup
isdn incoming-voice voice
isdn sending-complete
isdn static-tei 0
interface Dot11Radio0/5/0
no ip address
ssid cisco-data
ssid cisco-voice
speed basic-1.0 basic-2.0 basic-5.5 6.0 9.0 basic-11.0 12.0 18.0 24.0 36.0 48.0 54.0
station-role root
antenna receive right
antenna transmit right
interface Dot11Radio0/5/0.1
encapsulation dot1Q 1 native
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 spanning-disabled
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
interface Dot11Radio0/5/0.100
encapsulation dot1Q 100
bridge-group 100
bridge-group 100 subscriber-loop-control
bridge-group 100 spanning-disabled
bridge-group 100 block-unknown-source
no bridge-group 100 source-learning
no bridge-group 100 unicast-flooding
interface Vlan1
no ip address
bridge-group 1
bridge-group 1 spanning-disabled
interface Vlan100
no ip address
bridge-group 100
bridge-group 100 spanning-disabled
interface BVI1
description $FW_INSIDE$
ip address 192.168.10.2 255.255.255.0
ip access-group 102 in
ip nat inside
ip virtual-reassembly in
interface BVI100
description $FW_INSIDE$
ip address 10.1.1.1 255.255.255.0
ip access-group 103 in
ip nat inside
ip virtual-reassembly in
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http path flash:/gui
ip dns server
ip nat inside source list 1 interface FastEthernet0/0 overload
ip route 0.0.0.0 0.0.0.0 192.168.10.1
ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 10.1.10.0 0.0.0.3
access-list 2 remark CCA_SIP_SOURCE_GROUP_ACL_INTERNAL
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.10.2
access-list 2 permit 10.1.10.0 0.0.0.3
access-list 2 permit 192.168.10.0 0.0.0.255
access-list 2 permit 10.1.1.0 0.0.0.255
access-list 3 remark CCA_SIP_SOURCE_GROUP_ACL_EXTERNAL
access-list 3 remark SDM_ACL Category=1
access-list 3 permit 212.147.47.216
access-list 3 deny any
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny ip 192.168.10.0 0.0.0.255 any
access-list 100 deny ip host 255.255.255.255 any
access-list 100 deny ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 101 remark SDM_ACL Category=1
access-list 101 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 101 permit udp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 101 deny ip 10.1.1.0 0.0.0.255 any
access-list 101 deny ip 192.168.10.0 0.0.0.255 any
access-list 101 deny ip 192.168.1.0 0.0.0.255 any
access-list 101 deny ip host 255.255.255.255 any
access-list 101 deny ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip any any
access-list 102 remark auto generated by SDM firewall configuration##NO_ACES_6##
access-list 102 remark SDM_ACL Category=1
access-list 102 deny ip 10.1.10.0 0.0.0.3 any
access-list 102 deny ip 10.1.1.0 0.0.0.255 any
access-list 102 deny ip 192.168.1.0 0.0.0.255 any
access-list 102 deny ip host 255.255.255.255 any
access-list 102 deny ip 127.0.0.0 0.255.255.255 any
access-list 102 permit ip any any
access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 103 remark SDM_ACL Category=1
access-list 103 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 permit udp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 deny ip 10.1.10.0 0.0.0.3 any
access-list 103 deny ip 192.168.10.0 0.0.0.255 any
access-list 103 deny ip 192.168.1.0 0.0.0.255 any
access-list 103 deny ip host 255.255.255.255 any
access-list 103 deny ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
access-list 104 remark auto generated by SDM firewall configuration##NO_ACES_14##
access-list 104 remark SDM_ACL Category=1
access-list 104 deny ip 10.1.10.0 0.0.0.3 any
access-list 104 deny ip 10.1.1.0 0.0.0.255 any
access-list 104 permit ip any any
access-list 104 permit udp host 8.8.8.8 eq domain any
access-list 104 permit icmp any any echo-reply
access-list 104 permit icmp any any time-exceeded
access-list 104 permit icmp any any unreachable
access-list 104 deny ip 10.0.0.0 0.255.255.255 any
access-list 104 deny ip 172.16.0.0 0.15.255.255 any
access-list 104 deny ip 192.168.0.0 0.0.255.255 any
