Search this Blog

Friday, April 23, 2010

Is there a way in UCM to have the diverted party shown transformed to the external phone mask when calls are diverted back to the PSTN?


Scenario: ITSP to CUBE to UCM --- SIP end-to-end. IP phone is forwarded to PSTN number and diversion headers are enabled on the outbound direction of the trunk. But unlike standard calls which are transformed to the external mask at the trunk level, diversion headers show only the private extension. ITSP rejects the diverted call because it does not accept calls from unknown DIDs.

On your CUBE you can do something like this

voice translation-rule 9
rule 1 /^9\(.*\)/ /\1/ <-- Strips the 9 from the Called Number

voice translation-rule 11
rule 1 /1...$/ /2125551212/

*** this rule Matches a 4 Digit Diversion number that starts with a 1 from Call Manager and translates it to a number that is allowed on the SIP network. Depending on your Version of CM or Gateway type you might not see the 4 Digits Diversion header, so you might try this rule 1 /.*/ /2125551212/. ***


voice translation-profile strip9
translate called 9
translate redirect-called 11

dial-peer voice 10 voip
translation-profile outgoing strip9
destination-pattern 9T
voice-class codec 1
voice-class sip early-offer forced
session protocol sipv2
session target sip-server
dtmf-relay rtp-nte
fax protocol t38 ls-redundancy 2 hs-redundancy 0 fallback none
no vad

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

L2 switch. Does the MAC entry table age out the MAC-address after the 600 seconds default?


We have a PC connected to a L2 Switch. We see the MAC address as dynamic in the switch's MAC-Address table. As soon as we disconnect the PC from the switch the entry in the MAC-Table is gone..... doesn't it suppose to age out the MAC-address after the 600 seconds default and not right away? Can someone confirm?


The CAM aging time is used when the device is still connected to the switchport but hasn't actually sent or received any traffic for a certain time. If the device hasn't sent or received any data within the aging time the entry is removed and is only added when the device sends or receives traffic again.

When you disconnect the PC however the switch automatically removes the mac-address of the PC associated with the port because it knows the switchport has nothing connected to it so there can be mac-address reachable on that port.

If the PCs are running Microsoft IE don't really have to be doing anything as they are often continually chatting away in the background. If you staryed a network sniffer up on your PC you would see there is often still traffic going back and forth.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

What is the difference w.r.t to Call Preservation for H.323 & MGCP Gateways ?


Which Gateway will preserve an on-going call, MGCP or H.3232 if the WAN link fails ?

Call preservation (aka call survivability) is a feature that allows active calls using a gateway to be preserved during a CUCM outage. Each gateway and trunk configuration device discussed in this post has a device pool with a Call Manager group configuration. The Call Manager Group configuration will accommodate up to three call managers for triple call processing redundancy. If communication to the primary Call Manager is lost, the gateway will communicate with the secondary Call Manager. If the secondary Call Manager is lost, the gateway will communicate with the tertiary Call Manager.

Media Gateway Control Protocol has supported call survivability (call preservation) since it was introduced on the gateway routers, but H.323 gateways did not support this feature until Cisco IOS 12.4(9T).

Please click here for more details on configuring H.323 VoIP Call Preservation Enhancements for WAN Link Failures.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, April 21, 2010

NAT-NVI: translation failed (A) dropping packet


We have configured NAT translation in order to access remotely an application running in port TCP 2000. The application times out and when we run a debug it shows us: "NAT-NVI: translation failed (A), dropping packet s=216.226.51.238 d=216.218.0.120. Can somebody help us diagnose this?

Looks like you are using skinny port for your application; skinny traffic inspection is enable by default for 12.4T code, I am not sure if your IOS has that feature enabled by default. You can disable it using "no ip nat service skinny tcp port 2000".

