Search this Blog

Friday, August 27, 2010

Cisco Unity Connection 7.1.5-Default setting of voicemail.

We just installed unity connection 7.1.5. A small problem, when users hear their voicemail, the conversation tells them the time the message was sent and after they are done listening the message, the conversation tells them again about when the message was sent.

Example:- You have 1 new message, 1 for new message, message from XXXX sent at 4:35 PM, <> sent at 4:35

Is this default behavior in new Unity. Am I missing a enterprise parameter setting?
Another issue is that we are looking for an answer for a shared mailbox. We have an extension that we want to share across five phones and when someone leaves a message in this mailbox, the MWI should work accordingly on all five extensions.

Tips:

Playback Message Settings guide can be found here.

After Playing Each Message, Play

Check the Time the Message Was Sent check box to have Cisco Unity Connection announce the time that the message was recorded by the caller.


Default setting: Check box checked.

As for the MWI you can set more than one MWI for a subscriber, just add the other phones you want to get the MWI under the mailbox you need this. The link also has the MWI section of the subscribers and how to add them.

Just to add a note to the above tips .These settings can be configured under the individual user (Edit> Message Playback) or under the User Template (Message Playback)

For the second question:

You will just need to tweak the Message Lamp Setting in CUCM for the xxxx (Shared line) Line appearance on the IP Phones.


For the Line Setting on xxxx (on each phone that has the Shared Line)- Line Settings for this Device - Changes affect only this device. Message Waiting Lamp Policy - Light and Prompt


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How can we restore a Cisco 1811 Router to it's default settings.


We are trying to set up a Cisco 1811 router, and we restored the factory defaults using this method:

Method 1

This method uses the config-register 0x2102 command in global configuration mode.

1. Check the configuration register on the router by issuing the show version command.The configuration register setting is displayed in the last line of the show version command output and should be set to 0x2102. If this is not the case, enter the config-register 0x2102 command once in global configuration mode.

router#configure terminal
router(config)#config-register 0x2102
router(config)#end
router#

If the show version command is issued again, the same line in the command output will have '(will be 0x2102 at next reload)' appended to the current register setting.

2. Erase the current start-up configuration on the router with the write erase command.

3. Reload the router with the reload command. When prompted to save the configuration, DO NOT save.
router#reload
System configuration has been modified. Save? [yes/no]: n
Proceed with reload? [confirm]

Once the router reloads, the System Configuration Dialog appears.

--- System Configuration Dialog ---
Would you like to enter the initial configuration dialog? [yes/no]:

The router is now reset to the original factory defaults.Got to the line that said " Would you like to enter the initial configuration dialog? [yes/no]:" and we quit out of the hyper terminal as we wanted to do the configuration via the web interface . The problem is the router isn't giving any ip addresses. We tried the default address (10.10.10.1) but that didn't work. The computer won't even recognize that cat 5 cable is plugged in (we have verified that both the computer and cat5 cable work). All that is plugged into the router is a straight through cable coming from the modem (to get Internet) in FastEthernet 0 and a straight through plugged into port number 5 going to the computer. How can we get the router back to the settings it had when we took it out of the box. Those settings allowed to simply plug in a cat 5 cable to a computer, the computer would get an ip address (usually 10.10.10.2) we would open up a web browser and type in 10.10.10.1 the web interface would pop up .

Tips:

The router comes with a config on it that allows you do just plug a pc in, get an IP address and configure it using the ASDM but you've erased this.Boot the router, go into enable mode by typing 'en' and press enter.Type 'conf t' and press enter,then copy and paste the config below in. Once your done type 'exit' and press enter then type 'wr' and enter

hostname yourname
!
logging buffered 51200 warnings
!
username cisco privilege 15 secret 0 cisco
!
ip dhcp excluded-address 10.10.10.1
!
ip dhcp pool sdm-pool
import all
network 10.10.10.0 255.255.255.248
default-router 10.10.10.1
lease 0 2
!
no ip domain lookup
ip domain-name yourdomain.com
!
interface FastEthernet2
no ip address
no shutdown
!
interface FastEthernet3
no ip address
no shutdown
!
interface FastEthernet4
no ip address
no shutdown
!
interface FastEthernet5
no ip address
no shutdown
!
interface FastEthernet6
no ip address
no shutdown
!
interface FastEthernet7
no ip address
no shutdown
!
interface FastEthernet8
no ip address
no shutdown
!
interface FastEthernet9
no ip address
no shutdown
!
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-FE 2$
ip address 10.10.10.1 255.255.255.248
ip tcp adjust-mss 1452
!
ip http server
ip http access-class 23
ip http secure-server
ip http authentication local
ip http timeout-policy idle 60 life 86400 requests 10000
!
access-list 23 permit 10.10.10.0 0.0.0.7
!
banner login ^
-----------------------------------------------------------------------
Cisco Router and Security Device Manager (SDM) is installed on this device.
This feature requires the one-time use of the username "cisco"
with the password "cisco". The default username and password have a privilege level of 15.

Please change these publicly known initial credentials using SDM or the IOS CLI.
Here are the Cisco IOS commands.

username privilege 15 secret 0
no username cisco

Replace and with the username and password you want to use.

For more information about SDM please follow the instructions in the QUICK START
GUIDE for your router or go to http://www.cisco.com/go/sdm
-----------------------------------------------------------------------
^
!
no cdp run
!
!
line con 0
login local
line vty 0 4
access-class 23 in
privilege level 15
login local
transport input telnet
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
login local
transport input telnet
transport input telnet ssh
!
! End of SDM default config file

end

Also try the following:

leave your PC on DHCP on the router;

en
conf t
int vlan 1
no shut
exit
exit
wr

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, August 26, 2010

IPV6 address and link-local address

1) One of the feature of ipv6 is auto-configuration. With auto-configuration, a ipv6-device can configure itself with IP address without relying on dhcp server.But what about other parameters for e.g dns? So with ipv6 the need for dhcp is not completely removed is it correct?

2) Let say a ipv6-host boots up and configures itself with link-local address,FE80:: mac address. Next host receives a prefix 2001:: and host configures another ip address based on prefix received from router. Will router apply both addresses i.e link -local and address based on received prefix from router to a interface? If yes , which one will be used for communication?

1) The stateless autoconfiguration in IPv6 provides some of the most important IPv6 settings but it is not readily extensible and as an example, as you pointed out very correctly, the DNS server address cannot be currently assigned via Router Advertisement messages. Thus, the need for DHCPv6 is by far not alleviated and I am certain it will never be because the autoconfiguration is just a "quick-and-simple" way of doing things while the DHCPv6 is the fully-fledged solution for centralized IPv6 settings management (think of having fixed IPv6/MAC bindings, automatic web proxy discovery, TFTP service for IP phones, wireless LAN controller address for lightweight access points, WINS, whatever else is out there that can already be pushed to client via DHCP - the stateless autoconfig simply is not meant to provide these settings).

2) If a host receives a Router Advertisement message, it already has its own link-local address (derived from its MAC address as a modified EUI-64). The host simply uses this EUI-64 concatenated with the prefix received in the Router Advertisement and form a globally unique address. It will then use this globally unique address. With operating systems supporting the IPv6 Privacy Extensions, they also create a pseudo-random suffix to the IPv6 prefix received in the Router Advertisement message, and so, they have two global unique addresses - the one with the 64 random bits in the host part, and the one using the modified EUI-64. These operating systems will respond if they are contacted on every their IPv6 address. However, for outgoing connections, these operating systems will use the pseudo-random address. The EUI-64 derived IPv6 address 'speaks only when spoken to'.

Regarding the number of addresses on an interface (link-local, prefix+eui64, prefix+random), you are completely correct, that is how usually things look, at least in Windows. If you were using DHCPv6 then it's probable that the prefix+eui64 address would be replaced by a DHCPv6-assigned IPv6 address but that's just a nuisance.

Regarding the link-local address: a host uses for link-local communication like sending Router Solicitation messages, Neighbor Discovery messages and so on. However, this communication usually stems from internal "needs" of the IPv6 protocol. User software only seldom asks to communicate using the link-local address, obviously because we're using DNS hostnames for node identification and nobody is going to put link-local addresses in DNS - and even if he did, knowing just the link-local address is not enough because a link-local address per se does not tell your computer which interface should be used to send the packet to that address. Cisco routers generally refuse to forward packets to link-local addresses until you specify the outgoing interface explicitly. That is logical - a link-local address does not have a prefix identifying the network so there is no indication which interface should a packet targeted to a link-local address be sent out from.

Regarding the conflict of either random or link-local addresses: as you have correctly pointed out, stations do perform DAD when they are about to start using an IPv6 address. If a conflict is detected on a random address, the station can simply generate a new random IPv6 address and verify whether that is unused. I must admit I don't know what will happen when a conflict with link-local addresses ensues but I suppose that the driver will simply do what it can - stop using the link-local address and alert the administrator of the station about this incident. Please note that there is no way out of this situation until and unless the stations have unique link-local addresses. Two stations having the same link-local address on a segment would be actually unable to exchange data because they would not be able to distinguish their own packets from the other party. At least that's my idea











1) you have already found the biggest drawback of stateless auto configuration: lack of DNS information. This has been a great limit for IPv6 adoption before working implementations of DHCPv6. It is a pity that introducing IPv6 this aspect hasn't been addressed.

2) an IPv6 host will use link local or global addresses (more then one is supported) depending on what source address was used by first sender.

You can imagine that an IPV6 interface can have a link local, a unique local address, and one or more global unicast addresses.

It depends from case to case, so if sending traffic to a link local destination, link local will be used, if sending to an unique local the unique local and so on.

Be aware that router advertisements can advertise prefixes that are on link (reachable by simply using neighbor discovery) and prefixes that are off link where the router has to be used to reach them (default gateway). So each host can build its own tables including a table of next-hops to be used.

An IPv4 host cannot contact directly an host that is in a different subnet even if it is in the same broadcast domain. An IPv6 host can do this.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Does CUE AA or IVR script support the recording of a voice message and send to a users' mailbox

We have a CUCME with a CUE and we have the following call flow:

The caller dials the PSTN number and the Auto-attendant prompts him to enter the extension he wants to reach. The phones are forwarded on No Answer to Voice Mail and the caller can record the message that he wants. We need to give the caller after the Ring No Answer timeout the option to choose whether to dial another extension or record a message in the voice mail. Can we do this using an AA script or IVR script on Cisco Unity Express.

Tips:

What you want is zero-out to AA during Voice Mail.

Step 1. Have users re-record their personal greeting, saying "to return to Auto Attendant, press 0". Unfortunately, it is not possible to have a system wide announcement for that.

Step 2. In CUE, configure VM operator number to be AA number. The default caller-input action of pressing 0 will transfer the call back to AA without leaving a message.

Note: for a variety of reasons, it is not really possible to do differently, even using a custom CUE script.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Wednesday, August 25, 2010

G711 local calls and G729 between branches

We have one main site and we are planning to have 300 branches. We want to have G711 codec to be between phones when they call local and G729 over the WAN. We have unity server on main site serving main site users only and i have CUE on each branch to serve each branch.

All our branch users will be registered to main site where we have centralized call processing (CUCM cluster).If we have to create one region for each branch and each branch will contact the other branches then it will end up with 300 relationships for each region. What is the recommended way to have G711 localy and G729 over the WAN ?

Since you want g711 intra-region. You will need to have each site in it's own region, so that you can set the site to 711 inside the region, and 729 between. If you were okay with g729 intra-region, then you could get by with 1 or two regions set to g729 for everything.CUCM should be fine with that many regions, though. You can use something like BAT to add all the regions. Each remote site is likely going to need it's own CSS and route patterns anyway.

From a configuration standpoint all you do is set intra-region to g711, and then have the default between regions (enterprise service parameter, I think) set to g729. So from a configuration perspective it isn't too bad.

You'd need transcoders at every site if you did g729 intraregion. If you had all of your subscribers on Unity at the HQ, you could get by with a transcoder farm all located at the HQ site and use this solution.
To set the default inter region traffic to G729 through Enterprise service parameter

Intraregion Audio Codec Default

If you are turning up 300 branch sites, you may want to consider looking into Cisco Unified Provisioning Manager. You can probably talk to your account team more in regards to if that would fit your business needs.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Tuesday, August 24, 2010

VPN-filter question in 8.2.3 or 8.3.2-where the source is in the src_ip and the destination is in the dest_ip positions of the syntax?

There is a 2008 document titled "PIX/ASA 7.x and Later:VPN Filter (Permit Specific Port or Protocol) Configuration Example for L2L and Remote Access" found here: PIX/ASA 7.x and Later: VPN Filter (Permit Specific Port or Protocol) Configuration Example for L2L and Remote Access

In it is written:

When a vpn-filter is applied to a group-policy that governs an L2L VPN connection, the ACL must be configured with the remote network in the src_ip position of the ACL and the local network in the dest_ip position of the ACL.

This has always been because in every other Cisco product, ACLs are constructed with the source being in the src_ip - the first position - of the ACL syntax.
Has this been changed in either 8.2.3 or 8.3.2 to follow the normal ACL syntax - where the source is in the src_ip and the destination is in the dest_ip positions of the syntax?

The reason why we want to use a vpn_filter is to limit what traffic can initiate the tunnel and bring it up. Say I want local host A to open a tcp sockets connection to remote host B on tcp port 104. I want only tcp 104 from A to B to bring the tunnel up. we don't want any IP to bring the tunnel up and then have to restrict traffic to only tcp 104 after the tunnel is up. The way the vpn-filter ACL syntax seems to work then - since it's bidirectional - is it will allow host B to bring the tunnel up too.

access-list permit host B 104 host A (this will allow both host A and B to bring the tunnel up?)

How do we do a L2L config where only local host A opening a tpc 104 connection to remote host B will bring the tunnel up? Or is this not possible with the ASA?

Tips:

The idea for a vpn-filter was to pemit or deny particular certain traffic entering the security device through vpn based on criteria such as source address, destination address, and protocol. Hence the access-list configuration is different from the normal access-list configured on the ASA. So it basically considers the traffic sourced from the remote end to the internal network behind the ASA to matched for filtering hence the reversal of source and destination. This has not changed in 8.2.3 or 8.3.2. So you would not be able to restrict what traffic brings up the tunnel using vpn-filters.

Better option would be to have an access-list on the inside interface of side A allowing traffic from host A to B only on tcp 104 and not on other ports.

Also, if you would like only Site A (which has host A) to initiate the tunnel and not Site B (which has host B), you will need to add the following command to the crypto map on Site B: Please find the reference link here.

That is, Site B should be answer-only. Hence, Site B will no initiate the tunnel.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How can we create two group url's with a unique group url and a ssl cert grou url?

We need to provide two different SSL VPN environments for two different customers on the same ASA 5510 appliance. Can we create two Group policies, each with a unique group url specified and then assign a ssl cert matching the group url? From an IP perspective, they would both be hitting the same outside IP address.

Ex:

Group_policy: customerA

Group URL: https://remote.customera.com

ssl cert: remote.customera.com

Group_policy: customerB

Group URL: https://remote.customerb.com

ssl cert: remote.customerb.com


1. Can you use 2 seperate urls on the same ASA for two separate connection profiles

2. Can you use 2 seperate certificates to validate the two urls

Regarding your first query, yes this can be done. You will have to create 2 separate group-policies and 2 conenction profiles aka Tunnel groups. Under each tunnel group define a separate group-url and assign the corresponding group-policy. Your configuration might look something like this:

ASA(config)# group-policy customerA internal
ASA(config)# group-policy customerA attributes

(configure the respective attribute)

ASA(config)# Tunnel-group customerA type remote-access
ASA(config)# Tunnel-group customerA general-attributes
ASA(config-tunnel-general)# default-group-policy customerA

ASA(config)# tunnel-group customerA webvpn-attributes

ASA(config-tunnel-webvpn)# group-url https://ASA1/remote.customera.com

Repeat the above steps and replace "customerA" with "customerB"

Regarding your second question, you can only configure one trustpoint to be used with one interface. So you need to do either one of the following:

1. get a UCC( Unified Client Certificate) for your ASA:

Obtain One UCC with multiple CNs/SANs (Subject Alternative Name extensions) for each ASA FQDN/IP. So you need a UCC certificate with the CN for master FQDN or IP, and SANs for each ASA: ASA-1 FQDN or IP, ASA-2 FQDN FQDN or IP, and so on. Several PKI/Certificate vendors support UCC:godaddy.com, entrust.com, verisign,etc.

Note: the ASA cannot generate a Certificate Signing Request (CSR) with multiple SANS (CSCso70867 is the enhancement asking for this capability ), so you have to have the PKI vendor submit the enrollment for you.

On ASA configure one trustpoint '' and Install/Import the UCC certifcate in this trustpoint. Bind this trustpoint to the outside interface.

2. OR get a wildcard certificate. Wilcard certificates are discouraged in favor of UUC certs. According to one vendor, Entrust, these are 2 main reasons:

  1. UCC is more secure than wildcard certificates since Entrust UC Certificates specify exactly which hosts and domains are to be protected
  2. UCC is more flexible than wildcard certificates since Entrust UC Certificates aren't limited to a single domain

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How can we add L2TPv3 redundancy to the router?

We have two data centers at different sites. We have two WAN connections and two WAN routers on each end for redundancy. We currently have one router at each end configured with a L2TPv3 tunnel extending a vlan104 across the two sites.

What is the recommended way to add a L2TPv3 tunnel to my redundant routers?We are cautious to simply pin up another L2 tunnel since we are thinking that spanning tree won't like having two L2 connections across the WAN. You can extend the same VLAN to your redundant routers and tweak with STP parameters to make one router/link primary and the other secondary.

If your network is MPLS enabled then you can look for enabling ATOM L2VPN as there is a feature called "Pseudowire redundancy" which would be ideal for your requirement. Pseudowire redundancy is not applicable for L2TPv3 based VPNs. Please click here for the L2VPN Pseudowire Redundancyfeatures guide.

You can manipulate the port cost under the interfaces in switch with
interface fax/x
spanning-tree vlan cost - For Specific VLAN (or)
spanning-tree - For all VLANs
This way the port with higher cost become secondary and with lower one become primary.

Please click here for the document that explains basic STP configuration and understanding. Also please click here to refer the document with more information on STP configuration.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

WCCP with multicast for dynamic services

We are trying to configure WCCP forwarding of HTTPS traffic with a multicast group. The group-listen configuration option doesn't seem to be taking effect for numeric service_ids. To eliminate problems with the web-caches we tried ping-testing, and the routers respond on any address configured with web-cache, but none configured with any numeric service ID. I've searched the support pages and release notes, but have found no mention of this behavior for our test routers (800 series running 12.4(22)YB) or any other router/IOS combination.

example config:

ip wccp web-cache group-address 224.100.100.101 password password

ip wccp 70 group-address 224.100.100.102 password password

In the above configuration pings to 224.100.100.101 are responded to by the router's unicast address, where pings to 224.100.100.102 are not responded to at all. WCCP in all-unicast mode works with HTTP and HTTPS, and with HTTP in multicast. We can update the router's firmware if this will help, but since there is no mention of this issue in any documentation we don't want to just randomly mess with my firmware in hope of a solution. Is there a solution exist for this issue?

Add ip wccp 70 group-listen on the wrong interface. Working config, for the next guy to fall off this bridge:

...

ip wccp web-cache group-address a.b.c.d password password

ip wccp 70 group-address a.b.c.d password password

...

interface TheCorrectInterface1
ip address x.x.x.x y.y.y.y
ip wccp web-cache redirect out
ip wccp web-cache group-listen
ip wccp 70 redirect out
ip wccp 70 group-listen
...

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

877 Router IOS Issue-Command needed to make the newly downloaded bin file my main flash file that the router now boots from?

We managed to wipe my IOS from my Cisco 877 Series router.Now using TFTP we have managed to reload the software and boot up the Router (previously we were stuck in Rommom mode).

If we power the router off and turn it back on and brought back to Rommom mode again and have to reload the IOS again. What command do we need to use to make the newly downloaded bin file my main flash file that the router now boots from?

What option are you using when you TFTP the IOS to the router? Are you by any chance using "tftpdnld -r" option? Please try the following:

Step 1: Upload the file via tftpdnld (like before)
Step 2: Boot the router
Step 3: Check the flash content and make sure that image is there.
Issue the command "show flash" at "Router#" prompt
Step 4: If the image is missing, copy the image
Issue the command "copy tftp flash" at "Router#" prompt
Step 5: Set the configuration register value to 0x2102
Issue the command "config-register 0x2102" at "Router(conifg)#" prompt
Step 6: Make sure that there is no boot statement in your configuration
Issue the command "show run | i boot system" command at "Router#" prompt and make sure that there is no output for that command.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Jumbo frames (w/ df.bit =1) on VSL link? How do we set MTU on a VSL link?

We are testing out a VSS solution to a customer who, against our STRONG recommendation will need to plug single-homed some servers into a pair of 6748-GE-TX that exist on VSS both chassis. The distance between the two boxes will be superior to 100m.

We are testing out the scenario where we have jumbo frames crossing the VSL between the two chassis, and we can't get past 1500byte frames.

We understand and agree that the power of the VSS is on the MEC, but in case some machines are single-homed, and they send out unfragmentable jumbo frames to the network, they do not seem to get past the VSL link.

The IOS client does not allow us to set the MTU on the VSL link.How can we achieve it?

Tips:

There is no way to configure the MTU on the VSL (port-channel or physical links).
By default the VSL supports an MTU of 9126 already, so it doesn't require additional configuration.This is why it cannot be configured from the IOS CLI.

There is one known cosmetic issue with the above that will be fixed in future IOS versions in the SXI train. When running the command 'sh interface' the MTU will be showing 1500, however this is incorrect.This cosmetic issue is reported in the following bug:

CSCsz01779 "MTU on VSL should be 9216":Click here for details.So if the frames are actually not passing end2end in your case the reason could be not on VSL link,but on some other port in transit.It could on Servers side as well.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

How does the hot swappable modules get config in 6500 switches

On cisco 6500 switches when we replaced line cards we know that they are hot swappable.That means when we install the modules they are plug and play.How do the new line cards get the config back from supervisor?

Tips:
  • The config is on the NVRAM, so when you replace a module the config is still applies to that module as long as you put the new module in the same slot as the old one.The line cards have memory/buffer but do not hold configs. Config is on the SUP module.
  • The hardware replacement has to be the same. For example: if you have a 10/100/1000 copper card and it has gone bad, replace it with same exact line card not with a 10/100 card, because not all features are supported in all modules. As long as you do an exact replacement in the same exact slot number, you should be fine and should see the config restored.
Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Monday, August 23, 2010

How can we integrate Nortel phones with Cisco call manager phones?

We have existed voice infrastructure (Nortal based), and we just bought Cisco solution (unified communication manager version 7), is there any way that we can integrate the nortal phones with call manager phones and integrate them as one network.

It is going to depend on what kind of Nortel solution you have. If you have a new IP based or hybrid you can use sip trunks (or even sip proxy). For the old method with simple TDM based Nortel Option 11/81 PBX would be to use a PRI between the two (with QSIG as your signaling protocol).

Essentially insert a Cisco gateway with T1 PRI ports in the middle. Connect your Nortel to the Gateway on one side, and your Call manager to the Gateway on the other side.

Please click here for the document.

(note, CS1000 is in this doc, but older Option 11/81 integrate same way.

Please click here for another document.

(sip trunk between CS1000 and call manager).

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

What are the software included in the Cisco uc8 nfr?

Is there an uc8 nfr kit that we can order? what are the software included in the uc8 nfr and any part number for that to place order?

You need to be a Cisco Voice Partner to order

Cisco Unified Communications System Release 8.0 - Partner Bundle Offering (PBO).

Part#: UC8.0.2-K9-PBO Rev. 0 - Release date : May 11 2010

The top level system NFR part number includes the following server software components:

Cisco Unified Communications Manager.8.0 (including Business Edition)
Cisco Unified Presence 8.0
Cisco Unified Mobile Advantage 8.0
Cisco Unity Connection 8.0
Cisco Unified Integration for Microsoft Office Communicator 8.0
Cisco Unified Integration for Webex Connect (CUCICONNECT) 7.x
Cisco MeetingPlace 8.0
Cisco Unified Mobile Communicator 7.0
Cisco Unified Personal Communicator 7.1
Cisco IP Communicator 7.0
Cisco Unified Communication Widget 8.0
Cisco Unified Application Environment 8.0
Cisco Voice Portal 8.0
Cisco Unified Contact Center Express 8.0
Cisco Emergency Responder 8.0
Cisco Unified Provisioning Manager 2.1
Cisco Unified Operations Manager 2.3

There is no hardware included in this offering. The hardware used must match the hardware requirements of the individual components.

Each product above includes a default number of licenses.

Cisco Unified Communications Manager 8.0(x) - 1 Node license + 150 Device License Units (DLU). The licenses are pre-populated and license file install is not required. (3 node license on VMware)
Cisco Unified Communication Manager - Session Management Edition 8.0(x) - 1 Node license + 200 Sessions. The session licenses are honor based so license file install is not required.
Cisco Unity Connection 8.0(x) - Includes default licenses for 10 mailboxes 2 ports 30 sec messages max
Cisco Unified Presence 8.0(x) - License PAK included. PAK is used to acquire a license file that can be installed to activate the system.
Cisco Unified Contact Center Express 8.0(x) - includes software media kit for Cisco Unified Contact Center Express. Includes license PAK for HA, 6 Premium seats.
Cisco Voice Portal 8.0(x) - License PAK included. PAK is used to acquire a license file that enables up to 30 VXML sessions.
Cisco Unified MeetingPlace 8.0(x) - Includes 6 concurrent user licenses of voice and video.
Cisco Emergency Responder 8.0(x) - Media and PAK
Cisco Unified Personal Communicator 7.1 - PAK enables up to 10 clients. Please click here to download software.
Cisco Unified Integration for Microsoft Office Communicator (CUCIMOC) 8.0 -Please click here to download software.
Cisco Unified Integration for Webex Connect (CUCICONNECT) 7.x - Please click here to download software.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Sunday, August 22, 2010

Replacing the Router with a higher throughput

We have 4 branch offices connected through 100mbps link with Cisco 2600 routers which has the throughput of 15mbps.

Now we are planning to replace these routers with Cisco 2901G2 ISR routers which has the throughput of 167mbps.

So if we e replace the routers at one location is it going to put more load on other routers as the new routers can handle more traffic than other 2600 routers? Should we replace all routers at once?

Tips:

It is possible that new router in one location will send out more traffic to other branches if users sends out more traffic from this new location to other location.

But, you can prevent this with shaping policy applied to your new router's outgoing interface if you experience this issue.

int G0/0

service-policy pm-shape out

policy-map pm-shape

class class-default

shape average 15000000

So, It is suggested the you should replace one location first and monitor.

If you find congestion on other location as new router sends out more than 15 mbps, then you can apply above shape policy to restrict new router's capability until all locations are upgraded.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Thursday, August 19, 2010

Problem in HSRP - Standby IP can't ping from standby device

We have configured all the devices as shown in topology and configuration.

Part B is older Network which is working on Static Routing and Part A is newer Network which need to be using Dynamic Routing.We have used OSPF for the same. HSRP is working ok. But we have found that we can not ping standby ip fron the device where the specified vlan is in standby or otherthan active state.e.g.

on CORE - 1

Vlan 2 is Active and on rest of COREs this vlan is either in Standby or Listen state. In this case we can not ping standby ip i.e. 10.24.100.1 from CORE - 2 , CORE - 3, CORE - 4 where vlan 2 is not active.

Also we have found that HSRP is changing its state continously after some time.

We have also tried the same by doing all the topology using Dynamic Routing but the result is same. Please help to resolve this issue. Or Please suggest what can I do in this topology so that we can resolve or improve the performance.

1. Mostly, HSRP is providing default gateway redundancy for end devices, like PC or servers, so that end devices points virtual HSRP IP address as their default gateway and end devices can always go out to other subnets even if one router failed.

* RFC mentioned as: -HSRP is not intended as a replacement for existing dynamic router discovery mechanisms and those protocols should be used instead whenever possible [1].

2. So, you should configure HSRP on Distribution SW for access vlans, not in core.

Some customer configure HSRP for routing redundancy but it is not a good practice

Routing protocol provides better redundancy for L3 connections.

For redundancy for CORE and Distributions, you should just rely on OSPF protocol.

Please click here for the Cisco Data Center architecture Overview to learn more on how you should design 3 Tier networks.

* VLAN 1, 3 and 4 all have the same HSRP Group ID of "3". This discrepancy should be evident in the "sh logs".

* When you define the same HSRP group ID on multiple interfaces, they all share the same HSRP virtual MAC address. In most modern LAN switches, there are no issues because they maintain a per-VLAN MAC address table. However, if your network contains any third party switches which maintain a system-wide MAC address table regardless of VLAN, you may experience problems.

Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.

Cisco 881G Router cannot find boot image

Our Cisco 881G router cannot find its' IOS image after enabling the global command secure boot-image.

R# dir flash:

-- IOS image listed along with all the other files in flash- This is normal and the way it is suppose to function.

conf t

secure boot-image

end

wr

R# dir flash:

-- no IOS image found but all other files remain -This is normal and the way it is suppose to function.

R# Perform a power reset

cannot find image

rommon 1 >

rommon 1 > i

cannot find image

rommon 2 > boot

cannot find image

rommon 3 > boot flash:

cannot find image

rommon 4 >

confreg 0x2142

reset

cannot find image

rommon 1 >

rommon 1> i

cannot find image

Tips:

It is suspected that the IOS image name is hidden under a file name that probably starts with a dot character, just like "hidden" files in Unix systems. Regarding the upgrade of the ROMMON itself, the sequence is described here.

The bigger problem, however, is that I was not able to find any upgrade ROMMON for your router 881. There are upgrade ROMMONs for different 800 models but not for 88x. Of course, they are not interchangeable (or at least we should not assume that they are).

Do you have a support contract with Cisco? If yes we suggest very strongly to contact them. This may be quite out of our reach to solve.

You can try copying the IOS image on a usb flash drive and plug it in an available usb port on the router. Then enter 'dev' command to see if the router recognized the flash drive.

To boot from usb try 'boot usbflash0:image.name or usbflash1:image.name'. Once the router boots up then copy the ios image form the usb to the internal flash: drive and you are all set.


Citation - This blog post does not reflect original content from the author. Rather it summarizes content that are relevant to the topic from different sources in the web. The sources might include any online discussion boards, forums, websites and others.
 
/* Google Analytics begin ----------------------------------------------- */ /* Google Analytics end ----------------------------------------------- */