access-list 104 deny ip 127.0.0.0 0.255.255.255 any
access-list 104 deny ip host 255.255.255.255 any
access-list 104 deny ip host 0.0.0.0 any
access-list 104 deny ip any any
control-plane
bridge 1 route ip
bridge 100 route ip
voice-port 0/0/0
cptone CH
station-id name FAX
station-id number 99
caller-id enable
voice-port 0/0/1
cptone CH
shutdown
caller-id enable
voice-port 0/0/2
cptone CH
shutdown
caller-id enable
voice-port 0/0/3
cptone CH
shutdown
caller-id enable
voice-port 0/1/0
compand-type a-law
cptone CH
bearer-cap Speech
voice-port 0/1/1
compand-type a-law
cptone CH
bearer-cap Speech
voice-port 0/4/0
auto-cut-through
signal immediate
input gain auto-control -15
description Music On Hold Port
sccp local Loopback0
sccp ccm 10.1.1.1 identifier 1 version 4.0
sccp
sccp ccm group 1
associate ccm 1 priority 1
associate profile 2 register mtpa4934c6ee4e0
dspfarm profile 2 transcode
description CCA transcoding for SIP Trunk VTX
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 10
associate application SCCP
dial-peer cor custom
name internal
name local
name local-plus
name international
name national
name national-plus
name emergency
name toll-free
dial-peer cor list call-internal
member internal
dial-peer cor list call-local
member local
dial-peer cor list call-local-plus
member local-plus
dial-peer cor list call-national
member national
dial-peer cor list call-national-plus
member national-plus
dial-peer cor list call-international
member international
dial-peer cor list call-emergency
member emergency
dial-peer cor list call-toll-free
member toll-free
dial-peer cor list user-internal
member internal
member emergency
dial-peer cor list user-local
member internal
member local
member emergency
member toll-free
dial-peer cor list user-local-plus
member internal
member local
member local-plus
member emergency
member toll-free
dial-peer cor list user-national
member internal
member local
member local-plus
member national
member emergency
member toll-free
dial-peer cor list user-national-plus
member internal
member local
member local-plus
member national
member national-plus
member emergency
member toll-free
dial-peer cor list user-international
member internal
member local
member local-plus
member international
member national
member national-plus
member emergency
member toll-free
dial-peer voice 1 pots
destination-pattern 99
port 0/0/0
no sip-register
dial-peer voice 2 pots
port 0/0/1
no sip-register
dial-peer voice 3 pots
port 0/0/2
no sip-register
dial-peer voice 4 pots
port 0/0/3
no sip-register
dial-peer voice 5 pots
description ** MOH Port **
destination-pattern ABC
port 0/4/0
no sip-register
dial-peer voice 6 pots
description tcatch all dial peer for BRI/PRIv
translation-profile incoming nondialable
incoming called-number .%
direct-inward-dial
dial-peer voice 50 pots
description ** incoming dial peer **
incoming called-number ^AAAA$
direct-inward-dial
port 0/1/0
dial-peer voice 51 pots
description ** incoming dial peer **
incoming called-number ^AAAA$
direct-inward-dial
port 0/1/1
dial-peer voice 2000 voip
description ** cue voicemail pilot number **
translation-profile outgoing XFER_TO_VM_PROFILE
destination-pattern 98
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 2001 voip
description ** cue auto attendant number **
translation-profile outgoing PSTN_CallForwarding
destination-pattern 97
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 2012 voip
description ** cue prompt manager number **
translation-profile outgoing PSTN_CallForwarding
destination-pattern 96
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 1000 voip
permission term
description ** Incoming call from SIP trunk (VTX) **
session protocol sipv2
session target sip-server
incoming called-number .%
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
fax rate 14400
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1001 voip
corlist outgoing call-local
description ** star code to SIP trunk (VTX) **
destination-pattern *..