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

CUE will not sync time with CME UC520 system


We currently have a UC520 system that CUE time is incorrect on by 5 hours. We have set the time with both Configuration Assistant (the most current version) and from the command line. Last night we also attempted to set the ntp server while logged into CUE and get messages that follows:

UC500-CUE(config)> ntp server 192.168.10.1

WARNING!!! Could not reach 192.168.10.1 using NTP.
WARNING!!! 192.168.10.1 might not have been configured as
WARNING!!! NTP server.
WARNING!!! NTP Server 192.168.10.1 Will be entered in the NTP List
  1. Click here to download the UC500 software.
  2. Accept the agreement, enter your CCO information.
  3. Look for the most current download for your UC500 system and update the system to the most current software load.
  4. Lots of fixes to multiple problems with the UC500 systems are solved by upgrading them.
  5. The most current update changed the older UC500 system way it handles timing itself.
Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

%EARL_L3_ASIC-SP-3-INTR_WARN: EARL L3 ASIC: Non-fatal interrupt Packet Parser block interrupt error


We found this log on Switch 6500 at below.
%EARL_L3_ASIC-SP-3-INTR_WARN: EARL L3 ASIC: Non-fatal interrupt Packet Parser block interrupt. Can someone help us understand why this error message is issued? Any possible workaround that you can recommend to resolve this? Thanks.

The error message %EARL_L3_ASIC-SP-3-INTR_WARN indicates that the Enhanced Address Recognition Logic (EARL) Layer 3 (L3) application-specific integrated circuit (ASIC) detected an unexpected non-fatal condition. This indicates that a bad packet, probably a packet which contains a Layer 3 IP checksum error, was received and dropped. The cause of the issue is a device on the network that sends out bad packets. These issues, among others, can cause the bad packets: Bad NICs; Bad NIC drivers; Bad applications

In older Cisco IOS Software releases, these packets are normally dropped without being logged.
The feature of logging error messages about this problem is a feature found in Cisco IOS Software Release 12.2SX and later.

As a workaround, use one of these two options:

Use a network sniffer in order to identify the source that sends out the erroneous packets. Then, resolve the issue with the source device or application.

Disable Layer 3 error checks in the switch hardware for:

Packet checksum errors

Packet length errors

Packets that have the same source and destination IP addresses

Use the no mls verify command to stop these error checks, as these examples show:

Switch(config)#no mls verify ip checksum

!--- This configures the switch to discontinue checks for packet
!--- checksum errors.

Switch(config)#no mls verify ip length {consistent | minimum}

!--- This configures the switch to discontinue checks for packet
!--- length errors.

Switch(config)#no mls verify ip same-address

!--- This configures the switch to discontinue checks for packets that have the
!--- same source and destination IP addresses.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, April 20, 2010

WRV210 freezing - has to be rebooted frequently


We purchased a WRV210 two months ago to etablish a VPN-link between me and my parents. We have been able to set up the VPN between WRV210 and Fritz!Box 7270 more or less without any problem.
But after a week or so, the VPN goes down. After a few more days, the WRV210 freezes (at least at looks like from outside) and we are not able to get access to it from internet (remote ADM) and my parents are without internet-access.
After a reboot, the box is fit and running again. We hoped this problem were solved when we upgraded the firmware to latest firmware, but unfortunately it is still there.

You can not remote manage and can not access any serevices behind the router. It must be rebooted. Try installing the software version 1.1.17, click here to download the latest software/ firmware from Cisco. The GUI changes, but the system has all of its features and does not freez.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

RVL200 SSL VPN Certificate Expired / Not Working. "Publisher can not be verified


Our RVL200 lost its SSL VPN functionality. All appears to be working fine, until we try to open the VPN tunnel, at which point Windows/IE security won't let the ActiveX add-on run, because the certificate for xtunnel.cab is expired.
This is an issue because the certificates have expired. Cisco is aware of this and is working on an issue (as of April 20th 2010). There is a workaround -

you can add the RVL200's portal page to the Trusted Sites of the Internet Explorer and set the Security Level of Trusted Sites to Low to bypass the checking on the certificates of ActiveX add-ons.

