Pete’s Packet

I don’t think I can. I know I can!

Cisco Unified Communications Solutions 8.0 Beta Training Posted On PEC

Posted by Peter Kurdziel on December 11, 2009

This series of VoDs allows Advanced Unified Communications and top
solution providers from around the world, along with Cisco technology
experts and specialized channel partners to learn about what is new
with Cisco’s Unified Communications 8.0 Solution Release. This set of
VoDs are designed to provide technical training on the next generation
Cisco Unified Communications solution release in advance of its market
launch. In addition to Communication Manager, applications such as
Unified Messaging, Presence, Contact Center, Mobility and Collaboration
will be among the many topics covered. System level modules will also
be featured.

 

This
posting is targeted at individuals that are involved in the technical
aspects of designing, implementing and supporting a Cisco Unified
Communications (UC) system solution. The job functions for ideal
attendees include:

• Testing and Certification of new versions of Cisco UC systems

• Field installation and configuration of Cisco UC systems

• Solution and/or design engineering for Cisco UC systems

• Operations support for Cisco UC systems.

 

Access UC 8.0 Solution Release Beta Training on PEC

 

– OR –

 

http://tinyurl.com/UC80-Training-PEC

 

– OR –

 

http://www.cisco.com/cgi-bin/front.x/wwtraining/PELC/main.cgi?URL=searchOffering%3Ftitle%3DUC8.0%20Solution%20Release%20Beta%20Training

 

Currently Available VoDs:

Cisco Unified Communications Manager v8.0 – Part 1

Cisco Unified Communications Manager v8.0 – Part 2

UC Branch Survivability Update (SRSX)

Cisco IP Phone Update

Service Advertisement Framework (SAF) Call Control Discovery (CCD)

Intercompany Media Engine

Cisco Intercompany Media Engine

Cisco Unified Communications Manager Extension Mobility Cross Cluster – Part 1

Cisco Unified Communications Manager Extension Mobility Cross Cluster – Part 2

Cisco Unified Videoconferencing 7.0 Technical Overview

Cisco Unified MeetingPlace 8 Technical Overview – Part 1

Cisco Unified MeetingPlace 8 Technical Overview – Part 2

Cisco 2900 and 3900 Series as a UC Platform

CUCM Voice Gateway and Infrastructure Update

Cisco Unified Communications on Unified Computing System and UC Manager on VMware

Messaging Product Update

UCBU Presence & Clients Update – Part 1

UCBU Presence & Clients Update – Part 2

Cisco Unified Mobility Advantage (CUMA) UC Release 8.0 November 2009

Next Generation Collaboration Roadmap

Cisco UC Widgets Click to Call

Cisco Unified Workspace Licensing Updates

Cisco’s Hosted & Managed Unified Communications Solutions

CUCM Security Update

Cisco Unified Attendant Consoles

Cisco Unified Workspace for Partners

Cisco Unity Cisco Unity Connection Interoperability – Part 1

Cisco Unity Cisco Unity Connection Interoperability – Part 2

Cisco Unified Contact Center Express 8.0 (CCX)

Phone Firmware Sharing: An Improved Distribution Model

CUBE ASR SIP Trunking Update

CUAE 8.0 & Applications

WebEx Node

UC / WebEx Integrations

Cisco WebEx Connect C6 & Beyond

Cisco Unified Communications Mgt Suite(CUCMS – Part 1

Cisco Unified Communications Mgtt Suite (CUCMS) – Part 2

Cisco TelePresence Market Update & 1.6 Solution Overview

Cisco AS medianet Services – mRA and mCA

 

If
you have any technical questions regarding the UC8.0 Solutions Beta
Training content please post them here on the UC8.0 Readiness community
- http://tinyurl.com/UC80-Readiness

Posted in Routing & Switching Lab | Leave a Comment »

UC520 for small business config (lab)

Posted by Peter Kurdziel on December 11, 2009

Current configuration : 37745 bytes
!
! Last configuration change at 19:50:34 PST Thu Dec 10 2009 by cisco
! NVRAM config last updated at 19:46:18 PST Thu Dec 10 2009 by cisco
!
version 12.4
parser config cache interface
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
service internal
service compress-config
service sequence-numbers
!
hostname UC520
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
logging buffered 4096
enable secret 5 $1$Wkdr$TVmJi0PNhcULI6FcfrWHQ.

aaa new-model
!
!
aaa authentication login default local
aaa authentication login Foxtrot_sdm_easyvpn_xauth_ml_1 local
aaa authorization exec default local
aaa authorization network Foxtrot_sdm_easyvpn_group_ml_1 local
!
!
aaa session-id common
clock timezone PST -8
clock summer-time PST recurring
!
crypto pki trustpoint TP-self-signed-971980883
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-971980883
 revocation-check none
 rsakeypair TP-self-signed-971980883
!
!
crypto pki certificate chain TP-self-signed-971980883
 certificate self-signed 01
  3082023B 308201A4 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  30312E30 2C060355 04031325 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 39373139 38303838 33301E17 0D303931 32313031 36323935
  305A170D 32303031 30313030 30303030 5A303031 2E302C06 03550403 1325494F
  532D5365 6C662D53 69676E65 642D4365 72746966 69636174 652D3937 31393830
  38383330 819F300D 06092A86 4886F70D 01010105 0003818D 00308189 02818100
  A80E5089 B9837443 26DC3063 D8A27A05 9B979CCC A329E4D7 8AB2023B 8691D0A2
  7792CA3F EA989D3D B0E32AF1 E8E99C52 712D1EE4 5546724E 16B15DC4 A73A0F79
  74345262 4F159CC6 465FC221 4CB827E6 0FB832C5 C5B852C3 731AB1EA 2C60F5A5
  DD3AFF0D 0773B166 49405F30 83AD7050 AEF311DE 0CFD593B FB22AC96 323D0AB5
  02030100 01A36530 63300F06 03551D13 0101FF04 05300301 01FF3010 0603551D
  11040930 07820555 43353230 301F0603 551D2304 18301680 1476722E 85FAFABE
  5FDF3C29 F637B6B7 8F1872FA 25301D06 03551D0E 04160414 76722E85 FAFABE5F
  DF3C29F6 37B6B78F 1872FA25 300D0609 2A864886 F70D0101 04050003 8181000F
  6B55BDD0 8219F058 38675D3E 9B73BDC8 39B418ED BA3E60A2 3D773E7F FB12BF32
  0C395CDE 9492A82E 47B20F3D 108A73CE 755CBF1D 49DB2158 A7826586 D24001CA
  4D9DEA4F F46F4572 0DCDE5C5 F2FC8521 C665AC25 635DA546 E25FCFCB 29BE665C
  F444B950 DDCBD1AE BA07936B C02CB9A7 66BF4705 0D6BF7DE 4A784901 B73481
        quit
dot11 syslog
no ip source-route
ip cef
!
!
ip dhcp relay information trust-all
ip dhcp excluded-address 10.1.1.1 10.1.1.10
ip dhcp excluded-address 192.168.10.1 192.168.10.10
!
ip dhcp pool phone
   network 10.1.1.0 255.255.255.0
   default-router 10.1.1.1
   option 150 ip 10.1.1.1
!
ip dhcp pool data
   import all
   network 192.168.10.0 255.255.255.0
   default-router 192.168.10.1
!
!
ip name-server 1.1.100.254
ip inspect name SDM_LOW cuseeme
ip inspect name SDM_LOW dns
ip inspect name SDM_LOW ftp
ip inspect name SDM_LOW h323
ip inspect name SDM_LOW https
ip inspect name SDM_LOW icmp
ip inspect name SDM_LOW imap
ip inspect name SDM_LOW pop3
ip inspect name SDM_LOW netshow
ip inspect name SDM_LOW rcmd
ip inspect name SDM_LOW realaudio
ip inspect name SDM_LOW rtsp
ip inspect name SDM_LOW esmtp
ip inspect name SDM_LOW sqlnet
ip inspect name SDM_LOW streamworks
ip inspect name SDM_LOW tftp
ip inspect name SDM_LOW tcp router-traffic
ip inspect name SDM_LOW udp router-traffic timeout 300
ip inspect name SDM_LOW vdolive
no ipv6 cef
!
!
stcapp ccm-group 1
stcapp
!
stcapp feature access-code
!
!
!
!
multilink bundle-name authenticated
!
!
trunk group ALL_FXO
 max-retry 5
 voice-class cause-code 1
 hunt-scheme longest-idle
!
!
voice call send-alert
voice rtp send-recv
!
voice service voip
 allow-connections h323 to h323
 allow-connections h323 to sip
 allow-connections sip to h323
 allow-connections sip to sip
 supplementary-service h450.12
 no supplementary-service sip moved-temporarily
 no supplementary-service sip refer
 sip
  registrar server expires max 3600 min 3600
  no update-callerid
!
!
!
voice class codec 1

