Cisco 876: political phase 2 SA is not acceptable!

Hello!

I want to configure a Cisco VPN Client vpn tunnel in the internet on a fritzbox to Cisco 876 (Version 15.1 (4) M3) so that the vpn tunnel is connected to the Cisco 876.

For this reason I used the command "map mymap crypto" fastethernet int 1. When I try to connect, the VPN Client opens the user name and password but then stops with the message "not connected". When I "debug crypto isakmp" Cisco 876 displays the message:

"phase 2 policy is not acceptable."

Here is the output of "show run":

See the race

Building configuration...

Current configuration: 1993 bytes

!

version 15.1

no service button

horodateurs service debug datetime msec

Log service timestamps datetime msec

no password encryption service

!

hostname Fernwartung

!

boot-start-marker

boot-end-marker

!

!

enable password xxxx

!

AAA new-model

!

!

AAA authentication login AutClient local

yyyyyyy AAA authentication login line

AAA authorization groupauthor LAN

!

!

!

!

!

AAA - the id of the joint session

Crypto pki token removal timeout default 0

!

!

dot11 syslog

IP source-route

!

!

!

IP cef

!

!

!

!

VTP transparent mode

username password yyyyyyy-group 0 zzzzzzz

!

!

VLAN 101

!

!

!

!

crypto ISAKMP policy 10

BA 3des

preshared authentication

Group 2

!

ISAKMP crypto client configuration group yyyyyyy

zzzzzzz key

pool ippool

Crypto isakmp VPNclient profile

yyyyyyy group identity match

client authentication list AutClient

ISAKMP authorization list groupauthor

client configuration address respond

!

!

Crypto ipsec transform-set esp-3des esp-sha-hmac RIGHT

!

Crypto-map dynamic dynmap 5

Set transform-set RIGHT

Define VPNclient isakmp-profile

!

!

map mymap 10-isakmp ipsec crypto dynamic dynmap

!

!

!

!

interface BRI0

no ip address

encapsulation hdlc

Shutdown

!

ATM0 interface

no ip address

Shutdown

No atm ilmi-keepalive

!

interface FastEthernet0

no ip address

!

interface FastEthernet1

switchport access vlan 101

no ip address

crypto mymap map

!

interface FastEthernet2

no ip address

!

interface FastEthernet3

no ip address

!

interface Vlan1

IP address

IP access-group 103 to

!

interface Vlan101

IP address

!

IP local pool ippool

IP forward-Protocol ND

no ip address of the http server

no ip http secure server

!

IP route 0.0.0.0 0.0.0.0

!

access-list 103 permit ip host host Journal

!

!

!

!

!

!

control plan

!

!

Line con 0

password xxxxxxx

login authentication yyyyyyy

no activation of the modem

line to 0

line vty 0 4

transport of entry all

!

end

Any help would be appreciated. Thank you very much for your help!

Crypto card must be applied to the interface VLAN, not the physical interface.

You must apply for a card encryption on Vlan101

Tags: Cisco Security

Similar Questions

  • Client access VPN from Cisco 876 does not work

    Hello

    I have the router Cisco 876 (with 12.4 (4) T2 IOS) and Cisco VPN client worm. 4.6.02).

    I am trying to configure my router as a VPN concentrator for 2 groups, but the implementation of tunnel fails already with the negotiation of parameters. Please find attached config and the «debug crypto isakmp» output Ethereal trace is also included (the customer has to IP: 172.24.4.61, interface of routers is 172.24.34.67).

    I tried to downgrade to IOS and changed the platform at 2821, but with the same result.

    Let me know if you can see the problem.

    Thank you!

    Lubomir

    C876 config:

    votre_nom #sh run

    Building configuration...

    Current configuration: 2457 bytes

    !

    version 12.4

    horodateurs service debug datetime msec

    Log service timestamps datetime msec

    no password encryption service

    !

    hostname yourname

    !

    boot-start-marker

    boot-end-marker

    !

    logging buffered 51200 warnings

    !

    AAA new-model

    !

    !

    Konzola AAA authentication login no

    local VPN_access AAA authentication login

    local VPN_access AAA authorization network

    !

    AAA - the id of the joint session

    !

    resources policy

    !

    IP subnet zero

    IP cef

    !

    !

    !

    !

    no ip domain search

    !

    !

    !

    username privilege 15 secret xxxx cisco

    !

    !

    !

    crypto ISAKMP client configuration USERS group

    two key

    pool USERS_pool

    !

    Configuration group customer crypto isakmp ADMIN

    a key

    pool ADMIN_pool

    Crypto isakmp USERS_Profile profile

    Group USERS of identity match

    list of authentication of client VPN_access

    VPN_access of ISAKMP authorization list.

    initiate client configuration address

    client configuration address respond

    Crypto isakmp ADMIN_Profile profile

    Group of ADMIN identity match

    list of authentication of client VPN_access

    VPN_access of ISAKMP authorization list.

    initiate client configuration address

    client configuration address respond

    !

    !

    Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac

    !

    crypto dynamic-map ADMIN 1

    game of transformation-ESP-3DES-MD5

    ADMIN_Profile Set isakmp-profile

    market arriere-route

    !

    crypto dynamic-map USERS 1

    game of transformation-ESP-3DES-MD5

    USERS_Profile Set isakmp-profile

    market arriere-route

    !

    !

    map VPN_Pristup 1-isakmp dynamic ipsec ADMIN crypto

    card crypto VPN_Pristup 2-isakmp dynamic ipsec USERS

    !

    !

    !

    !

    interface BRI0

    no ip address

    encapsulation hdlc

    Shutdown

    !

    ATM0 interface

    no ip address

    Shutdown

    No atm ilmi-keepalive

    DSL-automatic operation mode

    !

    interface FastEthernet0

    !

    interface FastEthernet1

    !

    interface FastEthernet2

    !

    interface FastEthernet3

    !

    interface Vlan1

    IP 172.24.34.67 255.255.255.0

    IP tcp adjust-mss 1452

    card crypto VPN_Pristup

    !

    IP pool local USERS_pool 10.1.1.10 10.1.1.20 USERS group

    IP pool local ADMIN_pool 10.2.1.10 10.2.1.20 group ADMIN

    IP classless

    IP route 0.0.0.0 0.0.0.0 172.24.34.1

    !

    !

    IP http server

    local IP http authentication

    IP http secure server

    IP http timeout policy slowed 5 life 86400 request 10000

    !

    not run cdp

    !

    !

    control plan

    !

    !

    Line con 0

    authentication of the connection Konzola

    no activation of the modem

    line to 0

    line vty 0 4

    privilege level 15

    transport input telnet ssh

    line vty 5 15

    privilege level 15

    transport input telnet ssh

    !

    max-task-time 5000 Planner

    end

    votre_nom #.

    votre_nom #.

    Hello

    where is isakmp policy commands crypto. In short, you have not configured the phase 1...

    * 06:07:20.347 Mar 1: ISAKMP: (0): atts are not acceptable. Next payload is 0

    * 06:07:20.351 Mar 1: ISAKMP: (0): no offer is accepted!

    * 1 Mar 06:07:20.351: ISAKMP: (0): phase 1 SA policy is not acceptable! (local 172.24.34.67 remote 172.24.4.61)

    http://www.Cisco.com/en/us/partner/products/sw/secursw/ps2308/products_configuration_example09186a00801c4246.shtml

    Vikas

  • Cisco vpn client to connect but can not access to the internal network

    Hi all

    I have a VPN configured on cisco 5540. My vpn was working fine, but suddenly there is a question that the cisco vpn client to connect but can not access to the internal network

    Any help would be much appreciated.

    Hi Samir,

    I suggest that you go to the ASA and check the configuration to make sure that it complies with the requirements according to the reference below link:

    http://www.Cisco.com/en/us/products/ps6120/products_configuration_example09186a00805734ae.shtml

    (The link above includes split tunneling, but this is just an option.

    Please paste the output of "sh cry ipsec his" here so that we can check if phase 2 is properly trained. I would say as you go to IPSEC vpn client on your PC and check increment in packets sent and received in the window 'status '.

    Let me know if this can help,

    See you soon,.

    Christian V

  • VPN site to Site, Phase 2 is do not fit correctly and no connectivity

    Hi all

    I am facing a problem with configuring VPN from Site to Site of my HO one of the remote site.

    My remote site got the subnet(192.168.10.0/24) LAN, we use also in HO. Remote site wish to access certain servers in HO 192.168.200.0/24&192.168.80.0/24.So we did a NAT policy distance from the ASA 192.168.10.0/24 subnet remote site to 192.168.175.0/24 translation site while reaching the end of the HO.

    The VPN the two phases are coming, but not able to reach my iam connectivity. I can see are encapsulating the packets from the remote site and decapsulating in HO, but opposite side does not (i.e. no encapsulation at the end of HO) & no decapsulation at the end of remote site.

    a question, I noted at the end of HO "sh crypto ipsec his" shows a different card is attached to it. This cryptomap we have for our remote access VPN is displayed in the ipsec his. Please see the configuration and the output below...

    Tag crypto map: non-retail-VPN, seq num: 3, local addr: x.x.x.x

    local ident (addr, mask, prot, port): (192.168.200.0/255.255.255.0/0/0)
    Remote ident (addr, mask, prot, port): (192.168.175.0/255.255.255.0/0/0)
    current_peer: x.x.x.x

    I can see hits on my crypto access list, and the two phases are coming. kindly help to solve the problem...

    Thanks in advance...

    MIKAEL

    Config of HO ASA
    ------------------------------
    crypto ISAKMP policy 1
    preshared authentication
    3des encryption
    sha hash
    Group 2
    life 86400

    Crypto ipsec transform-set httsa-Morocco-set esp-3des esp-sha-hmac

    card crypto ENOCMAP 23 matches the acl-httsamorocco address
    card crypto ENOCMAP 23 set counterpart x.x.x.x
    card crypto ENOCMAP 23 the transform-set httsa-Morocco-set value
    card crypto ENOCMAP 23 defined security-association life seconds 28800
    card crypto ENOCMAP 23 set reverse-road
    ENOCMAP interface card crypto outside
    crypto ISAKMP allow outside

    tunnel-group x.x.x.x type ipsec-l2l
    tunnel-group ipsec-attributes x.x.x.x
    pre-shared key *.

    permit access list acl-sheep line 127 scope ip 192.168.80.0 255.255.255.0 192.168.175.0 255.255.255.0
    permit access list acl-sheep line 128 scope ip 192.168.200.0 255.255.255.0 192.168.175.0 255.255.255.0

    access list acl-httsamorocco line 1 permit extended 192.168.200.0 ip 255.255.255.0 192.168.175.0 255.255.255.0 (hitcnt = 23)
    permit access list acl-httsamorocco line 2 scope ip 192.168.80.0 255.255.255.0 192.168.175.0 255.255.255.0 (hitcnt = 5279)

    SH crypto isakamp her HO
    ------------------------

    12 peer IKE: x.x.x.x
    Type: L2L role: answering machine
    Generate a new key: no State: MM_ACTIVE

    SH crypto ipsec his of the HO
    ------------------------------

    ENOCDC-FW03 # sh crypto ipsec his counterpart x.x.x.x
    peer address: x.x.x.x
    Tag crypto map: non-retail-VPN, seq num: 3, local addr:x.x.x.x

    local ident (addr, mask, prot, port): (192.168.80.0/255.255.255.0/0/0)
    Remote ident (addr, mask, prot, port): (192.168.175.0/255.255.255.0/0/0)
    current_peer: x.x.x.x

    #pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
    #pkts decaps: 2839, #pkts decrypt: 2839, #pkts check: 2839
    compressed #pkts: 0, unzipped #pkts: 0
    #pkts uncompressed: 0, comp #pkts failed: 0, #pkts Dang failed: 0
    success #frag before: 0, failures before #frag: 0, #fragments created: 0
    Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0
    #send errors: 0, #recv errors: 0

    local crypto endpt. : x.x.x.x/4500, remote Start crypto. : x.x.x.x/4500
    Path mtu 1500, fresh ipsec generals 66, media, mtu 1500
    current outbound SPI: 5E757945
    current inbound SPI: 5EF13ACE

    SAS of the esp on arrival:
    SPI: 0x5EF13ACE (1592867534)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 6619136, crypto-card: non-retail-VPN
    calendar of his: service life remaining (KB/s) key: (4373785/26747)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0xFFFFFFFF to 0xFFFFFFFF
    outgoing esp sas:
    SPI: 0x5E757945 (1584757061)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 6619136, crypto-card: non-retail-VPN
    calendar of his: service life remaining (KB/s) key: (4374000/26745)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x00000000 0x00000001

    Tag crypto map: Non-retail-VPN, seq num: 3, local addr: x.x.x.x //This crypto-map is that of our remote - VPN access

    local ident (addr, mask, prot, port): (192.168.200.0/255.255.255.0/0/0)
    Remote ident (addr, mask, prot, port): (192.168.175.0/255.255.255.0/0/0)
    current_peer: x.x.x.x

    #pkts program: encrypt 0, #pkts: 0, #pkts digest: 0
    #pkts decaps: 41, #pkts decrypt: 41, #pkts check: 41
    compressed #pkts: 0, unzipped #pkts: 0
    #pkts uncompressed: 0, comp #pkts failed: 0, #pkts Dang failed: 0
    success #frag before: 0, failures before #frag: 0, #fragments created: 0
    Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0
    #send errors: 0, #recv errors: 0

    local crypto endpt. : x.x.x.x/4500, remote Start crypto. : x.x.x.x/4500
    Path mtu 1500, fresh ipsec generals 66, media, mtu 1500
    current outbound SPI: 35F7B790
    current inbound SPI: EE63084D

    SAS of the esp on arrival:
    SPI: 0xEE63084D (3999467597)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 6619136, crypto-card: non-retail-VPN
    calendar of his: service life remaining (KB/s) key: (4373997/26924)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x000003FF 0xFFFFFFFF
    outgoing esp sas:
    SPI: 0x35F7B790 (905426832)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 6619136, crypto-card: non-retail-VPN
    calendar of his: service life remaining (KB/s) key: (4374000/26924)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x00000000 0x00000001

    The ASA Site configuration
    ---------------------------------------------

    192.168.175.0 static (inside and outside) of access list policy-nat

    access list policy-nat allowed extended ip 192.168.1.0 255.255.255.0 192.168.80.0 255.255.255.0
    access list policy-nat allowed extended ip 192.168.1.0 255.255.255.0 192.168.200.0 255.255.255.0
    access list policy-nat extended permit ip 192.168.10.0 255.255.255.0 192.168.200.0 255.255.255.0
    access list policy-nat extended permit ip 192.168.10.0 255.255.255.0 192.168.80.0 255.255.255.0

    Crypto ipsec transform-set esp-3des esp-sha-hmac enoc-series
    life crypto ipsec security association seconds 28800
    Crypto ipsec kilobytes of life - safety 4608000 association
    card crypto ENOCMAP 23 matches the acl-enoc address
    card crypto ENOCMAP 23 set counterpart x.x.x.x
    card crypto ENOCMAP 23 enoc-set transform-set
    card crypto ENOCMAP 23 defined security-association life seconds 28800
    card crypto ENOCMAP 23 set reverse-road
    crypto ENOCMAP outside interface card
    ISAKMP crypto enable ouside

    crypto ISAKMP policy 1
    preshared authentication
    3des encryption
    sha hash
    Group 2
    life 86400

    tunnel-group x.x.x.x type ipsec-l2l
    tunnel-group ipsec-attributes x.x.x.x
    pre-shared key *.

    access list acl-enoc extended ip 192.168.175.0 allow 255.255.255.0 192.168.80.0 255.255.255.0
    access list acl-enoc extended ip 192.168.175.0 allow 255.255.255.0 192.168.200.0 255.255.255.0

    ciscoasa # sh crypto isakmp his

    -----------------------------------------------

    ITS enabled: 1
    Generate a new key SA: 0 (a tunnel report Active 1 and 1 to generate a new key during the generate a new key)
    Total SA IKE: 1

    1 peer IKE: x.x.x.x
    Type: L2L role: initiator
    Generate a new key: no State: MM_ACTIVE

    ciscoasa # sh crypto ipsec his

    ----------------------------------------------
    Interface: outdoor
    Tag crypto map: ENOCMAP, seq num: 23, local addr: 192.168.20.2

    access list acl-enoc extended ip 192.168.175.0 allow 255.255.255.0 192.168.200.0 255.255.255.0
    local ident (addr, mask, prot, port): (192.168.175.0/255.255.255.0/0/0)
    Remote ident (addr, mask, prot, port): (192.168.200.0/255.255.255.0/0/0)
    current_peer: x.x.x.x

    program #pkts: 59, #pkts encrypt: 59, #pkts digest: 59
    #pkts decaps: 0, #pkts decrypt: 0, #pkts check: 0
    compressed #pkts: 0, unzipped #pkts: 0
    #pkts uncompressed: 59, comp #pkts failed: 0, #pkts Dang failed: 0
    success #frag before: 0, failures before #frag: 0, #fragments created: 0
    Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0
    #send errors: 0, #recv errors: 0

    local crypto endpt. : 192.168.20.2/4500, remote Start crypto. : x.x.x.x/4500
    Path mtu 1500, fresh ipsec generals 66, media, mtu 1500
    current outbound SPI: EE63084D
    current inbound SPI: 35F7B790

    SAS of the esp on arrival:
    SPI: 0x35F7B790 (905426832)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 57344, crypto-card: ENOCMAP
    calendar of his: service life remaining (KB/s) key: (3915000/26325)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x00000000 0x00000001
    outgoing esp sas:
    SPI: 0xEE63084D (3999467597)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 57344, crypto-card: ENOCMAP
    calendar of his: service life remaining (KB/s) key: (3914996/26325)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x00000000 0x00000001

    Tag crypto map: ENOCMAP, seq num: 23, local addr: 192.168.20.2

    access list acl-enoc extended ip 192.168.175.0 allow 255.255.255.0 192.168.80.0 255.255.255.0
    local ident (addr, mask, prot, port): (192.168.175.0/255.255.255.0/0/0)
    Remote ident (addr, mask, prot, port): (192.168.80.0/255.255.255.0/0/0)
    current_peer: x.x.x.x

    #pkts program: 3567, #pkts encrypt: 3569, #pkts digest: 3569
    #pkts decaps: 0, #pkts decrypt: 0, #pkts check: 0
    compressed #pkts: 0, unzipped #pkts: 0
    #pkts uncompressed: 3569, model of #pkts failed: 0, #pkts Dang failed: 0
    success #frag before: 0, failures before #frag: 0, #fragments created: 0
    Sent #PMTUs: 0, #PMTUs rcvd: 0, reassembly: 20th century / of frgs #decapsulated: 0
    Errors in #send: 1, #recv errors: 0

    local crypto endpt. : 192.168.20.2/4500, remote Start crypto. : x.x.x.x/4500
    Path mtu 1500, fresh ipsec generals 66, media, mtu 1500
    current outbound SPI: 5EF13ACE
    current inbound SPI: 5E757945

    SAS of the esp on arrival:
    SPI: 0x5E757945 (1584757061)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 57344, crypto-card: ENOCMAP
    calendar of his: service life remaining (KB/s) key: (3915000/26143)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x00000000 0x00000001
    outgoing esp sas:
    SPI: 0x5EF13ACE (1592867534)
    transform: esp-3des esp-sha-hmac no compression
    running parameters = {L2L, Tunnel, NAT-T program,}
    slot: 0, id_conn: 57344, crypto-card: ENOCMAP
    calendar of his: service life remaining (KB/s) key: (3914728/26142)
    Size IV: 8 bytes
    support for replay detection: Y
    Anti-replay bitmap:
    0x00000000 0x00000001

    Hello

    Clearly, the connection is managed by another card crypto bein.

    Check those:

    -Where your ASA rounting the destination network. (192.168.175.0 network)

    -L' outgoing interface that uses the path has a card encryption? THAT IS "NON-RETAIL-VPN.

    -If it is rounting to the wrong interface try reconfigure the route to this destination.

    This is most likely your problem. Or at least one of them.

    Rate if this can help.

  • Cisco MSE 8510 MCU - comments PIN does not work

    Hello

    We have a few conferences on 8510 blade. Each conference is the main AXIS and the comments set up PIN. When I dial in the Conference, main SPINDLE works fine but the PIN prompt does not work.

    I tried to deal with the PIN of an endpoint, then the guest PIN from the other end, but the Conference does not accept the feedback PIN. I can use the good main SPINDLE on the two end points.

    Anyone know what may be the issue?

    I just tested this without 8510, no problem at all.

    Can you give us a screenshot of the configuration of your conference?

    I had used the same digital ID for Chair and comments, with a different PIN for each.  When I connected as Chairman, I went straight in.  When I connected as a guest, I went straight in, but I got a quick saying saying President to arrive or to connect.

  • WRT120N does not accept my ID / password when you are using a linux (mint box)

    I have a LAN House running boxes with different OS. "I can connect to my router, a WRT120N with no problems to http://192.168.1.1 from runing android Tablet and an old box of Windows XP, but when I try my main desktop, Linux Mint, (browser Firefox. 18.0.1) running, I get the same screen" 401 authorization required"as planned, but after I enter exactly the same user name and password and click"OK"screen" 401 authorization required "reappears with the empty boxes again.

    If I click Cancel, I get a page saying:

    401 authorization required

    Browser can not perform authentication or authentication failed. »

    I don't see what I'm doing wrong, any advice would be appreciated!

    Thank you.

    Found the answer to a variety of messages earlier on this forum.

    The router will not accept authentication if the Firefox browser is set to 'Sites of Tell I want to be the subject of a follow-up'. Strange, but it seems to be a long-standing oopsie in the Linksys/Cisco software.

    Under Firefox 18.0.1 (running under Linux Mint), there is a checkbox entitled: sites say I won't be the subject of a follow-up. Located under Edit > Preferences > privacy

    I checked it and YES! My connection to the router WRT120N works now.

    Thank you very much indeed!

    BTW the firmware on my router WRT120N is 1.0.04Firmware Version: v1.0.04

  • SIP message with 488 here is not Acceptable

    Hello, I'm having this problem. I have read the documentation and I look in this forum for similar problems.
    Seems is a Codec problem. Service provider asks a g711alaw. However, I already change the codec, transcoder configured which is register with handler calls and everything seems fine. But outgoing calls always give this error. Can someone help me?

    Here's the part of my configuration:

    Send-call voice alert

    convert-discpi-to-prog voice calls

    voice, send rtp-received

    voip phone service

    list of approved IP addresses

    IPv4 10.20.1.0 255.255.255.0

    h323 connections allow h323

    allow connections h323 to SIP

    allow connections sip h323

    allow sip to sip connections

    service additional h450.12

    Fax protocol t38 ls-redundancy version 0 0 hs-redundancy 0 help none

    H323

    No keepalive timeout h225

    SIP

    midcall-signalling passthru

    SCCP local GigabitEthernet0/1

    SCCP ccm 10.20.1.5 identifier 2 priority 2 version 7.0

    SCCP ccm 10.20.1.6 identifier 1 priority 1 version 7.0

    SCCP

    !

    SCCP ccm Group 1

    associate the ccm 1 priority 1

    the associated profile 1 registry COMPcode

    the associated profile 2 registry COMP01-PSG

    !

    transcode dspfarm profile 1

    Codec g711ulaw

    Codec g711alaw

    Codec g729ar8

    Codec g729abr8

    Codec g729r8

    Codec g729br8

    maximum sessions 14

    associate the PCRS application

    !

    dspfarm profile 2 PSG

    Codec g711ulaw

    maximum sessions 120 software

    associate the PCRS application

    !

    Dial-peer voice voip 50

    Description # calls of CUCM to VG #.

    incoming called number 9.T

    DTMF-relay h245 alphanumeric

    Codec g711alaw

    No vad

    !

    Dial-peer voice 11 voip

    Description * outgoing SIP Trunk call *.

    outgoing SIP CALLS OUT translation-profile

    preference 1

    destination-model 9 t

    Setup progress_ind allow 3

    progress_ind enable progress 8

    progress_ind connect enable 8

    redirect ip2ip

    session protocol sipv2

    session target ipv4:88.XXX. XX.XXX

    DTMF-relay rtp - nte cisco-rtp

    Codec g711alaw

    No vad

    The Sip Trunk on the call manager uses a MRGL both of PSG and XCODE.

    SCCP Admin State: to the TOP
    Gateway local Interface: GigabitEthernet0/1
    IPv4 address: 10.20.1.11
    Port number: 2000
    IP precedence: 5
    List of Codec hidden user: no
    Call Manager: 10.20.1.5, Port number: 2000
    Priority: 2, Version: 7.0, identifier: 2
    Call Manager: 10.20.1.6, Port number: 2000
    Priority: 1, Version: 7.0, identifier: 1

    Transcoding of Oper status: ACTIVE - reason Code: NO

    Here are the two him debugs:

    * 3 Dec 12:08:32.859: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
    Received:
    GUEST sip:[email protected]/ * /: SIP-5060/2.0
    Via: SIP/2.0/TCP 10.20.1.6:5060; branch = z9hG4bK148c5e3b74ba77
    From: <> [email protected]/ * */>;tag=1130165~6e3f6e1b-b59e-4604-be6a-d6295dc18cf6-45522220
    To: <> [email protected]/ * / >
    Date: Monday, December 3, 2012 12:02:40 GMT
    Call ID: [email protected] / * /
    Supported: timer, resource-priority, replaces
    Min - SE: 1800
    User-Agent: Cisco - CUCM8.6
    Allow: PROMPT, OPTIONS, INFO, BYE, ACK, CANCEL, PRACK, UPDATE, VIEW, SUBSCRIBE, NOTIFY
    CSeq: INVITE 101
    Expires: 180
    Allow-events: presence, kpml
    Support: X-cisco-srtp-relief
    Support: geolocation
    Call-Info: ; method = "NOTIFY; Telephone-event = event; duration = 500 "
    Cisco-Guid: 1422849408-0000065536-0000391810-0100733962
    Session time-out: 1800
    P has asserted-Identity: <> [email protected]/ * / >
    Remote-Party-ID: <> [email protected]/ * / >; left = call; screen = yes; intimacy = off
    Contact: <> [email protected]/ * /: 5060; transport = tcp >
    Max-Forwards: 70

    Content-Length: 0

    * 3 Dec 12:08:32.863: //-1/54CEF5800005/CCAPI/cc_api_display_ie_subfields:
    cc_api_call_setup_ind_common:
    Cisco-username = 02036666666
    -ccCallInfo IE subfields-
    Cisco-ani = 02036666666
    Cisco-anitype = 0
    Cisco-aniplan = 0
    Cisco-anipi = 0
    Cisco-anisi = 1
    dest = 907718005555
    Cisco-desttype = 0
    Cisco-destplan = 0
    Cisco-ISDS = FFFFFFFF
    Cisco-rdn =
    Cisco-rdntype = 0
    Cisco-rdnplan = 0
    Cisco-rdnpi =-1
    Cisco-rdnsi =-1
    Cisco-redirectreason = - 1 fwd_final_type = 0
    final_redirectNumber =
    hunt_group_timeout = 0

    * 3 Dec 12:08:32.863: //-1/54CEF5800005/CCAPI/cc_api_call_setup_ind_common:
    Interface = 0 x 31196458, call Info)
    Number = 02036666666, (Calling Name =) (TON = unknown, NPI = unknown, screening = User, spent, presentation = allowed).
    Called number = 907718005555 (TON = unknown, NPI = unknown).
    The appeal translated = FALSE, Subscriber Type Str = unknown, FinalDestinationFlag = TRUE,
    Incoming dial-peer = 50, progress Indication = NULL (0), Calling THE Present = TRUE,
    Road Trkgrp Label source, label Trkgrp road target = CLID Transparent = FALSE), call Id = 21355
    * 3 Dec 12:08:32.863: //-1/54CEF5800005/CCAPI/ccCheckClipClir:
    In: Component number = 02036666666 (TON = unknown, NPI = unknown, screening = User, spent, presentation = allowed)
    * 3 Dec 12:08:32.863: //-1/54CEF5800005/CCAPI/ccCheckClipClir:
    Departures: Component number = 02036666666 (TONE = unknown, NPI = unknown = User, spent, screening presentation allowed =)
    * 3 Dec 12:08:32.863: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:

    * 3 Dec 12:08:32.863: cc_get_feature_vsa success of malloc
    * 3 Dec 12:08:32.863: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:

    * 12:08:32.863 3 dec: cc_get_feature_vsa number is 1
    * 3 Dec 12:08:32.863: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:

    * 12:08:32.863 3 dec: FEATURE_VSA attributes are: feature_name:0, feature_time:832856160, feature_id:21306
    * 12:08:32.863 3 dec: / / 21355, 54CEF5800005, CCAPI, cc_api_call_setup_ind_common:
    Set up the event sent;
    Call Info (number = 02036666666 (TON = unknown, NPI = unknown, screening = User, spent, presentation = allowed),)
    Called number = 907718005555 (TON = unknown, NPI = unknown))
    * 12:08:32.863 3 dec: / / 21355, 54CEF5800005, CCAPI, cc_process_call_setup_ind:
    Event = 0x2AFCEB88
    * 3 Dec 12:08:32.863: //-1/xxxxxxxxxxxx/CCAPI/cc_setupind_match_search:
    Try again with the demoted called number 907718005555
    * 12:08:32.863 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallSetContext:
    Context = 0x32D52B8C
    * 12:08:32.863 3 dec: / / 21355, 54CEF5800005, CCAPI, cc_process_call_setup_ind:
    > Handed CCAPI cid 21355 with tag 50 app '_ManagedAppProcess_Default '.
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallProceeding:
    Progress Indication = NULL (0)
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallSetupRequest:
    Destination =, Calling IE date = TRUE, Mode = 0.
    Leaving Dial-peer = 11, Params = 0x2B62716C, Indication of progress = FROM SIDE IS NO ISDN (3)
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCheckClipClir:
    In: Component number = 02036666666 (TON = unknown, NPI = unknown, screening = User, spent, presentation = allowed)
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCheckClipClir:
    Departures: Component number = 02036666666 (TONE = unknown, NPI = unknown = User, spent, screening presentation allowed =)
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallSetupRequest:
    The destination model = 9 t., called number = 07718009863, band numbers = FALSE
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallSetupRequest:
    Number = 02036666666 (TON = unknown, NPI = unknown, screening = User, spent, presentation = allowed).
    Called number = 07718009863 (TON = unknown, NPI = unknown).
    Redirect = number, display of information is
    Account number 02036666666, Destination = final = TRUE flag,.
    GUID = 54CEF580-0001-0000-0005-FA820601140A, outbound Dial-peer = 11
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, cc_api_display_ie_subfields:
    ccCallSetupRequest:
    Cisco-username = 02036666666
    -ccCallInfo IE subfields-
    Cisco-ani = 02036666666
    Cisco-anitype = 0
    Cisco-aniplan = 0
    Cisco-anipi = 0
    Cisco-anisi = 1
    dest = 07718009863
    Cisco-desttype = 0
    Cisco-destplan = 0
    Cisco-ISDS = FFFFFFFF
    Cisco-rdn =
    Cisco-rdntype = 0
    Cisco-rdnplan = 0
    Cisco-rdnpi =-1
    Cisco-rdnsi =-1
    Cisco-redirectreason = - 1 fwd_final_type = 0
    final_redirectNumber =
    hunt_group_timeout = 0

    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccIFCallSetupRequestPrivate:
    Interface = 0 x 31196458, Type of Interface = 3, = Destination, the Mode = 0x0,
    Call Params (number = 02036666666, (Calling Name =) (= unknown, NPI = unknown, screening = User, TON spent, presentation = allowed),)
    Called number = 07718009863 (TON = unknown, NPI = unknown), the appeal translated = FALSE,
    Subscriber Type Str = unknown, FinalDestinationFlag = TRUE, outgoing Dial-peer = 11, Call On County = FALSE,
    Trkgrp road Label source, label of road target Trkgrp =, tg_label_flag = 0, Application Call Id =)
    * 3 Dec 12:08:32.867: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:

    * 3 Dec 12:08:32.867: cc_get_feature_vsa success of malloc
    * 3 Dec 12:08:32.867: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:

    * 12:08:32.867 3 dec: cc_get_feature_vsa number is 2
    * 3 Dec 12:08:32.867: //-1/xxxxxxxxxxxx/CCAPI/cc_get_feature_vsa:

    * 12:08:32.867 3 dec: FEATURE_VSA attributes are: feature_name:0, feature_time:832857952, feature_id:21307
    * 12:08:32.867 3 dec: / / 21356, 54CEF5800005, CCAPI, ccIFCallSetupRequestPrivate:
    Application for facility call SPI's success; Interface type = 3, FlowMode = 1
    * 12:08:32.867 3 dec: / / 21356, 54CEF5800005, CCAPI, ccCallSetContext:
    Context = 0x2B62711C
    * 12:08:32.867 3 dec: / / 21355, 54CEF5800005, CCAPI, ccSaveDialpeerTag:
    Outbound Dial-peer = 11
    * 12:08:32.867 3 dec: / / 21356, 54CEF5800005, CCAPI, cc_api_call_proceeding:
    Interface = 0 x 31196458, Indication = NULL (0) progress
    * 12:08:32.871 3 dec: / / 21356/54CEF5800005/SIP/Msg/ccsipDisplayMsg:
    Envoy:
    GUEST sip:[email protected] / * /.XXX:5060 SIP/2.0
    Via: SIP/2.0/UDP 194.168.146.148:5060; branch = z9hG4bK4F1C77
    Remote-Party-ID: <> [email protected]/ * / >; left = call; screen = yes; intimacy = off
    From: <> [email protected]/ * / >; tag = E448A58-A24
    To: <> [email protected] / * /.XXX >
    Date: Monday, December 3, 2012 12:08:32 GMT
    Call ID: [email protected] / * /
    Supported: timer, resource-priority, replaces, sdp-anat
    Min - SE: 1800
    Cisco-Guid: 1422849408-0000065536-0000391810-0100733962
    User-Agent: Cisco-SIPGateway/IOS - 12.x
    Allow: INVITE, OPTIONS, BYE, CANCEL, ACK, PRACK, UPDATE, VIEW, SUBSCRIBE, NOTIFY, INFO, REGISTER
    CSeq: INVITE 101
    Time stamp: 1354536512
    Contact: <> [email protected]/ * /: 5060 >
    Expires: 180
    Allow-events: telephone-event
    Max-Forwards: 69
    Session time-out: 1800
    Content-Length: 0

    * 12:08:32.871 3 dec: / / 21355/54CEF5800005/SIP/Msg/ccsipDisplayMsg:
    Envoy:
    SIP/2.0 100 trying
    Via: SIP/2.0/TCP 10.20.1.6:5060; branch = z9hG4bK148c5e3b74ba77
    From: <> [email protected]/ * */>;tag=1130165~6e3f6e1b-b59e-4604-be6a-d6295dc18cf6-45522220
    To: <> [email protected]/ * / >
    Date: Monday, December 3, 2012 12:08:32 GMT
    Call ID: [email protected] / * /
    CSeq: INVITE 101
    Allow-events: telephone-event
    Server: Cisco-SIPGateway/IOS - 12.x
    Content-Length: 0

    * 12:08:32.899 3 dec: / / 21356/54CEF5800005/SIP/Msg/ccsipDisplayMsg:
    Received:
    SIP/2.0 100 trying
    Via: SIP/2.0/UDP 194.168.146.148:5060; received = 194.168.146.148; branch = z9hG4bK4F1C77
    From: <> [email protected]/ * / >; tag = E488A58-A24
    To: <> [email protected] / * /.XXX >
    Call ID: [email protected] / * /
    CSeq: INVITE 101
    Time stamp: 1354536512
    Content-Length: 0

    * 12:08:32.995 3 dec: / / 21356/54CEF5800005/SIP/Msg/ccsipDisplayMsg:
    Received:
    SIP/2.0 488 here is not Acceptable
    Via: SIP/2.0/UDP 194.168.146.148:5060; received = 194.168.146.148; branch = z9hG4bK4F1C77
    To: <> [email protected] / * /.XXX >; tag = 3563525093-836070
    From: <> [email protected]/ * / >; tag = E488A58-A24
    Call ID: [email protected] / * /
    CSeq: INVITE 101
    Allow: CANCEL, ACK, INVITE, BYE, OPTIONS, REGISTER, NOTIFY, INFO, REFER, SUBSCRIBE, PRACK, UPDATE, MESSAGE, PUBLISH
    Contact: <> [email protected] / * /.XXX:5060 >
    Reason: Q.850; cause = 65
    Content-Length: 0

    * 12:08:32.995 3 dec: / / 21356, 54CEF5800005, CCAPI, cc_api_call_disconnected:
    Value = 127, Interface = 0 x 31196458, Call Id = 21356
    * 12:08:32.995 3 dec: / / 21356, 54CEF5800005, CCAPI, cc_api_call_disconnected:
    Call the entry (Responsed = TRUE, Cause value = 127, Retry Count = 0)
    * 12:08:32.995 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallReleaseResources:
    free xcoding reserved resource.
    * 12:08:32.995 3 dec: / / 21356, 54CEF5800005, CCAPI, ccCallSetAAA_Accounting:
    = 0, Id = 21356 Call Accounting
    * 12:08:32.995 3 dec: / / 21356, 54CEF5800005, CCAPI, ccCallDisconnect:
    Value = 127, Tag = 0x0, entry calls (previous disconnection Cause = 0, remove the Cause = 127)
    * 12:08:32.995 3 dec: / / 21356, 54CEF5800005, CCAPI, ccCallDisconnect:
    Value = 127, entered calls (Responsed = TRUE, Cause value = 127)
    * 12:08:32.999 3 dec: / / 21356, 54CEF5800005, CCAPI, cc_api_call_disconnect_done:
    Available = 0, Interface = 0 x 31196458, Tag = 0 x 0, Call Id 21356 =.
    Call the entry (disconnect Cause = 127, class voice Cause Code = 0, retry count = 0)
    * 12:08:32.999 3 dec: / / 21356, 54CEF5800005, CCAPI, cc_api_call_disconnect_done:
    Call interrupted event sent
    * 3 Dec 12:08:32.999: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:

    * 3 Dec 12:08:32.999: cc_free_feature_vsa release A 31, 46758
    * 3 Dec 12:08:32.999: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:

    * 3 Dec 12:08:32.999: free vsacount is 1
    * 12:08:32.999 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallDisconnect:
    Value = 127, Tag = 0x0, entry calls (previous disconnection Cause = 0, remove the Cause = 0)
    * 12:08:32.999 3 dec: / / 21355, 54CEF5800005, CCAPI, ccCallDisconnect:
    Value = 127, entered calls (Responsed = TRUE, Cause value = 127)
    * 12:08:32.999 3 dec: / / 21355/54CEF5800005/SIP/Msg/ccsipDisplayMsg:
    Envoy:
    SIP/2.0 500 Internal Server Error
    Via: SIP/2.0/TCP 10.20.1.6:5060; branch = z9hG4bK148c5e3b74ba77
    From: <> [email protected]/ * */>;tag=1130165~6e3f6e1b-b59e-4604-be6a-d6295dc18cf6-45522220
    To: <> [email protected]/ * / >; tag = E488ADC-CEC
    Date: Monday, December 3, 2012 12:08:32 GMT
    Call ID: [email protected] / * /
    CSeq: INVITE 101
    Allow-events: telephone-event
    Server: Cisco-SIPGateway/IOS - 12.x
    Reason: Q.850; cause = 127
    Content-Length: 0

    * 3 Dec 12:08:33.035: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
    Received:
    SIP ACK:[email protected]/ * /: SIP-5060/2.0
    Via: SIP/2.0/TCP 10.20.1.6:5060; branch = z9hG4bK148c5e3b74ba77
    From: <> [email protected]/ * */>;tag=1130165~6e3f6e1b-b59e-4604-be6a-d6295dc18cf6-45522220
    To: <> [email protected]/ * / >; tag = E488ADC-CEC
    Date: Monday, December 3, 2012 12:02:40 GMT
    Call ID: [email protected] / * /
    Max-Forwards: 70
    CSeq: 101 ACK
    Allow-events: presence, kpml
    Content-Length: 0

    * 12:08:33.039 3 dec: / / 21355, 54CEF5800005, CCAPI, cc_api_call_disconnect_done:
    Available = 0, Interface = 0 x 31196458, Tag = 0 x 0, Call Id = 21355.
    Call the entry (disconnect Cause = 127, class voice Cause Code = 0, retry count = 0)
    * 12:08:33.039 3 dec: / / 21355, 54CEF5800005, CCAPI, cc_api_call_disconnect_done:
    Call interrupted event sent
    * 3 Dec 12:08:33.039: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:

    * 3 Dec 12:08:33.039: cc_free_feature_vsa release A 31, 46058
    * 3 Dec 12:08:33.039: //-1/xxxxxxxxxxxx/CCAPI/cc_free_feature_vsa:

    * 3 Dec 12:08:33.039: free vsacount is 0
    * 3 Dec 12:08:33.039: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
    Envoy:
    SIP ACK:[email protected] / * /.XXX:5060 SIP/2.0
    Via: SIP/2.0/UDP 194.168.146.148:5060; branch = z9hG4bK4F1C77
    From: <> [email protected]/ * / >; tag = E488A58-A24
    To: <> [email protected] / * /.XXX >; tag = 3563525093-836070
    Date: Monday, December 3, 2012 12:08:32 GMT
    Call ID: [email protected] / * /
    Max-Forwards: 70
    CSeq: 101 ACK
    Allow-events: telephone-event
    Content-Length: 0

    Thank you very much

    Chris

    Hi Chris,

    It seems that your CUBE config is correct. The CUCM sends a PROMPT to provide at the beginning now. This means that you have enabled the PSG on the SIP trunk. The codec sent in the INVITATION is G711ulaw. In order to change this, go to the SIP trunk and search "PSG preferred from Codec" and replace it by default of G711ulaw, G711alaw. If all goes well, which does the trick for you.

    HTH.

    Kind regards

    Stefano.

  • PEI - SIP - CME - SIP - error CUCM Media is not Acceptable

    Hello world

    I have a problem with a TRUNK of SIP ITSP, the question is apparently "SIP/2.0 488 not acceptable media.

    I tried several things, I Don t know how to solve this problem.

    Outgoing calls is already OK, the problem is with incoming calls: of the ITSP to the CUCM.

    I have this topology of the ITSP SIP TRUNK:

    ITSP - sip sip - CME - CUCM

    The CME configuration is:

    Dial-peer voice voip 67
    Description * SIP trunk ITSP *.
    destination-model 591 [67]...
    session protocol sipv2
    session target ipv4:172.17.0.13
    session udp transport
    voice-class sip forced early offer
    no interaction of dtmf
    Codec g711ulaw

    !

    Dial-peer voice voip 68
    Description * SIP trunk CUCM *.
    reply-to address. T
    session protocol sipv2
    session target ipv4:172.16.6.3
    voice-class sip forced early offer
    Codec g711ulaw

    !

    SIP - ua
    Disable-early-media 180
    connection-reuse

    !

    voip phone service
    list of approved IP addresses
    IPv4 0.0.0.0
    IPv4 0.0.0.0 0.0.0.0
    h323 connections allow h323
    allow connections h323 to SIP
    allow connections sip h323
    allow sip to sip connections
    no service additional h450.7
    no additional service moved temporarily sip
    no service additional sip refer
    Fax protocol t38 ls-redundancy version 0 0 hs-redundancy 0 help none
    SIP
    binding control source-interface GigabitEthernet0/1.5
    bind media source-interface GigabitEthernet0/1.5
    Registrar Server
    offer-early forced

    !

    On the side of CUCM:

    End point of media (checked)
    Disable the media beginning on 180 (unchecked)
    Requires the idle exchange of SDP for call Media Change (checked)
    Early support for voice and video calls (checked)
    Send send-receive SDP appealed INVITES (checked)

    The result of "debug messages ccsip" and "debug dialpeer inout voice" is:

    001062: 03:31:03: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
    Received:
    GUEST sip:[email protected]/ * /: 5060; user = phone SIP/2.0
    Via: SIP/2.0/UDP 172.17.0.11:5060; branch = z9hG4bKi2mhl410do70mrc4s141.1
    Call ID: [email protected]/ * /.
    From: "70965999"<>[email protected]/ * /; transport = udp; user = phone >; tag = 2u2uavrx-CC-1013
    To: '69200020'<>[email protected]/ * /; transport = udp; user = phone >
    CSeq: 1 INVITE
    Max-Forwards: 69
    Contact:
    Allow: INVITE, ACK, OPTIONS, CANCEL, INFO, BYE PRACK, NOTIFY, MESSAGE, UPDATE
    P - asserted-Identity has:
    Supported: 100rel, histinfo, prerequisite
    P-early-Media: support
    Content-Length: 362
    Content-Type: application/sdp

    v = 0
    o = HuaweiSoftx3000 1102026905 1102026906 IN IP4 172.17.0.11
    s = SipCall
    c = IN IP4 172.17.0.11
    t = 0 0
    m = audio RTP/AVP 8 18 116 10386
    a = rtpmap:8 PCMA/8000
    a G729/8000 rtpmap:18 =
    a rtpmap:116 telephone-event/8000 =
    a = ptime:5
    a = sendrecv local curr:qos
    a = distance zero curr:qos
    a = sendrecv local compulsory are: qos
    a = sendrecv distance optional with: qos
    a = 3gOoBTC

    001063: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
    Number = 69200020, called number = 69200020, Peer Info Type = DIALPEER_INFO_SPEECH
    001064: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
    Associate the rule of = DP_MATCH_DEST; Called number = 69200020
    001065: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersCore:
    No outbound dial-peer does not; Result = NO_MATCH(-1)
    001066: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchSafModulePlugin:
    dialstring = 69200020, saf_enabled = 1 saf_dndb_lookup = 1, dp_result =-1
    001067: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchPeersMoreArg:
    Result = NO_MATCH(-1)
    001068: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpAssociateIncomingPeerCore:
    Number = 70965999, called number =, Voice-Interface = 0 x 0.
    Timeout = TRUE, Peer Encap Type = ENCAP_VOIP, Type of research peer = PEER_TYPE_VOICE,
    Peer Type Info = DIALPEER_INFO_SPEECH
    001069: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpAssociateIncomingPeerCore:
    Result = Success (0) after DP_MATCH_ANSWER; Incoming dial-peer = 68
    001070: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchSafModulePlugin:
    dialstring = NULL, saf_enabled = 0, saf_dndb_lookup = 0, dp_result = 0
    001071: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpAssociateIncomingPeerCore:
    Number = 70965999, called number =, Voice-Interface = 0 x 0.
    Timeout = TRUE, Peer Encap Type = ENCAP_VOIP, Type of research peer = PEER_TYPE_VOICE,
    Peer Type Info = DIALPEER_INFO_SPEECH
    001072: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpAssociateIncomingPeerCore:
    Result = Success (0) after DP_MATCH_ANSWER; Incoming dial-peer = 68
    001073: 03:31:03: //-1/xxxxxxxxxxxx/DPM/dpMatchSafModulePlugin:
    dialstring = NULL, saf_enabled = 0, saf_dndb_lookup = 0, dp_result = 0
    001074: 03:31:03: //-1/CD12136099D5/DPM/dpAssociateIncomingPeerCore:
    Number = 70965999, called number = 69200020, Voice-Interface = 0 x 0.
    Timeout = TRUE, Peer Encap Type = ENCAP_VOIP, Type of research peer = PEER_TYPE_VOICE,
    Peer Type Info = DIALPEER_INFO_SPEECH
    001075: 03:31:03: //-1/CD12136099D5/DPM/dpAssociateIncomingPeerCore:
    Result = Success (0) after DP_MATCH_ANSWER; Incoming dial-peer = 68
    001076: 03:31:03: //-1/CD12136099D5/DPM/dpMatchSafModulePlugin:
    dialstring = NULL, saf_enabled = 0, saf_dndb_lookup = 0, dp_result = 0
    SIP: Attempt to analyze the attribute not supported at the level of the media
    001077: 03:31:03: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
    Envoy:
    SIP/2.0 488 Media is not Acceptable
    Via: SIP/2.0/UDP 172.17.0.11:5060; branch = z9hG4bKi2mhl410do70mrc4s141.1
    From: "70965999"<>[email protected]/ * /; transport = udp; user = phone >; tag = 2u2uavrx-CC-1013
    To: '69200020'<>[email protected]/ * /; transport = udp; user = phone >; tag = C139A0-1755
    Date: Thu, November 6, 2014 13:01:04 GMT
    Call ID: [email protected]/ * /.
    CSeq: 1 INVITE
    Allow-events: telephone-event
    Reason: Q.850; cause = 65
    Server: Cisco-SIPGateway/IOS-15.3.3.M2
    Content-Length: 0

    001078: 03:31:03: //-1/xxxxxxxxxxxx/SIP/Msg/ccsipDisplayMsg:
    Received:

    SIP GatewayTelf_JD #ACK:[email protected]/ * /: 5060; user = phone SIP/2.0
    Via: SIP/2.0/UDP 172.17.0.11:5060; branch = z9hG4bKi2mhl410do70mrc4s141.1
    CSeq: 1 ACK
    Call ID: [email protected]/ * /.
    From: "70965999"<>[email protected]/ * /; transport = udp; user = phone >; tag = 2u2uavrx-CC-1013
    To: '69200020'<>[email protected]/ * /; transport = udp; user = phone >; tag = C139A0-1755
    Max-Forwards: 69
    Content-Length: 0

    Little light at the end of the tunnel?

    Thanks in advance!

    Hello

    can you collect debug voice ccapi inout & debugging ccsip GCE message and attach the logs here please?

    your provider sends A Law G711 codec in the PROMPT message, but you have configured G711 U right in the dial-peers.

    can you try to fix G711 has the right dial-peers and check out them? Also make sure you have TPMS in the MRGL applied to CUCM SIP Trunk.

  • Command not accepted on switch 3750 WCCP

    Hello

    I'm trying to configure the redirection of WCCP using L2 forwarding on a stack of 3750, but the 'ip wccp web cache' command is not accepted.

    Can you please help?

     Stack_3750X(config)#ip wccp                        ^ % Invalid input detected at '^' marker.

    Using the version 15.0

     Stack_3750X#sh ver Cisco IOS Software, C3750E Software (C3750E-UNIVERSALK9-M), Version 15.0(2)SE6, RELEASE SOFTWARE (fc2)

    SDM prefer routing active.

     Stack_3750X#sh sdm prefer The current template is "desktop routing" template. The selected template optimizes the resources in the switch to support this level of features for 8 routed interfaces and 1024 VLANs. number of unicast mac addresses: 3K number of IPv4 IGMP groups + multicast routes: 1K number of IPv4 unicast routes: 10.875k number of directly-connected IPv4 hosts: 3K number of indirect IPv4 routes: 7.875k number of IPv6 multicast groups: 64 number of IPv6 unicast routes: 32 number of directly-connected IPv6 addresses: 0 number of indirect IPv6 unicast routes: 32 number of IPv4 policy based routing aces: 0.5K number of IPv4/MAC qos aces: 0.375k number of IPv4/MAC security aces: 0.875k number of IPv6 policy based routing aces: 0 number of IPv6 qos aces: 0 number of IPv6 security aces: 58

    Here is the license:

     Stack_3750X#sh license Index 1 Feature: ipservices Period left: Life time License Type: PermanentRightToUse License State: Active, Not in Use, EULA not accepted License Priority: None License Count: Non-Counted Index 2 Feature: ipbase Period left: Life time License Type: Permanent License State: Active, In Use License Priority: Medium License Count: Non-Counted Index 3 Feature: lanbase Period left: 0 minute 0 second

    Hi ipbase can't stand the wccp you need ipservices or license advanced

    http://www.Cisco.com/c/en/us/support/docs/Security/Web-security-appliance/118006-configure-WCCP-00.html

    Mark

  • the remote device or resource does not accept the connection - CIMC

    Hello

    I tried access MMIC remotely via web browser, but get the error message "the connection was refused by the target device.

    I was able to access a device similar to the same place but will not be for this particular device.

    Another diagnosis with internet explore came with reason "the remote device or resource does not accept the connection.

    Any idea please?

    Thank you

    Hi Mike,.

    Is the host this time online? Are you able to ping the server MMIC? If you are able to ping the server of CIMC, but unable to connect via SSH or the graphical user interface you can hit the following bug;

    https://BST.cloudapps.Cisco.com/bugsearch/bug/CSCun88303/?reffering_site...

    I hope this helps. Please check all the useful answers as correct while others can find answers faster.

    Qiese Sa'di

  • Changed my password emai on laptop, now I pad does not accept it.

    I changed my password e-mail btinternet on laptop now my I pad will not accept it.

    Hello

    Go to Settings Email change password or delete the account then add it back again.

    If you change the password of e-mail that you need to change it on all your apple devices

    See you soon

    Brian

  • Mac Pro el capitan: username and/or pw not accepted: How can I boot up to fix this

    I recently acquired a firmware Mac Pro 2009 4.1, loaded with a version update of el capitan.  I immediately changed the admin password but has not changed the admin username, nor have I evolved Autostart and name of user and password until today. NOW, it will not accept any combination of username / password.  How to overcome this gaffe to change the user name and password.

    To do this the Apple Downloads are locked on the account who bought them:

    Evolution of the property of a Mac of opportunity

  • I was charged for my coffee game update, which I wasn't aware of. I do not accept to pay about $ 8 for only an update, this game in the first place was free. I want to ask for a return and I will delete the game

    I was charged for my coffee game update, which I wasn't aware of. I do not accept to pay about $ 8 for only an update, this game in the first place was free. I want to ask for a return and I will delete the game

    Apple or App developers read this forum. If you want a refund, contact the developer to the email address. It is to them that they will refund your or not.

  • IPhone does not accept the code to check for text messages

    II phone does not accept the code verification for the transfer of messages text imac

    Maybe these articles will help:

    Get a verification code and connect with authentication to two factors - Apple Support

    If you don't receive your check or reset email - Apple Support

    If this is not the case, can you explain a little more detail what exactly is your problem?  Or see the 'Contact us' at the bottom of the second article.

  • why Apple does not accept my new password?

    Why Apple will not accept a new password I create?

    Would appreciate advice.

    Writing an effective question of communities of Apple Support

Maybe you are looking for

  • Satellite A300 PSACGA - display distorts and freezes

    I have a Satellite A300 PSACGA-02V010 running Vista Ultimate.The laptop is around the age of 10 months and 12 hours a day for work purposes. For some reason there is a few days display distorted (pixelated) and froze.The only way to recover was a dif

  • Pavilion dv7-1285dx windows vista 64-bit

    the motherboard on my pavillion dv7-1285dx supports a newer processor? Socket 1156? 1366?  I was thinking about upgrading my cpu for core i5 or i7 processor?  I was also considering upgrading my nvidia video card as well.

  • CD will not eject

    any cd I put in eject not I think it's to do with media player

  • DeskJet 932C, Windows 7, a red and green light on the machine will not work

    Both my red light and green light are on and printer has stopped working.  What, on the contrary, do in addition to become another printer? When I press red light nothing happens. When I turn printer off and on again the same lights appear.  When I o

  • Notify the ListView data in the model have changed

    Hello! I know this question has been asked several times, but I have yet to find anything satisfactory. I have a ListView, filled with a QListDataModel. After some time I update an element of the model. So far, the only way I found to the ListView so