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
fax rate 14400
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1003 voip
description ** Passthrough Inbound Calls for PSTN from CUE **
translation-profile incoming SIP_Passthrough
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
incoming called-number ABCDT
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 1005 voip
description ** Passthrough Inbound Calls for MWI from CUE **
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
incoming called-number A80T
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 1009 voip
description ** Passthrough Inbound Calls for Internal Extensions from CUE **
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
incoming called-number ^..$
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 1033 voip
corlist outgoing call-local
description **CCA*Switzerland*Short Code Services**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 0187
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1042 voip
corlist outgoing call-emergency
description **CCA*Switzerland*Ambulance / Poisioning**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 0014[45]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1041 voip
corlist outgoing call-emergency
description **CCA*Switzerland*REGA Air Rescue**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 00333333333
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1025 voip
corlist outgoing call-national
description **CCA*Switzerland*National Destination Numbers**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00[789]1.......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1020 voip
corlist outgoing call-national
description **CCA*Switzerland*Regional Announcement VM**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 01600
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1040 voip
corlist outgoing call-emergency
description **CCA*Switzerland*REGA Air Rescue**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 000333333333
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1043 voip
corlist outgoing call-emergency
description **CCA*Switzerland*Ambulance / Poisioning**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 014[45]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1035 voip
corlist outgoing call-national
description **CCA*Switzerland*Mobile Numbers**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 007[46789].......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1024 voip
corlist outgoing call-national-plus
description **CCA*Switzerland*Personal Numbering**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00878......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1029 voip
corlist outgoing call-national
description **CCA*Switzerland*Voicemail Access**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00860.........
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1036 voip
corlist outgoing call-national
description **CCA*Switzerland*VPN Access**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00869.............
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1027 voip
corlist outgoing call-national-plus
description **CCA*Switzerland*Premium Rate (Business)**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00900......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1026 voip
corlist outgoing call-national
description **CCA*Switzerland*Test Numbers**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00868T
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1034 voip
corlist outgoing call-national-plus
description **CCA*Switzerland*Shared Cost numbers**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 0084[0248]......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1038 voip
corlist outgoing call-emergency
description **CCA*Switzerland*Emergency**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 0011[278]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1037 voip
corlist outgoing call-toll-free
description **CCA*Switzerland*Toll Free Numbers**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00800......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1039 voip
corlist outgoing call-emergency
description **CCA*Switzerland*Emergency**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 011[278]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1032 voip
corlist outgoing call-national
description **CCA*Switzerland*National Destination Numbers**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 00[23456]........
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1023 voip
corlist outgoing call-international
description **CCA*Switzerland*International Calls**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 000T
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1031 voip
description **CCA*Switzerland*Premium Rate (Social)**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 0090[16]......
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1030 voip
corlist outgoing call-national
description **CCA*Switzerland*Short Code**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 014[0357]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1045 voip
corlist outgoing call-emergency
description **CCA*Switzerland*REGA/Glaciers Air Rescue**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 0141[45]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1028 voip
corlist outgoing call-national-plus
description **CCA*Switzerland*Directory Enquiries**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 018[15].
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1021 voip
corlist outgoing call-national
description **CCA*Switzerland*Short Code**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 011[45].
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1022 voip
corlist outgoing call-national
description **CCA*Switzerland*Short Code Services**
translation-profile outgoing PSTN_Outgoing
preference 1
destination-pattern 01[67].