If you set the security level of your IE browser to low correctly, the browser will bypass verifying the signing certificate of the ActiveX components, and therefore you should not see any error message complaining about expired certificate. I would not recommend this approach since it defeats the whole purpose - but can be a stop gap until Cisco fixes the issues.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, April 13, 2010

Cisco Call Manager 7.1.3 displays incorrect time on Phones


We have a call manager cluster configured and it is configured to use time via ntp server. The time that was displayed on the phones during the initial setup of the system was correct however when since last week we have noticed that the time displayed on the phones are incorrect. The phones are displaying the UTC time instead current time for the timzezone, how do we correct this?

On CUCM 7.1.3, new timezone structure was introduced.
Because of this, the phones need to be on firmware version 9 or above to recongnize the timezone settings.
For backward compatiblity (phones has firmware lower than 9), you may choose the timezone with a star (*) on CUCM 7.1.3

Also consider updating the device pack to verify the call manager.
Please click here for more details on Cisco Unified CallManager Device Package 7.1.3.

Then updated the phone firmware to version 9.
Please click here for more details on how to upgrade the firmware on the phone.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Cisco 881W - password recovery for AP module


How do you do a password recovery on the AP module within a Cisco 881W router? We are trying to make a change to an SSID config and we lost the password on the AP. When we do a password recovery on the router, it doesn't wipe out the config of the AP. We try to session into the AP and can't get past the username/password prompt.

The following script will do it.

service-module wlan-ap 0 reset default-config
and then reset the AP module
service-module wlan-ap 0 reset

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How do third party recorders use to capture audio from Cisco IPT?


There are two techniques that are predominantly used by third party vendors to capture audio.
  1. SPAN based: This is passive recording based on packet sniffing from IP phone ports or gateway ports and mirroring to recorder interface. Using this technique the recorders get hold of calls without intrusion and can feed their system database with CUCM data independently. No config is generally required for this configuration.
  2. DMS based: This is new technique in which the recorder is integrated with CUCM using JTAPI & SIP and certain configurations need to be performed. This is active recording wherein the CUCM instructs the phone to send a duplicate RTP stream to the recorder to enable recording.
Since SPAN is not used and communications are at L3, this is more scalable solution.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Missing Line Appearances on CUPS


We have the following error reported on the CUPS System Dashboard.
No line appearances currently exists on the Cisco Unified Communications Manager. In order for SIP Publish to work properly, line appearances must exist on the Cisco Unified Communications Manager

How can we troubleshoot this? Is this related to our lack of ability to see status changes on CUPC when a user has an on going call? We also see that the user device´s status in CUPS Presence Viewer has a question mark on it.

What this means is that either:
  1. You may not have properly configured your SIP PUBLISH trunk.
  2. If you think you have, then you probably haven't configured the Line Appearance Associations. This isn't the association of a device to a user through 'End Users' in CCM, but is the association of a specific line appearance (i.e. device/line pair) to the user.
To do this for a single user, browse to the user's phone or Device Profile (if using EM). Click their primary line, then scroll down to the bottom. You can add the user there as an 'associated user'. Save that and reset, and it should resolve the issue for the test user.

You can also do a bulk using the facility in BAT. To do this go to CUCM > Bulk Administration > Users > Line Appearance > Update Line Appearance. Click "View Sample File" to see the example.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How to trigger call transfer feature in a Call Handler


Our installation parameters are as follows -

Unity 5.01 with ES83 patch. After creating a Call Handler, the menu choices are:
Profile
Call Transfer
Greetings
Caller Input
Messages
We have created a schedule for the call handler. We have gone into Call Transfer and configured and enabled both standard and closed rules. However, the rules never seem to be active. Everything just goes to Greetings. How do we "trigger" call transfer?

Dial into Unity and then dial the DN from the CH during the greeting (as you would do to reach someone), or from another element in Unity perform an "attempt transfer" option and point to that CH.
Unfortunately the rules do not work on direct calls.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.
 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */