NICE recorder - one way or garbled audio over SIP trunk.

Customer with CUCM 10.5.2 trying to integrate with a NICE recording solution.  Everything configured per NICE documentation and rechecked that several times with the NICE vendor.  However, if calling to/from the PSTN or legacy Nortel PBX to a Cisco 78xx or IP Communicator soft phone - we get one-way audio pushed out the SIP trunk to the NICE system.  If it's a Cisco to Cisco phone call - the audio is garbled. 
Has anyone experienced this issue with this type of integration - or the same issue with a SIP trunk to the CUCM to another system at all?  We're at a loss here. 
Thank you.

This document should help you:
http://www.cisco.com/en/US/tech/tk652/tk698/technologies_tech_note09186a008009484b.shtml

Similar Messages

  • Third Party Phone over SIP Trunk with CUCM 9.x

    Hi all,
    I have a problem where my Third Party SIP phones wont go over the SIP trunk configured in my CUCM 9.x cluster. My Cisco phones work fine and goes out the trunk. I have noticed a distinct difference in wireshark with the invite packets from Third Party SIP phones and the Cisco ones.
    I have configured the SIP trunk in CUCM with the following route pattern (60.!#)and configured it with associated group and list. Heres the differense between the invite packets from Cisco and Third Party phones.
    Cisco Phone: INVITE sip.60xxxx%23@ipadress
    Third Party SIP Phone:  INVITE sip:[email protected]
    It seems the Cisco phones gets some extra configured the Third Party ones dont...
    Thanks in advance for any help.
    //Per

    Thanks for the answer
    Yeah i have DNS configured and i have the trunk pointed to a domain destination SRV record and like i said it works fine when calling from a Cisco phone. I tried changing the domain to an ip address but same result. I also changed the Plycom phone from being registered towards the domain of CUCM to an IP adress of CUCM and then the SIP INVITE messages in wireshark began to look kinda the same expet for the "%23" section but it still dont work.
    When i look at the Real Time Data in RTMT the orig and final called from the cisco phone has stripped the 60 and forwared the rest of the number towards the correct domain for the SIP trunk.
    When looking at the data from the Polycom phone the orig and final called data still contains the 60 prefix part and the called device name field is empty.  The termination Cause Code is that the number requested is Unallocated/Unassigned..
    In other words something is missing to get CUCM to strip 60 from the Polycom phones dialed number and send it towards the SIP trunk like it does when the Cisco phones call it.
    Unfortunatley i dont have the meens to attach the trace...
    Thanks again for any help/advice
    With regards, Per.

  • Best way to control audio over multiple slides-iMovie or QT Pro?

    I have a 30-slide presentation, and due to the horrendous handling of audio files by Keynote I need figure out the least painful way of controlling audio spanning multiple slides.
    My end goal is to have a Quicktime file to put on the web, and to burn to a CD or DVD for viewing on individual computers. There is audio spanning 3 slides (a Garageband mix with voiceover narration built in,)and different audio for background for different groups of slides.
    Least painful method to attempt this and get ACCURATE TIMING for the end product?

    Make a series of Keynote presentations, one for each complete audio track. Export each as a QuickTime DV (digital video) clip. Launch iMovie and import the clips into a single iMovie project; tweak each clip's audio, as necessary. Finally, export the assembled iMovie to your intended QuickTime format.

  • CM Register over SIP Trunk

    Hi guys,
    would it be possible to allow sip users to register over the sip trunk on the Call Manager? or is this method not allowed?
    Thanks.
    Best regards