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 1044 voip
corlist outgoing call-emergency
description **CCA*Switzerland*REGA/Glaciers Air Rescue**
translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
preference 1
destination-pattern 00141[45]
session protocol sipv2
session target sip-server
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
dial-peer voice 2002 voip
description ** cue voicemail PSTN number **
translation-profile outgoing VM_Profile
destination-pattern xxx$
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 2003 voip
description ** cue auto attendant PSTN number **
translation-profile outgoing AA_Profile
destination-pattern xxx$
b2bua
session protocol sipv2
session target ipv4:10.1.10.1
voice-class sip outbound-proxy ipv4:10.1.10.1
dtmf-relay rtp-nte
codec g711ulaw
no vad
dial-peer voice 1110 pots
preference 9
destination-pattern xxx
port 0/0/0
no sip-register
dial-peer voice 3006 voip
description SIP
translation-profile incoming SIP_Called_9
session protocol sipv2
session target sip-server
incoming called-number xxx.
voice-class codec 1
voice-class sip dtmf-relay force rtp-nte
dtmf-relay rtp-nte
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad
no dial-peer outbound status-check pots
sip-ua
keepalive target dns:site1.365873.trk.ipvoip.ch
authentication username xxx password 7 xxx
no remote-party-id
retry invite 2
retry register 10
timers connect 100
timers keepalive active 100
registrar dns:site1.365873.trk.ipvoip.ch expires 3600
sip-server dns:site1.365873.trk.ipvoip.ch
host-registrar
telephony-service
sdspfarm units 5
sdspfarm transcode sessions 10
sdspfarm tag 2 mtpa4934c6ee4e0
video
fxo hook-flash
max-ephones 40
max-dn 300
ip source-address 10.1.1.1 port 2000
auto assign 1 to 1 type bri
calling-number initiator
service phone videoCapability 1
service phone ehookenable 1
service phone ehookEnable 1
service dnis overlay
service dnis dir-lookup
service dss
timeouts interdigit 5
system message SwissT.Net
url services http://10.1.10.1/voiceview/common/login.do
url authentication http://10.1.10.1/voiceview/authentication/authenticate.do
cnf-file location flash:
cnf-file perphone
user-locale U4 load CME-locale-de_DE-German-8.1.2.2.tar
network-locale U4
load 521G-524G cp524g-8-1-17
load 525G spa525g-7-5-4
load 501G spa50x-30x-7-5-2b
load 502G spa50x-30x-7-5-2b
load 504G spa50x-30x-7-5-2b
load 508G spa50x-30x-7-5-2b
load 509G spa50x-30x-7-5-2b
load 525G2 spa525g-7-5-4
load 301 spa50x-30x-7-5-2b
load 303 spa50x-30x-7-5-2b
time-zone 23
time-format 24
date-format dd-mm-yy
keepalive 30 auxiliary 4
voicemail 98
max-conferences 8 gain -6
call-forward pattern .T
call-forward system redirecting-expanded
hunt-group logout HLog
moh flash:/media/music-on-hold.au
multicast moh 239.10.16.16 port 2000
web admin system name cisco secret 5 xxx
dn-webedit
time-webedit
transfer-system full-consult dss
transfer-pattern .T
transfer-pattern 0.T
transfer-pattern 6.. blind
secondary-dialtone 0
night-service day Sun 17:00 09:00
night-service day Mon 17:00 09:00
night-service day Tue 17:00 09:00
night-service day Wed 17:00 09:00
night-service day Thu 17:00 09:00
night-service day Fri 17:00 09:00
night-service day Sat 17:00 09:00
fac standard
create cnf-files version-stamp Jan 01 2002 00:00:00
ephone-template 1
url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
service phone webAccess 0
softkeys remote-in-use Newcall
softkeys idle Redial Pickup Mobility Newcall Cfwdall Gpickup Dnd Login
softkeys seized Cfwdall Endcall Redial Pickup Gpickup Callback
softkeys connected Hold Endcall Trnsfer Mobility TrnsfVM Confrn Acct Park
button-layout 7931 2
ephone-template 15
url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
softkeys remote-in-use Newcall
softkeys idle Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
softkeys seized Cfwdall Endcall Redial Pickup Gpickup Callback
softkeys connected Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
button-layout 7931 2
ephone-template 16
url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
softkeys remote-in-use Newcall
softkeys idle Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
softkeys seized Cfwdall Endcall Redial Pickup Gpickup Callback
softkeys connected Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
ephone-template 17
url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
softkeys remote-in-use CBarge Newcall
softkeys idle Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
softkeys seized Cfwdall Endcall Redial Pickup Gpickup Callback
softkeys connected Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
ephone-template 18
url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
softkeys remote-in-use CBarge Newcall
softkeys idle Redial Newcall Mobility Cfwdall Pickup Gpickup Dnd Login
softkeys seized Cfwdall Endcall Redial Pickup Gpickup Callback
softkeys connected Hold Endcall Mobility Trnsfer TrnsfVM Confrn Acct Park
button-layout 7931 2
ephone-dn 9
number BCD no-reg primary
description MoH
moh out-call ABC
ephone-dn 292
number xxx
description SIP Main Number registration
preference 10
ephone-dn 293 dual-line
number 90 secondary xxx no-reg both
label Zentrale
description 90
name Zentrale
call-forward busy 98
call-forward noan 98 timeout 20
ephone-dn 294 dual-line
number 94 secondary xxx no-reg both
label LL
description Lehrling Lehrnende
name Lehrling Lehrnende
mobility
snr xxx delay 1 timeout 30 cfwd-noan 98
snr ring-stop
call-forward busy 98
call-forward noan 98 timeout 20
ephone-dn 295 dual-line
number 93 secondary xxx no-reg both
label CM
description
name
snr xxx delay 1 timeout 30 cfwd-noan 98
snr ring-stop
call-forward busy 98
call-forward noan 98 timeout 10
ephone-dn 296 dual-line
number 92 secondary xxx no-reg both
label EE
description
name
mobility
call-forward busy 98
call-forward noan 98 timeout 20
ephone-dn 297 dual-line
number 91 secondary xxx no-reg both
label RS
description
name
mobility
snr xxx delay 1 timeout 30 cfwd-noan 98
snr ring-stop
call-forward busy 98
call-forward noan 98 timeout 10
ephone-dn 298
number 6.. no-reg primary
description ***CCA XFER TO VM EXTENSION***
call-forward all 98
ephone-dn 299
number A801.. no-reg primary
mwi off
ephone-dn 300
number A800.. no-reg primary
mwi on
ephone 1
device-security-mode none
mac-address A44C.11A0.B648
ephone-template 1
max-calls-per-button 2
username "xxx" password xxx
type 525G2
button 1:296 2:293 3m297 4m295
button 5m294
ephone 2
device-security-mode none
mac-address A44C.11A0.B566
ephone-template 1
max-calls-per-button 2
username "xxx" password xxx
type 525G2
button 1:297 2:293 3m296 4m295
button 5m294
ephone 3
device-security-mode none
mac-address A44C.11A0.B5C4
ephone-template 1
max-calls-per-button 2
username "xxx" password xxx
type 525G2
button 1:295 2:293 3m297 4m296
button 5m294
ephone 4
device-security-mode none
mac-address A44C.11A0.B67A
ephone-template 1
max-calls-per-button 2
username "xxx" password xxx
type 525G2
button 1:294 2:293 3m297 4m296
button 5m295
alias exec cca_voice_mode PBX
alias exec cca_vm_notification schedule from_time=00 to_time=24
alias exec clid-ALL_BRI ;1:0-4;1:0-9;1:0-9;1:1-9
alias exec clid-SIP ;1:1-9;1:1-9;1:1-9
banner login ^CCisco Configuration Assistant. Version: 3.2 (3). Fri Jul 04 13:18:33 CEST 2014^C
line con 0
no modem enable
line aux 0
line 2
no activation-character
no exec
transport preferred none
transport input all
line vty 0 4
transport preferred none
transport input all
line vty 5 100
transport preferred none
transport input all
ntp master
ntp server 91.240.0.5 prefer
enHi Patrick
I am working on this one as well. I have a UC560 with SIP Trunk provider Les.NET.
It was working fine until a few weeks ago when something changed on the provider end and broke it. My hunch it is something to do with the SIP REFER.
http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-express/91535-cme-sip-trunking-config.html
Here is an excerpt from the above page:
Call Transfer
When a call comes in on an SIP trunk to an SCCP Phone or CUE AutoAttendant (AA) and is transferred, the CME by default will send a SIP REFER message to the SP proxy. Most SP Proxy Servers do not support the REFER method. This needs to be configured in order to force the CME to hairpin the call:
Router(config)#voice service voip
Router(conf-voi-serv)#no supplementary-service sip refer
Figure 3 shows the behavior of the CME system with the REFER method disabled. -
Problem with Set/Get volume of input device with single channel
from Symadept <[email protected]>
to Cocoa Developers <[email protected]>,
coreaudio-api <[email protected]>
date Thu, Dec 10, 2009 at 2:45 PM
subject Problem with Set/Get volume of input device with single channel
mailed-by gmail.com
hide details 2:45 PM (2 hours ago)
Hi,
I am trying to Set/Get Volume level of Input device which has only single channel but no master channel, then it fails to retrieve the kAudioDevicePropertyPreferredChannelsForStereo and intermittently kAudioDevicePropertyVolumeScalar for each channel. But this works well for Output device.
So is there any difference in setting/getting the volume of input channels?
I am pasting the downloadable link to sample.
http://www.4shared.com/file/169494513/f53ed27/VolumeManagerTest.html
Thanks in advance.
Regards
Mustafa
Tags: MacOSX, CoreAudio, Objective C.That works but the the game will not be in full screen, it will have an empty strip at the bottom.
I actually found out what's the problem. I traced the stageWidth and stageHeight during resizing event. I found out that when it first resized, the stage width and height were the size with the notification bar. So when I pass the stage into startling, myStarling = new Starling(Game,stage), the stage is in the wrong size. For some reason, I can only get the correct stage width and height after the third resizing event.
So now I need to restart Starling everytime a resizing event happened. It gives me the right result but I am not sure it is a good idea to do that.
And thanks a lot for your time kglad~I really appriciate your help. -
How to deal with single quote (') in a field value?
I can successfully insert value with single quoet using
Prepared statement with placeholder(?) construct .
I can also successfuly use value with single quote(') in
WHERE clause.
My question is, is there a way to use string with single
quote if a Statement like:
String slqString ="INSERT INTO customers (name, address) VALUES ( 'O'Reilly Bob', 'St Mary's Street') ";
Statement sqlStmt = con.createStatement();
sqlStmt.executeUpdate(sqlString);
The last statement will thow an SQLException because due to single quotes
Any ideas?I think the question was regarding the ' in O'Reily. Use ' twice when using the Statement interface, i.e.
("O''Reilly Bob", "St Mary''s Street")
So that's two single quotes, not a double quote, to successfully insert a single quote, if you know what I mean....
But like you said PreparedStatement does things like this for you.
Maybe you are looking for
-
Ipod touch generation 1 updgrade to 4.0
I got a used generation 1 ipod touch that has 3.1.3 OS but I need 4.0 to download new app.... how can I get this?
-
For the head authorities of Lenovo please kindly have a look
Respected sir, i am siva sandeep one of your customer of lenovo.i have purchased a laptop on sep 24rth 2013 from past one week onwards my laptop can't get in to the UEFI BIOS and Boot menu i can no longer access bios to boot from cd/dvd.Finally aft
-
I have just signed in to licensing.adobe.com to download Acrobat 9 Pro setup. It is not available for download. In my account, I see the serial numbers for all Acrobat versions (7, 9, and 10) that I have purchased. However, only Acrobat 10 Pro is ava
-
SAFARI QUITS WHEN TRYING TO OPEN PDF'S
Every time i link to an PDF file safari Unexpectedly quits. This happens over and over again regardless of the website from where the PDF comes from. Can anyone help this annoyance.
-
I checked SM37 for one of the logs that were triggered by process chains. I noticed that the log saids the following: Step 001 started (program RSPROCESS, variant &0000000000068, user ID BIREMOTE) Version 'M' of chain ZPC_0MATERIAL_ATTR was saved wit