angryciscoguy

So, I am seeing a lot of Cisco phone proxy installs lately and thought I’d put together a quick cheat sheet for the configuration that you will see in 99% of your installs. This of course is where you are not encrypting voice on the internal side so no fancy CAPF CTL to CM junk. The config is actually rather basic in this scenario (when you know what you are doing and understand the components involved).

Prerequisites:

• ASA 8.0.4 code release
• ASA already configured and working as basic firewall with inside and outside connectivity.
• A minimum of 2 Global (external) IP addresses for this feature
• Basic ASA configuration knowledge
• Basic Cisco Communications Manager knowledge
• > 2 working braincells

IP Configuration:

• Internal CM address    192.168.1.1 (required)
• Internal CM address    192.168.1.2 (optional)
• External TFTP Address #1  1.1.1.1 (required)
• External TFTP Address #2  2.2.2.2 (optional)
• External Media Address 3.3.3.3 (required and must be dedicated to this feature)
• External phones must be pointing to external TFTP IP address(es) as configured by ASA.

Config:

Below configuration includes the extra input as required. A show run will not show all these commands and will additionally show  auto generated configurations that are part of this config but not seen below. (for more details, see prerequisite #4 and #6). Additionally this config does not show you how to get the URL functions of the phone working (Enterprise Parameters setup in CM). That usually involves one of the 2 following configs: reverse http proxy to CM that you use to point the ip phones to (more secure, requires http reverse proxy server); pinhole in ASA (port forward) to point the external adddress ports to the internal http ports on the CM server (less secure).

So on to the ASA config…

Read the rest of this entry »

Want to easily search Cisco or it’s subsites such as the Bug ID or command lookup tool without going to cisco.com? Then simply add Cisco search to your browser search bar. Works in IE and Firefox on both Mac and PC. Find out the details here.

Metreos was purchased by Cisco not too long ago for a phone proxy appliance that sat in a DMZ to allow ip phones to register across the internet to your call manager (err communications manager) cluster without the use of any vpn appliance nor exposing your CM to the internet. Cisco rebranded the appliance an sold it for short period of time as the Cisco Unified Phone Proxy. August saw the release of ASA code 8.04 which now includes this functionality and replaces this appliance. This is a licensed feature that you purchase per the number of proxy’ed connections you require, however ASA allows 2 connections for testing without any additional licensing.  Alternatively you can purchase a secure cm bundle that includes the asa and proxy licenses along with cm. The license is called “UC Proxy Session”. It’s notable that even the lowend IP Base version ASA 5505 has this functionality of which I am using to test this out myself.

To configure this, simply head to your asdm and navigate to Configuration/Advanced/Encrypted-Traffic-Inspection/Phone-Proxy and run through the fields. It’s very straight forward. For those looking to go cli or want more details, navigate here for the official documentation.

Just ordered my IPExpert BLS Voice. Sofar, everything I’ve seen and heard has been promising. I’m a little concerned on the flexibility of the training due to the copyright security in place. What I’ve heard sofar, it seems that you must be online to open any of the training which could be a little troublesome when sitting in a airport without wifi. I’ll know more in a few days when it arrives and continue commenting on the experience.

Interesting link here. Is this possible?

http://pushkarbhatkoti.wordpress.com/…qos-in-10-minutes/

While SRST has it’s place, it limits are easily found. A while back Cisco introduced a new feature to CME that allows it to perform SRST functions with the added features that CME provides. I recently tried this configuration out myself and was pleasantly pleased in it’s performance. Check out the details for yourself here:

http://www.cisco.com/en/US/docs/voice_ip_comm/cucme/admin/configuration/guide/cmesrst.html#wp1015579

I chose to use the setup where the CME “learns” the config of the phones similar to how normal SRST works. A “gotcha” with this (that got me… >:8 grrr)  was the restriction that you dont save your IOS configuration while in fallback mode. And yes, it is documented… The reason for this is due to the way CME-as-SRST handles it’s ephones and ephone-dn’s. In a normal SRST setup you will nto see these in the config, however in the CME-as-SRST setup you will, but only during fallback. If you save the config you are essentially staticly configuring those phones and the system can no longer learn the configuration during the next fallback. The symtoms present themselves as phones that seem to revert to old configuration when fallback is operational. The fix is to delete all the learned ephones and ephone-dn’s while the system in not in fallback mode and then “write mem”.

Cisco DMS (Digital Media System) is a suite of applications that provide video content in several different formats. This includes pushing content to digital signs (video displays) such as those that you see in lobbies of hotels and businesses. Additionally it manages content that is pushed to web clients (think Youtube for corporate). The topology is fairly easy. The main physical components that make up DMS are:

• DMM – Digital Media Manager
• DME – Digital Media Encoder
• DMP – Digital Media Player
• VP – Video Portal

To understand how all these pieces work with each other, it is important to look first at the DMM. Read the rest of this entry »

At times it is not necessary for voicemail boxes or advaced auto-attendant features on a remote gateway that is serving a small office. This is especially true for remote non DID (ie FXO trunked) SRST gateways that are only active a small amount of time. Instead of adding a AIM-CUE or NM-CUE voicemail module in the gateway, basic auto attendant features can be provided right in IOS. Read the rest of this entry »

How many times have you wished you could see the screen of the phone of the user you were supporting remotely. Check these guys out. They have a neat product for assisting with remote support to Cisco IPPhones. They have a couple of other neat tools as well.

http://www.voipintegration.com/software.html

Many admins spend a great deal of money on management software for the sole reason of getting config backups on a regular basis from their Cisco IOS devices. With this simple setup, you can automate this directly from your device. You can send the config to any number of destinations. Read the rest of this entry »