    Hi Manish,
    between sip client and webrtc gw -> ws and between webrtc gw and CM -> sip.
    here are the sip messages.
    both phones are registered, 9000 is a 7912 and 8080 is sip.
    192.168.15.2 - CM
    192.168.15.202 - webrtc
    SEND: INVITE sip:[email protected] SIP/2.0
    Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
    From: <sip:[email protected]>;tag=400660433
    To: <sip:[email protected]>
    Contact: <sip:[email protected]:10060;ws-src-ip=192.168.251.105;ws-src-port=50731;ws-src-proto=ws;transport=udp>
    Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
    CSeq: 1875466830 INVITE
    Content-Type: application/sdp
    Content-Length: 978
    Max-Forwards: 70
    Authorization: Digest username="8080",realm="ccmsipline",nonce="gHqGqDWK4zTzv6Ijl6ixW58AK/Gm4yC6",uri="sip:[email protected]",response="352cb2e17e36b32ee4e0d52443d0a106",algorithm=MD5
    User-Agent: webrtc2sip Media Server 2.6.0
    v=0
    o=doubango 1983 678901 IN IP4 192.168.15.202
    s=-
    c=IN IP4 192.168.15.202
    t=0 0
    a=tcap:1 RTP/SAVPF RTP/SAVP RTP/AVPF
    m=audio 58690 RTP/AVP 8 0 101
    c=IN IP4 192.168.15.202
    a=ptime:20
    a=minptime:1
    a=maxptime:255
    a=silenceSupp:off - - - -
    a=rtpmap:8 PCMA/8000/1
    a=rtpmap:0 PCMU/8000/1
    a=rtpmap:101 telephone-event/8000/1
    a=fmtp:101 0-16
    a=acap:1 crypto:1 AES_CM_128_HMAC_SHA1_80 inline:1YfBfgbhIdMB6YVtyZgJqc77QPHwm9o42aEPbkHD
    a=acap:2 crypto:2 AES_CM_128_HMAC_SHA1_32 inline:fujGVOi70hQnKkeUimcFUw2bH3ajZ2iW0xKy5Nrw
    a=pcfg:1 t=1 a=1,2
    a=pcfg:2 t=2 a=1,2
    a=pcfg:3 t=3
    a=sendrecv
    a=rtcp-mux
    a=ssrc:4034073057 cname:c08c56217e96dbc1e8234373eb5d2fcc
    a=ssrc:4034073057 mslabel:6994f7d1-6ce9-4fbd-acfd-84e5131ca2e2
    a=ssrc:4034073057 label:doubango@audio
    a=ice-ufrag:uaektHZ6KFVn1fw
    a=ice-pwd:HAj21nuOrDmIKl3ANXTc3K
    a=candidate:tWR5PLw1x 1 udp 2130706431 192.168.15.202 58690 typ host
    a=candidate:tWR5PLw1x 2 udp 2130706430 192.168.15.202 58691 typ host
    RECV:SIP/2.0 100 Trying
    Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
    From: <sip:[email protected]>;tag=400660433
    To: <sip:[email protected]>
    Date: Wed, 19 Mar 2014 13:26:05 GMT
    Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
    CSeq: 1875466830 INVITE
    Allow-Events: presence
    Content-Length: 0
    RECV:SIP/2.0 401 Unauthorized
    Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
    From: <sip:[email protected]>;tag=400660433
    To: <sip:[email protected]>;tag=856401750
    Date: Wed, 19 Mar 2014 13:26:05 GMT
    Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
    CSeq: 1875466830 INVITE
    Allow-Events: presence
    WWW-Authenticate: Digest realm="ccmsipline", nonce="gHqGqDWK4zTzv6Ijl6ixW58AK/Gm4yC6", algorithm=MD5
    Content-Length: 0
    SEND: ACK sip:[email protected] SIP/2.0
    Via: SIP/2.0/UDP 192.168.15.202:10060;branch=z9hG4bK-1536671115;rport
    From: <sip:[email protected]>;tag=400660433
    To: <sip:[email protected]>;tag=856401750
    Call-ID: df093113-7c32-2a2f-2372-8af2dfbe9235
    CSeq: 1875466830 ACK
    Content-Length: 0
    Max-Forwards: 70
    Receiving SIP o/ WebSocket message: ACK sip:[email protected] SIP/2.0
    Via: SIP/2.0/WS df7jal23ls0d.invalid;branch=z9hG4bKZEk81zTwfVde8oImts6ZHiTzchfBWh1N;rport
    From: "8080"<sip:[email protected]>;tag=XFKqC4zu0S9QfzzMzQ4u
    To: <sip:[email protected]>;tag=1464334432
    Call-ID: ecc84fa2-3de3-d953-527f-5e7515cabca3
    CSeq: 29519 ACK
    Content-Length: 0
    Route: <sip:192.168.15.2:5060;lr;sipml5-outbound;transport=udp>
    Max-Forwards: 70
    Thanks.

  • Unity Connection not passing CallerID to CUCM over SIP Trunk

    I'm trying to get CallerID working for Unity Connection Device Notification (and it seems everything else), however, when I run UC Remote Port Status Monitor and the Call-Out goes to CUCM for the Device Notification, no caller ID is presented to the CUCM SIP trunk.
    06:06:02, New Call, CalledId=,  RedirectingId=,  Origin=16,  Reason=1024,  CallGuid=, 
    CallerName=,  LastRedirectingId=,  LastRedirectingReason=1024,  PortDisplayName=LFC_CUCM-1-134,
    [Origin=Unknown],[Reason=Unknown]
    06:06:02,
    Dialing '99254753'
    06:06:32, Idle
    06:06:33, Idle
    Therefore, the out-going call to the PRI PSTN is:
    10:59:01.005: ISDN Se0/0/0:23 Q931: TX -> SETUP pd = 8  callref = 0x5B03
            Sending Complete
            Bearer Capability i = 0x8090A2
                    Standard = CCITT
                    Transfer Capability = Speech
                    Transfer Mode = Circuit
                    Transfer Rate = 64 kbit/s
            Channel ID i = 0xA98397
                    Exclusive, Channel 23
            Calling Party Number i = 0x0081, N/A
                    Plan:Unknown, Type:Unknown
            Called Party Number i = 0xC1, '9254753'
                    Plan:ISDN, Type:Subscriber(local)
    *Dec  6 10:59:01.513: ISDN Se0/0/0:23 Q931: RX <- CALL_PR
    I've looked through my SIP trunk on the CUCM side and for Inbound Calls, Connected Line ID and Presentation Name are set to "allowed" or "default" doesn't make a difference. RTMT Port Status also shows no "caller", so I'm thinking there is some way to set or allow the calling number on the Unity Connection (8.5) side.
    Oddly enough, I also noticed that in Unity Connection> Telephony Integrations > Port Group, if I change the Contact Line Name from nothing to "Unity" (or whatever), the Q931 debug outbound doesn't show ANY "Calling Party Numer - = XXXXX" and the carrier throws out the BTN as the ANI.
    10:46:00.837: ISDN Se0/0/0:23 Q931: TX -> SETUP pd = 8  callref = 0x5AFF
            Sending Complete
            Bearer Capability i = 0x8090A2
                    Standard = CCITT
                    Transfer Capability = Speech
                    Transfer Mode = Circuit
                    Transfer Rate = 64 kbit/s
            Channel ID i = 0xA98397
                    Exclusive, Channel 23
            Called Party Number i = 0xC1, '9254753'
                    Plan:ISDN, Type:Subscriber(local)
    Any ideas on where/how CallerID comes from, on Unity Connection with a SIP integration?
    THANKS!!
    Mike.

    I did not- my work around has been to put in a name for Contact Line Name under Port Group Basics Switch configuration in Unity Connection- this for some reason keeps CUCM from sending ANI TYPE/PLAN information in the Q931 message, and my carrier then sends a default ANI of the circuit's BTN. When I have time, I'll open up a TAC ticket.
    Mike.

  • FXS one way media failure on VIC3

    Hi;
    I have an issue wherein the media fails on analogue calls in one direction only.
    Analogue connected to fxs port dials out over SIP trunk to IP handset on CO switch. After 30 seconds media from analogue fails but still works from  CO switch.
    voice-port 0/2/0
    cptone GB
    station-id 4043271717
    If someone could tell me what may cause this to happen so I may fix this this issue. Or some debug commands to run that would be great.
    debug voip dialpeer
    sh dialplan number 4043271717
    Unfortunately I am unable to post the configuration for you so please be patient and thank you for your support in advance.
    Tim

    So thanks for the assistance. After several wireshark traces and alot of percerverance I found that what was happening was the following:
    CO Switch setup the call CUBE terminated and negotiated the rtp ports.
    CUBE sends re-invite advertising its RTP port
    CO Switch sent out a new RTP port
    CUBE sends re-invite advertising its RTP port
    CO Switch sent out a new RTP port
    RTP stream is setup but the CUBE was still using the original RTP port.
    After speaking with the manufacturer of the CO switch we set it to answer duplicate invites and turned off early invite of SIP messages. This resulted in the CO switch sending the original RTP port in the 200ok with SDP back to the CUBE when the session timer was reached.
    Overall result two way audio....Problem solved.

  • No audio over HDMI

    So, I generally use Windows via Bootcamp on my 2012 Macbook Pro (15"), and I frequently hook it up to my projector and media center via an HDMI cable. Everything was working perfectly up until three days ago, when suddenly the laptop wouldn't send audio over HDMI. On the Windows side, I spent a couple days doing everything the internet said I should try (reinstalling drivers, rolling back drivers and updates, managine audio output devices, etc.) and never got anything. My graphics driver could see the HDMI device and said that there should be an HDMI device on my sound control, but it never showed up.
    I figured it was a problem with Windows, so I jumped over to the Mac side, where I'm running Mavericks. Just like the Windows side, video works flawlessly but there's no audio output. In Preferences, under "Sound" and "Output", I only see the speakers of my laptop and one AirPlay-compatible device that's set up in the room. Headphones work great. But there's no way to send audio over HDMI.
    Just to be safe, I installed a fresh version of Windows and a fresh version of Mavericks, and I'm still not getting anything. Is there something that I'm missing? Because right now it feels like it's a hardware issue, but there's no reason that it should be. And I'm confused about why I still have perfect HDMI video if it is a hardware issue.
    Any help on the issue would be greatly appreciated. Thanks!

    I should mention, by the way, that I ruled out issues with my HDMI cable or other hardware. I have tried multiple cables with the same results, and my roommates can all send audio over HDMI without problems.

  • Jabber for IPhone over AnyConnect VPN calls to SIP Gateway - One Way Audio

    Hello,
    I am wondering if anyone has seen this before.  I have the latest version of Anyconnect for the IPhone and Jabber app, running on the newest version of CUCM 8.6 and Jabber 8.6.
    The Jabber phone registers fine and I can make internal calls without an issue.  I also can make external calls to H323 and HGCP PRI gateways without an issue.  However, when I make a call from the Jabber client that goes out a SIP gateway and SIP trunk I get one way audio.  I do not see any packets even trying to leave inside interface of the ASA headed toward the SIP trunk IP.
    I've also verified that useing the same VPN profile I can make 2 way audio calls out the SIP trunk from a softphone running on windows.
    Anyone have any ideas what could be the problem?
    Thanks.

    Hi,
    try to disable early media on 180 under sip profile settings for jabber client.
    HTH
    Anas
    please rate if itnis helpful
    Sent from Cisco Technical Support Android App

  • One way audio over VPN

    I have 2 Cisco 1941 routers with a standard IPSec tunnel between them. Data works fine, but VoIP is encountering a one way audio issue where the remote site calling cannot be heard but they can hear me.  This seems to match what I'm seeing in encaps and decaps. The quesion I'm having is why would the remote site be encapsulating all packets but the office router isn't decaping these audio packets. I isolated one phone specifically so that's why the SA is for only 1 host.
    Thanks!
    OFFICE ROUTER
       protected vrf: (none)
       local  ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)
       remote ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)
       current_peer REMOTE_IP port 4500
         PERMIT, flags={origin_is_acl,}
        #pkts encaps: 4104, #pkts encrypt: 4104, #pkts digest: 4104
        #pkts decaps: 375, #pkts decrypt: 375, #pkts verify: 375
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts compr. failed: 0
        #pkts not decompressed: 0, #pkts decompress failed: 0
        #send errors 1, #recv errors 0
         local crypto endpt.: 192.168.0.227, remote crypto endpt.: REMOTE_IP
         path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0
         current outbound spi: 0x69C77389(1774678921)
         PFS (Y/N): N, DH group: none
         inbound esp sas:
          spi: 0xEA4A3FF9(3930734585)
            transform: esp-3des esp-sha-hmac ,
            in use settings ={Tunnel UDP-Encaps, }
            conn id: 2095, flow_id: Onboard VPN:95, sibling_flags 80000046, crypto map: VPN_MAP
            sa timing: remaining key lifetime (k/sec): (4409444/1207)
            IV size: 8 bytes
            replay detection support: Y
            Status: ACTIVE
    REMOTE ROUTER
       protected vrf: (none)
       local  ident (addr/mask/prot/port): (10.90.91.6/255.255.255.255/0/0)
       remote ident (addr/mask/prot/port): (192.168.0.0/255.255.0.0/0/0)
       current_peer IP_OFFICE port 4500
         PERMIT, flags={origin_is_acl,}
        #pkts encaps: 4055, #pkts encrypt: 4055, #pkts digest: 4055
        #pkts decaps: 4099, #pkts decrypt: 4099, #pkts verify: 4099
        #pkts compressed: 0, #pkts decompressed: 0
        #pkts not compressed: 0, #pkts compr. failed: 0
        #pkts not decompressed: 0, #pkts decompress failed: 0
        #send errors 0, #recv errors 0
         local crypto endpt.: IP_REMOTE, remote crypto endpt.: IP_OFFICE
         path mtu 1500, ip mtu 1500, ip mtu idb GigabitEthernet0/0
         current outbound spi: 0xEA4A3FF9(3930734585)
         PFS (Y/N): N, DH group: none

    Thanks Michal.
    1) I have taken these buffer captures. The capture associated with "outside" is short when compared with the number of packets from the "inside" capture in the amount that is most likely associated with the call we placed.
    2) Not NAT at all.
    3) No CBAC or ZBF, unless some default that I'm not aware of. Not sure off hand how to disable those.
    I did get this case through to TAC but after 3 hours we are left at comparing the capture buffers.

  • Whats the best way to fix audio recorded on a smartphone?

    So I have to re-edit this previously done video and all I have to do is change the audio introduction, unfortunately the VO person is out of town with no access to professional audio equipment and all he can do is record the intro on his phone (literally one line) and text it to me so I can insert it. The rest of the audio remains the same
    We just did that, but as expected the audio doesn't sound as "clear" as the previously recorded one. I basically just have to insert the new audio line and just keep the rest of the audio as last months. I do have music and sound effects in the background but since Im not an expert on audio effects, my question to you fellow editors is.... what audio effects or procedures do you recommend to clean up this audio, there is no background noises (its clean), it just sounds a little "over modulated" I guess, it just sounds rough, as if it was recorded on a phone (well it was!)
    If anybody had experience with a similar situation Id sincerely appreciate the advice. Please keep in mind Im not an expert on Audition so if you can help me out please do so with a very precise explanation.
    Thank you!

    It may sound a little like ryclark is joshing with you, but I'm afraid he isn't.
    You can't ever process a recording to make the quality better than the original. You may be able to reduce the background noise a little, and alter the frequency response, but the distortion inherent in it remains, whatever you do - there's no such thing as an un-distortion (this is what your over-modulated sound is) plugin. And I have to say that anybody who eventually figures out how to carry out this seemingly impossible task will clean up; it could easily be the most expensive plugin ever! So as he says, either re-record the lot, or add some trash to what you've already got. Or do what I'd do, and get somebody completely different to re-do the introduction. That, I'm afraid, is the most precise explanation I can give you about what you should - or indeed have - to do.

  • Is there any way i can record a video with 2 audio sources?

    I want to be able to record a video with 2 audio sources (1 being a mic and the other being a guitar, both plugged in by usb's) while recording myself playing at the same time. I usually use an aucoustic but the sound is obviously much better when i plug straight in, is there any way i can do this without recording everything seperate? Im using a macbook pro.

    Are you looking to do post recording adjustments to the separate tracks? That really determines now you do this.
    If you not looking for multitrack recording (you just want to combine the two signal into one and record that) then probably the easiest thing to do would be to get an external mixer that would accept multiple inputs and output as  USB . Then you could set the levels with the mixer and just worry about recording the one signal.
    You could try using the MIDI Audio Setup app to create an aggregate device (one that will accept multiple inputs).
    There is also the 3rd party app Soundflower. It's an app that takes audio signals and allows you to route them between apps and to combine audio signals. It is dated but still works in 10.8
    regards

  • One way live audio-video streaming

    Hi
    First of all I want to be honest that I am a beginner with
    FMS2, actually I must have missed much not using it so far. So,
    excuse me, I am sure you will find my problem very easy to solve.
    Having a little experience with Flash I tried to do the
    following: I have 2 PC's in LAN. One of them has camera and
    microphone. I want to stream audio and video to the other computer
    - I only need 1-way live streaming audio-video connection.
    I have read some docs about streaming with FMS2 but I
    couldn't find out which of the PC's should have FMS2 (and Web
    server) - the one with camera and microphone or the other. And if
    the camera and microphone are on the server how audio and viveo
    should be captured and streamed to the client?
    I really need your help. Any idea would be appreciated.
    Thanks in advance!

    Thank you friends!
    Actually I managed to sort out the problem. And the problem
    was that I had not used before FMS at all. After I have read more
    documentation I established the connection using 2 PC-s (one to
    publish and one to plaY) and the 3-rd for FMServer and Web Server.
    By the way there was a little confusion about local and
    network access of .swf files, but now it is okay.
    Now I have a new challenge - to record published stream to
    files, for example about 30 minutes long. I want to record and
    store all them continuously - having all the records for 3 days for
    example. I am not sure now how to do that but I am working on it.
    Anyway, thank you for your assistance!

  • I have two Ipod's one of my Ipod's won't sync the library over to my Mac. So i'm stuck with the songs I bought from Itunes. And I can't find a way to put them over.

    A year ago I bought an Imac to replace my broken Laptop. I have two Ipod touches. They both shared the same Library of CD and Itunes music. Until I synced the Ipod to my Itunes account on my Imac. And it wiped the CD songs from that Ipod, and just uploaded the Itunes songs. Uploading the songs Via CD isn't an option any more as I moved quite a bit, so CD's are all scratched like mad. I still have all the CD songs left on one Ipod, and when connected to Itunes I have access to the CD songs. But can't transfer them over to my Library. I'm too scared to Sync it incase I lose all my CD songs forever. Help

    The music sync is one way - computer to ipod.  The only exception is ituens purchases.  The ipod is not a backup device.
    Copy everything from the old computer or your backup copy of your old computer, to the new one.

  • Bizarre! One-Way Audio all of a sudden.

    I have a 7940 connected to an ASA5505 version 9.1(4) (originally connected on a DOCSIS 3 cable modem)  which has a site-to-site VPN tunnel that terminates on a Cisco 1841 and CCM 6.1 it's been working perfectly forever.
    Recently I switched to a fibre optic connection (instead of the cable modem) and now I have one-way audio.  Everything else works perfectly (access to CIFS/SMB file shares, FTP, telnet, SSH) though the tunnel and it behaves as it always did except a lot faster on fibre (80 ms ping down to 6 ms). The fibre ISP delivers various services (IPTV, Internet, etc.) via different VLANs so their Internet vlan is 802.1q tag 35.
    So the configuration was:
    interface Ethernet0/0
     switchport access vlan 6
    interface Vlan6
     nameif outside
     security-level 0
     ip address dhcp setroute
    and now it is:
    interface Ethernet0/0
     switchport trunk allowed vlan 33-36
     switchport mode trunk
    interface Vlan35
     mac-address 109f.xxxx.xxxx
     nameif outside
     security-level 0
     ip address dhcp setroute
    and now I have one-way audio (I can hear the other end but they can't hear me). Everything else works perfectly (e.g. call setup, dialling touch tones, etc.). As the change is so subtle (just the outside interface) I am baffled and don't know where to begin troubleshooting this.  In fact when it happened I was sure it was just a problem with the handset cord but I can "hear" my voice echoing back a bit.  I'm keeping the DOCSIS 3 cable Internet until I get this sorted out but of course now paying for two Internet connections so don't want to have to do that any longer than I have to.
    Any insight or suggestions on how to proceed very much appreciated.

    Well I sort of found the problem but not yet the solution. I had to switch to an ASA5505 with the Security Plus license to get the trunk I needed. If I take out the trunk (so the same configuration will work on an ASA with the base license) and get raw Internet connectivity another way (so I don't need the trunk) I have one ASA that works and one that doesn't.
    They both are running 9.1(4) and have identical configurations (copied to both with TFTP).
    The ASA with the Security Plus license has one way audio, the base license ASA does not.
    I also uploaded both configurations to a unix box and did a diff:
    <  switchport trunk allowed vlan 33-36
    <  switchport mode trunk
    >  switchport access vlan 6
    39a39,43
    > interface Vlan6
    >  nameif outside
    >  security-level 0
    >  ip address dhcp setroute
    > !
    46,51d49
    < interface Vlan35
    <  mac-address 109f.a943.f36a
    <  nameif outside
    <  security-level 0
    <  ip address dhcp setroute
    < !
    86d83
    < mtu dmz 1500
    88c85
    < no failover
    > mtu dmz 1500
    So it's a bug, revealed by the security plus license as they have identical software and identical configurations and act differently.  Not sure how to work around it yet as I have to use another router temporarily to not require the trunk and the performance is less than stellar with that in the mix. I also upgraded 9.1(4) to 9.2(1) on both - no joy, still the same.

  • Ldapbind failed over SSL  (U2 – "one way", "U3-two way") from Oracle DB to

    Hi
    I am facing the below error when I try ldapbind (database server to OID) over SSL (U2 – “one way”, “U3-two way”)
    *** ACTION NAME:() 2010-09-29 07:09:46.691
    *** MODULE NAME:(sqlplus@alddbux01 (TNS V1-V3)) 2010-09-29 07:09:46.691
    *** SERVICE NAME:(SYS$USERS) 2010-09-29 07:09:46.691
    *** SESSION ID:(121.274) 2010-09-29 07:09:46.691
    kzld_discover received ldaptype: OID
    KZLD_ERR: DB-OID SSL auth failed. Err=0
    KZLD is doing LDAP unbind
    KZLD_ERR: found err from kzldini
    Environment details:
    OID Server:
    OS: Enterprise Linux Enterprise Linux AS release 5.3
    Hostname : aldidmux02
    Oracle Internet Directory 11.1.1.2.0
    Realm in this OID is “dc=mycmsc,dc=com”
    Oracle Database Server:
    OS: Sun Solrais 5.10
    Oracle Database 10g Enterprise Edition Release 10.2.0.4.0 - 64bit Production
    Hostname: alddbux01
    Key points:
    1.     As per metalink notes 466662.1, I am trying to setup EUS between DB - OID.
    First difference I see here is OID version (10.1.4.0.1) in notes & using OID 11g (11.1.1.2.0) in my environment for testing.
    a)     Are these steps applicable for OID11g(11.1.1.2.0) version?
    b)     If not please provide me the references for achieving ldap authentication from Oracle database server with OID 11g as ldap user repository.
    c)     As per task1 > step3 For the first time oidctl command is used to connect & start the instance before starting services using opmnctl. What is the procedure to do the same in OID11g?
    2.     Wallet certificates in my environment OID & Database server status shows “Ready”

    Is it possible to get an answer on this one from someone who knows?
    "Leif Kristian Vadseth" <[email protected]> wrote in
    message news:[email protected]..
    In WLS 6.0 I was able to configue the server SSL protocol so that when
    accessing the server (web application) from a web browser over https, the
    browser showed a list of matching installed client certificates that the
    client can choose, but the client could choose not to present his/hers
    certificate and still continue to access the requested resources.
    In WLS 6.1 I have not been able to repeat this behaviour, even if the SSL
    configuration is exactly the same.
    The project I work in wants to have both one-way SSL (using only username
    and password for authentication) and two-way SSL (using both
    username/password and certificate for authentication) in the same server.
    Is it possible to configure the server the way I want or do we have to
    configue two servers; one that does not require mutual authentication, and
    one that requires this?
    Leif Kristian Vadseth

Maybe you are looking for