CPL in VCS - E rules

Similar Questions

• Tandberg VCS Expressway - rules of appeal policy

  Dear all,

  We are currently deploying DNS resolution on the highway to VCS, and it works as expected.

  However, we would like to block an outside party to call our VIP users, so we are set up the rule of the appeals policy.

  According to the help page of VCS, both the Source and Destination are supported by regular expressions.

  But we found that the strategy of appeal rule is not as planned.

  For example, we have configured

  Schema of the source: [email protected] / * /

  The destination model: [email protected] / * /

  Action: allow

  As a result, the user [email protected] / * / is not able to call the endpoint ex60domain.com.

  Does anyone face the similar problem? Or someone has the recommendation on this matter?

  Best regards

  Ben

  As Andreas mention, you can use the CPL to control call of endpoint not registered by CPL following (just quick example)

  ===============================================================

  "xmlns:TAA ="http://www.tandberg.net/cpl-extensions"

  "" xmlns: xsi = "http://www.w3.org/2001/XMLSchema-instance"

  xsi: schemaLocation = "urn: ietf:params:xml:ns:cpl cpl.xsd" >

  ===============================================================

  Another solution is to use the new dial plan search rules introduced in X7.2 release.

  Registration of endpoint of VIP in separate subfield and create specific search rules.

  With X7.2, you can configure the search rule detail as called Protocol and source subfield level targeting specific subfield level.

  Please see page 35 of https://supportforums.cisco.com/docs/DOC-26316.

  (But this little yet complicate when call comes e - VCS to VCS - C where VIP registered endpoint).

• Control in neighborhoods with VCS Expressway rule

  Hello everyone.

  I wonder if VCS Expressay made a sort of control in the nearby areas.

  For example: I want to restrict the neighboring area to perform not more than 2 simultaneous calls.

  Best regards

  You can restrict the overall bandwidth used for these calls, but not strictly the number of calls.

  For example, if your bandwidth standard appeal for your organization is 768 Kbps and you want only 2 calls is nearby at the same time, you create a pipe which has a limit of 1536 kbps total bandwidth and ask the hose for the link to this neighbor.  Links and tips is all two found in a VCS Configuration--> menu of bandwidth.

  Who help me?

• CPL configuration for the handling of source on VCS - E

  Hi all

  When we tried to have a video call with an external company on the VCS - E, the address IP of CUCM appear in the distant field rather end when making external calls.

  It occurs because the SIP URI field on the sx device interface has completed our IP CUCM ( [email protected]/ * /)

  We are discussing with the TAC engineer, this problem can be solved by making one of these options below

  • 1-) field of sets for the CUCM so the field will not appear the IP address.

  • 2-) save endpoint on the VCS.

  • 3-) script on CUCM to change the SIP header and standardization for more details you can check out the link below:

  • 4-) - write scripts CPL on the VCS.

  • According to above choice, the only way to solve this problem for us applies a CPL
  • as much as I did research it is also not possible to change the source with the CPL on VCS - E. is it good?

  anyone can share me a CPL configuration for this manipulation? What I would do is this show get [email protected] / * / instead of [email protected] / * / address.

  [email protected]/ * / > [email protected] / * /

  our topology is device SX > CUCM > VCS - C > VCS-E > Internet

  VCS version is X8.7.1

  I would send me a CPL config for it.

  Thanks in advance

  Halit

  Can you provide a copy of your rules of research of VCS and a search for the call history failed.

• VCS - CPL to block call routing to and from the same area of neighbor

  Hi all

  Is there a CPL rule that can be written to block calls from a neighbouring area to the same area of neighbor?

  We have problems with CUCM sent appeals to the our VCS VCS then routes the call return CUCM, causing thus "too many jumps."

  In the example

  MOVI user control VCS try to compose endpoint registered RTC CUCM, but incorrectly dials

  Appeal does not have to search for the terms of local area

  Call does not match search for VCS Expressway rules

  Call corresponds to captures all of CUCM (. *) @domain.com

  CUCM does not form DN or URI for the wrong phone number and the call is routed to the VCS control due to the SIP routing model of *. * on CUCM

  We have to capture all CUCM at the end, since we offer PSTN, as well as our users and phones have the alphanumeric URIs assigned to the DNs for Jabber, etc.

  I fear that he is not really an easy way to do it, I know because the call charged CPL first, CPL don't know what area it was intended for.

  It's probably more easily accomomplished with a slight modification to your rules of research rather than spraying anthing "@domaine" everywhere - something like:

  Anything incoming directly at @domaine in the nearby area of the local area (as is inside your organization, such as if the CUCM not found and sent it to the VCS he won't be on the CUCM, so must be local (or nonexistent) - and stop.

  And the opposite of the above - route whatever it is for @domaine of the localZone.GetDaylightChanges (because it was not found locally) to stop and the CUCM neighbour-

  And do similar for what is coming from other areas outside to route to wheverver that will be endpoints.  In this way, your call should not be bouncing back between the CUCM and VCS and create the loop that you are currently experiencing.

  Of course, if your environmetn is a little more complex than the simple CUCM and VCSes, this can be a bit oversimiplified, but could lead you in the right direction.

  Another thing to consider too - if you put in your endpoints in a directory, users can use - that will help you to prevent wrong type stuff :)

  Wayne
  --
  Remember the frequency responses and mark your question as answered as appropriate.

• Configuration of the firewall on VCS via command xconfig rules

  Hello

  We have all the days of the "bad guys", how want to use our VCSE for calls to PSTN numbers.

  It is possible to configure the firewallrules via Xconfiguration or only on the web page?

  Thank you

  Stephan

  Actually, I just re-read your post and it seems that the firewall rules are not what you are after, but rather call policy (CPL) Scripts. Firewall rules, could be used to stop or allow to use specific IP addresses to connect to a service that runs on your VCS - such as SSH or HTTPS, not really for the filtering of the calls.

• CUCM manipulation of VCS call

  Hello together,

  We have a little problem with our VCS + CUCM enviroment. When users of CUCM number users of VCS the URI that appears on the endpoint VCS is currently as "[email protected]" / * /-IP '. " But we want it to be displayed as "[email protected] / * /'." "

  Is that it is advisable to do this? I tried already with the CPL on VCS - C file, but it won't work.

  "I tried different versions of"[email protected] / * / ">" but will not change the source.

  This problem exists also for outgoing via VCS - E as endpoint outside our platform TP the CUCM-IP is also displayed and the user cannot remember history.

  Kind regards

  Jannik

  What version do you use? For SIP profiles assigned to endpoints, there is a setting I here to "Use full domain name" during the delivery. Please check. You have a directory URI assigned to the endpoint?

• Failed to connect to VCS - e, VCS - c is ok

  Hi all.

  I have now read so many discussions on this issue and I have tried everything that I could find.

  But still I get:

  "Bad username, domain and / or password.

  When I try to connect to Movi from VCS-e.

  Among the things:

  -Area with credentials Check

  -Sip Proxy enabled on VCS - e

  -removed the Provisoning VCS-e key

  -Server SIP Public address added to config TMS model.

  -Tried several tips on the search of VCS - e rules to VCS - c.

  What Miss me?

  Any advice would be greatly appricated.

  Thank you

  Alexander

  Hi Alex,

  collect diagnostic logs and look for message subscribe. See what is happening on VCS - E when it receives the initial response.

  Thank you

  Alok

• 2 MCU and VCS Expressway, routing problem

  Hi all

  We have a design with a group of control VCS (2 members), cluster VCS Expressway (2 members), and a couple of microcontrollers (registred H.323 on VCS control cluster with the same prefix: 90).

  Each highway has a public IP address and incoming calls from outside can only be routed to microcontrollers:

  [email protected]/ * / for MCU_1 and [email protected]/ * / for MCU_2 (we don't have external DNS resolution).

  I put a conversion into motorway of VCS to change [email protected]/ * / to [email protected] / * / and [email protected]/ * / to [email protected] / * /.

  The problem is when someone calls [email protected]/ * / sometimes (randomly) the call is routed to MCU_2 (instead of MCU_1) and if the appellant see the auto attendant.

  The occcurs even then of the appeal [email protected]/ * / (MCU_2), sometimes the call is routed to MCU_1.

  Any idea what can cause this device or a way to make it work well?

  Thanks for help.

  José

  I think still that separate prefix would work, but here are a few ideas:

  Are incoming calls which do not possibly using SIP that is being interoperability H323 or incoming calls all certainly the H323?

  If you want to keep pure H323, you could perhaps just have a search rule/turn on your VCS-E who changed [email protected] to an E164 e.g. 90... and had a search on your VCS - C rule that says 90... stop at the local area.

  I also noticed that you direct calls to [number]@MCU-IP - have you tried to direct all calls to [number]@VCS-C IP instead?  If the VCS is the holder of a registration for a number, it should be able to deliver accordingly.

• VCS Cluster - record H.323

  Hi all

  We have a VS Cluster and would like to register 2 MCU´s and a gateway with H.323 on it.

  -Inscription on the first not peer very well - no prob. record of 2. Peer - does not (source unauthenticated received fron)

  VCS Trace... no this crypto token / / invalid cryptographic tokens.

  Its allways happened on 2. peer.

  Restart the MCU, restart Cluster, see time servers, disabling / enabling H.323 in VCS and MCU - all done, always the same failure.

  VCS Cluster / MCU / ISDN are all in the same subnet, but in another location. RTD between the location is less than 10 ms.

  BTW: SIP with tls runs without any risks.

  Does anyone have an idea?

  Thank you much for your helping hands

  /Dirk

  In general this should not happen.

  You said you checked the time servers, but have you also checked the actual time on the

  VCS and the endpoint? (for example the login as root and check with the date).

  Try to use the same NTP server on all VCS and endpoints.

  Is the group itself ok (see configuration / clustering)?

  Something not ok with the zone configurations?

  You have any local specific or server based CPLs on VCS?

  No matter what firewall/nat/alg between VCS and the endpoint?

  Do you have a xconfig on two VCS and compare the config of the differences?

  Your sure it's the right vcs you hit?

  Do you still review log files and compare what's happening the first relative to each other?

  A tcpdump and check on the VCS of debugging can be interesting as well.

  Please remember useful frequency responses and identify useful or correct answers.

• Registration for authentication and crossing area of Jabber

  Hello

  I used TMS 13.1.2 as authentication source LDAP for VCS-control and VCS Expressway, but noticed, that not all passwords are synchronized correctly in the LDAP H.350 MSDS database, because the user is recorded in two entries. I went to the local authentication, including the database configuration on VCS - C and the local database with the transmission by proxy SIP VSC-E to the VCS - C records. It works fine and I am able to make calls.

  I created the search on VCS highway rules to replace all aliases MCU to an auto attendant external special. Stored locally on the VCS-E endpoint points are allowed to call internal aliases. I tried to do the same for the Jabber Clients, which is recorded in the crossing area of the VCS - C. This works as expected, because the Jabber Clients are not enrolled in a local area and SIP GUEST is not in dispute.

  I expect that all the Jabber client message will be challenged by the VCSE, but this isn't the case. Accordingly, the guest of the SIP protocol is treated as an external user and not an intern.

  May 9 10:11:28     tvcs: UTCTime="2012-05-09 08:11:28,425" Module="network.search" Level="INFO": Detail="Search rule 'my.domain proxy registrations' did not match destination alias [email protected]/* */'"
May 9 10:11:28     tvcs: UTCTime="2012-05-09 08:11:28,423" Module="network.sip" Level="INFO": Dst-ip="84.113.206.194" Dst-port="62503" Detail="Sending Response Code=100, Method=INVITE, To=sip:[email protected]/* */, [email protected]/* */"
May 9 10:11:28     tvcs: UTCTime="2012-05-09 08:11:28,419" Module="network.sip" Level="INFO": Src-ip="84.113.206.194" Src-port="62503" Detail="Receive Request Method=INVITE, Request-URI=sip:[email protected]/* */, [email protected]/* */"

  These are the rules of research that I was talking about:

  110     Enabled     "local registered to Traversal"     LocalZone      No      Alias pattern match      Regex      ^(.*)@my.domain$      Leave      Continue      TraverselZone
115     Enabled     "authenticated to internal"     Any      Yes      Alias pattern match      Regex      ^(.*)@my.domain$      Leave      Continue      TraverselZone
120     Enabled     "mcu all to 899"     Any      No      Alias pattern match      Regex      ^(900\d*|conference)@nts\.eu$      Replace      Stop      TraverselZone

  Is it possible to allow the Jabber Clients to be authenticated on the VCS-E, so a search rule can aply?

  Thanks for your help!

  You get the 'Preparation device' key for your VCS-E so its free.

  It may require a valid service contract.

  I have the provisioning again running on a cluster of VCS - E in my lab, works very well.

  In ancient times that the deployment has not officially supported, it was running great in any case :-)

  Did not check if its now a deployment with support.

  I don't know enough about your deployment to say what would be the best for you.

  There will be some scenarios where not all features can be deployed together for some reason any.

  Maybe someone can help you by looking at how implementation could be done better.

  If you have authentication and integration of ads, that you need to connect

  the VCS-E announced as well. Endpoints (at least for now) is not auth via AD, but you could

  use a database of h.350 (could also be hosted with AD) or the local authentication database.

  Now, which is also spread by TMS, could be an answer to your question as well.

• Numbering of the SIP Client IP addresses to public IP addresses

  Hello

  We are developing a new video network with VCS control and 2 highways of VCS. 1 expressway stressed the public internet address face and 2nd Expressway face partner network.

  Requirement: Internal SIP endpoint need dial IP address public (via Highway 1) and the IP address of the partner (via Highway 2). VCS control configured mode "calls to unknown IP address" to "Indirect".

  The two highways set up for 'Request to the unknown IP' mode to 'lead '.

  There is research on the VCS control rules to find the IP address.

  Priority 1 for IP address via 1st Highway

  Priority 2 for Ip address of partner via Highway 2.

  The two numbering IP addresses work, but component partner / IP address takes about 38 Sec to finish for the configuration of the call.

  When I look at the history of calls on the VCS control, I can see even for the search for the IP address of partners, 1 internet search Expressway and could not reach the IP address and then start to search on the highway of VCS partner and find the Ip address, like that it takes more time to complete the call.

  Sometimes, it is time and couldn't make a call of IP address to the IP address of the partner.

  is he kind, we can minismise the time for setting up call for the IP address of the partner numbering.

  Kind regards

  Chris

  Chris,

  try to disable SIP UDP on both motorways as this should reduce the appeal of 30 seconds preparation time.

  Hope this helps,

  Andreas

• The simultaneous ringing of two clients MOVI

  Here is the config...

  Address MOVI is the last[email protected] / * / for all users

  The same account and the address is used when you connect to a VCS-control of the office or a VCS-Highway to the House.

  When the user is logged on and using his Office MOVI and usually leaves without disconnection

  The user will then House and newspapers in the VCS-highway.

  When the user is called from inside network... it sounds the MOVI customer who is registered for the VCS - C (inside) and never ring the customer MOVI external home.   If opt out us customer MOVI of the VCS-noninale... it sounds then the external customer MOVI.

  We do NOT have find Me on our VCS and we can consider, however, I do not think that it would give a simultaneous ringing.

  I understand that if we had FindMe... we would need separate addresses for office and home as...

  [email protected] / * /.

  and

  [email protected] / * /.

  The VCS search rules can be written to make true simultaneous ringing for MOVI two clients with the same address?

  Thank you

  Hi Steven,

  I just checked this in the lab, and it seems that research for the Local area and the area on the VCS - C rules should have the same priority in order for two customers to ring at the same time.

  The downside of this (compared to what the rules of search in the defafult for the Local area 50 and 100 for the covered area) is that the VCS - C will send more research to the VCS-E then it normally would (searches for aliases that are observed in the local area on the SCV - C but is not normally on the VCS-E) , but normally this should not be a problem.

  To work around the problem, you could do a search model Movi device URI-specific rule, apply this rule of research in the area of course and set the priority for this search rule identical to that of the local area. If you use [email protected] / * / for your Movi records, would be a corresponding regular expression

  .+\. [email protected] / * /\.com$

  The advantage of having this rule of specific search (and more), you'll see searches less touched your fast track if you were to change the priority of the current rule of the research on zone crossing to match that of the rule of local area search.

  If it's true that your video users tend to use Movi times when, in the office and out of office, without connecting to their customers of Movi in exercise when you leave, you probably want to have the same priority to the local area and the crossing area.

  Normally this should not occur too often, however, as users who employ Movi when in office, normally do on a laptop they bring with them when they leave, removal of the possibility of the customer in-Office Movi still being connected while the user current left.

  Hope this helps,

  Andreas

• Cannot call b & w, local users and outdoor movi

  Hello world

  We use SCVS starter pack as urban motorway with the version X7.0.1 and control of vcs with version X6.0

  I recorded all users of movi on vcs starter pack as motorway urban and able to connect outside movi

  but impossible to call between the end points of local headquarters on vcs control and movi users registered on vcs satarter pack as a motorway

  does everything on Starter vcs configuration and control of vcs like

  (1) area of course created on the two vcs

  rule 2) research created the call of the road via the crossing area

  Please suggest what could be the problem

  Hi Rashmi,

  Can you check the VCS where the Ex60 registered. Historical calls can go under status.

  check the call, and there can provide you with the search for the call history. then, we can get at least an idea to go further.

  Thank you

  Alok

• Conductor BBFRR planned Conference in TMS - granularity alias missing

  Hi all

  I've been supported configuration for regular calls of telepresence with driver X2.1 and TMS 14.2.2.

  Everything is fine - the only thing miss me, and I wonder about is regex support to the boss of the Alias in aliases for telepresence driver tab in TMS.

  The only variable that actually "is" is the % sign. It corresponds to the 5 channels of digit numbers starting with 10000.

  Is it possible to use 'normal' regexes here as in CUCM bosses or VCS search rules?

  I wish I could write an E.164 range has for example, as [email protected] / * / or

  40955511\[email protected] / * / -while I have 100 alias in this form.

  So far, all my efforts proved fruitless, as everything that I entered as a model of Alias, ends with a completely ridicilous regular expression on the far right, which makes me think of nothing is supported except the % sign. A way to change or modify it?

  Support of all thoughts of eut or TAC?

  Anyone with a similar experience?

  If it doesn't "stick" I guess I'll have to find an exotic way to the use of models of translation.

  Another question:

  With BBFRR, this alias tab alias PTC Conference is one that is driven by XML endpoint?

  Thank you

  Mihail

  Hi Mihail,

  In TMS 14.1 and 14.2, it is hard coded as '%' grows to 10000. However, this was changed to 14.3, which will allow us to release later in July. The draft of 14.3 release notes:

  

  Kjetil-