 codec preference 1 g711ulaw
!
!
!
!
!
!
!
!
voice class cause-code 1
 no-circuit
 !
 !
 !
 !
 !
 voice hunt-group 1 parallel
 final 501
 list 201,202,203
 timeout 16
 pilot 511
!
!
!
voice source-group CCA_SIP_SOURCE_GROUP
 access-list 2
 translation-profile incoming SIP_Incoming
!
voice translation-rule 4
 rule 1 /4085041201/ /201/
 rule 2 /4085041202/ /202/
!
voice translation-rule 410
 rule 1 /^9\(.*\)/ /\1/
 rule 15 /^…$/ /4085041201/
!
voice translation-rule 411
 rule 1 /^9\(.*\)/ /ABCD9\1/
!
voice translation-rule 412
 rule 1 /^ABCD\(.*\)/ /\1/
!
voice translation-rule 1111
 rule 14 /^20\(.\)$/ /408504120\1/
 rule 15 /.*/ /4085041201/
!
voice translation-rule 1112
 rule 1 /^9/ //
!
voice translation-rule 2001
 rule 1 /4085041200/ /400/
!
voice translation-rule 2222
 rule 1 /^91900……./ //
 rule 2 /^91976……./ //
!
!
voice translation-profile 40_Called_4
 translate called 4
!
voice translation-profile AA_Profile
 translate called 2001
!
voice translation-profile CALLER_ID_TRANSLATION_PROFILE
 translate calling 1111
!
voice translation-profile CallBlocking
 translate called 2222
!
voice translation-profile OUTGOING_TRANSLATION_PROFILE
 translate calling 1111
 translate called 1112
!
voice translation-profile PSTN_CallForwarding
 translate redirect-target 410
 translate redirect-called 410
!
voice translation-profile PSTN_Outgoing
 translate calling 1111
 translate called 1112
 translate redirect-target 410
 translate redirect-called 410
!
voice translation-profile SIP_Incoming
 translate called 411
!
voice translation-profile SIP_Passthrough
 translate called 412
!
!
voice-card 0
!
!
!
username cisco privilege 15 secret 5 $1$WbTq$MZTQJrG0pQT4.QldN.tGJ.
!
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
!
crypto isakmp client configuration group EZVPN_GROUP_1
 key cisco123
 dns 192.168.10.111
 pool SDM_POOL_1
 save-password
 max-users 10
crypto isakmp profile sdm-ike-profile-1
   match identity group EZVPN_GROUP_1
   client authentication list Foxtrot_sdm_easyvpn_xauth_ml_1
   isakmp authorization list Foxtrot_sdm_easyvpn_group_ml_1
   client configuration address respond
   virtual-template 1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
!
crypto ipsec profile SDM_Profile1
 set transform-set ESP-3DES-SHA
 set isakmp-profile sdm-ike-profile-1
!
!
archive
 log config
  logging enable
  logging size 600
  hidekeys
!
process-max-time 50
!
ip tftp source-interface Loopback0
!
class-map match-all L3-to-L2_VoIP-Cntrl
 match ip dscp af31
class-map match-all L3-to-L2_VoIP-RTP
 match ip dscp ef
class-map match-all SIP
 match protocol sip
class-map match-all RTP
 match protocol rtp
!
!
policy-map EthOut
 class RTP
policy-map output-L3-to-L2
 class L3-to-L2_VoIP-RTP
  set cos 5
 class L3-to-L2_VoIP-Cntrl
  set cos 3
!
!
!
!
interface Loopback0
 description $FW_INSIDE$
 ip address 10.1.10.2 255.255.255.252
 ip access-group 101 in
 ip nat inside
 ip virtual-reassembly
!
interface FastEthernet0/0
 description $FW_OUTSIDE$
 ip address 1.1.100.4 255.255.255.0
 ip access-group 104 in
 ip nat outside
 ip inspect SDM_LOW out
 ip virtual-reassembly
 duplex auto
 speed auto
!
interface Integrated-Service-Engine0/0
 description cue is initialized with default IMAP group
 ip unnumbered Loopback0
 ip nat inside
 ip virtual-reassembly
 service-module ip address 10.1.10.1 255.255.255.252
 service-module ip default-gateway 10.1.10.2
!
interface FastEthernet0/1/0
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/1
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/2
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/3
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/4
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/5
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/6
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/7
 switchport voice vlan 100
 macro description cisco-phone
 spanning-tree portfast
!
interface FastEthernet0/1/8
 switchport mode trunk
 macro description cisco-switch
!
interface Virtual-Template1 type tunnel
 ip unnumbered Vlan1
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile SDM_Profile1
!
interface Vlan1
 description $FW_INSIDE$
 ip address 192.168.10.1 255.255.255.0
 ip access-group 102 in
 ip nat inside
 ip virtual-reassembly
!
interface Vlan100
 description $FW_INSIDE$
 ip address 10.1.1.1 255.255.255.0
 ip access-group 103 in
 ip nat inside
 ip virtual-reassembly
!
ip local pool SDM_POOL_1 192.168.10.101 192.168.10.110
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 1.1.100.254
ip route 10.1.10.1 255.255.255.255 Integrated-Service-Engine0/0
!
ip http server
ip http authentication local
ip http secure-server
ip http path flash:/gui
ip dns server
ip nat inside source list 1 interface FastEthernet0/0 overload
ip nat inside source static tcp 192.168.10.100 80 interface FastEthernet0/0 80
!
access-list 1 remark SDM_ACL Category=2
access-list 1 permit 10.1.1.0 0.0.0.255
access-list 1 permit 192.168.10.0 0.0.0.255
access-list 1 permit 10.1.10.0 0.0.0.3
access-list 2 remark CCA_SIP_SOURCE_GROUP_ACL
access-list 2 remark SDM_ACL Category=1
access-list 2 permit 192.168.10.1
access-list 2 permit 1.1.100.254
access-list 2 permit 192.168.10.0 0.0.0.255
access-list 2 permit 10.1.1.0 0.0.0.255
access-list 2 permit 10.1.10.0 0.0.0.3
access-list 2 deny   any
access-list 100 remark auto generated by SDM firewall configuration
access-list 100 remark SDM_ACL Category=1
access-list 100 deny   ip 192.168.10.0 0.0.0.255 any
access-list 100 deny   ip host 255.255.255.255 any
access-list 100 deny   ip 127.0.0.0 0.255.255.255 any
access-list 100 permit ip any any
access-list 101 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 101 remark SDM_ACL Category=1
access-list 101 permit udp any host 10.1.10.2 eq non500-isakmp
access-list 101 permit udp any host 10.1.10.2 eq isakmp
access-list 101 permit esp any host 10.1.10.2
access-list 101 permit ahp any host 10.1.10.2
access-list 101 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 101 permit udp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 101 deny   ip 192.168.10.0 0.0.0.255 any
access-list 101 deny   ip 1.1.100.0 0.0.0.255 any
access-list 101 deny   ip 10.1.1.0 0.0.0.255 any
access-list 101 deny   ip host 255.255.255.255 any
access-list 101 deny   ip 127.0.0.0 0.255.255.255 any
access-list 101 permit ip any any
access-list 102 remark auto generated by SDM firewall configuration##NO_ACES_6##
access-list 102 remark SDM_ACL Category=1
access-list 102 permit udp any host 192.168.10.1 eq non500-isakmp
access-list 102 permit udp any host 192.168.10.1 eq isakmp
access-list 102 permit esp any host 192.168.10.1
access-list 102 permit ahp any host 192.168.10.1
access-list 102 deny   ip 10.1.10.0 0.0.0.3 any
access-list 102 deny   ip 1.1.100.0 0.0.0.255 any
access-list 102 deny   ip 10.1.1.0 0.0.0.255 any
access-list 102 deny   ip host 255.255.255.255 any
access-list 102 deny   ip 127.0.0.0 0.255.255.255 any
access-list 102 permit ip any any
access-list 103 remark auto generated by SDM firewall configuration##NO_ACES_8##
access-list 103 remark SDM_ACL Category=1
access-list 103 permit udp any host 10.1.1.1 eq non500-isakmp
access-list 103 permit udp any host 10.1.1.1 eq isakmp
access-list 103 permit esp any host 10.1.1.1
access-list 103 permit ahp any host 10.1.1.1
access-list 103 permit tcp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 permit udp 10.1.10.0 0.0.0.3 any eq 2000
access-list 103 deny   ip 10.1.10.0 0.0.0.3 any
access-list 103 deny   ip 192.168.10.0 0.0.0.255 any
access-list 103 deny   ip 1.1.100.0 0.0.0.255 any
access-list 103 deny   ip host 255.255.255.255 any
access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any
access-list 104 remark auto generated by SDM firewall configuration##NO_ACES_20#
#
access-list 104 remark SDM_ACL Category=1
access-list 104 permit udp any host 1.1.100.4 eq non500-isakmp
access-list 104 permit udp any host 1.1.100.4 eq isakmp
access-list 104 permit esp any host 1.1.100.4
access-list 104 permit ahp any host 1.1.100.4
access-list 104 permit tcp any host 1.1.100.4 eq www log
access-list 104 deny   ip 10.1.10.0 0.0.0.3 any
access-list 104 deny   ip 192.168.10.0 0.0.0.255 any
access-list 104 deny   ip 10.1.1.0 0.0.0.255 any
access-list 104 permit udp host 1.1.100.254 eq domain any
access-list 104 permit icmp any host 1.1.100.4 echo-reply
access-list 104 permit icmp any host 1.1.100.4 time-exceeded
access-list 104 permit icmp any host 1.1.100.4 unreachable
access-list 104 permit udp host 192.168.10.1 eq 5060 any
access-list 104 permit udp host 192.168.10.1 any eq 5060
access-list 104 permit udp host 1.1.100.254 eq 5060 any
access-list 104 permit udp host 1.1.100.254 any eq 5060
access-list 104 permit udp any any range 16384 32767
access-list 104 deny   ip 10.0.0.0 0.255.255.255 any
access-list 104 deny   ip 172.16.0.0 0.15.255.255 any
access-list 104 deny   ip 192.168.0.0 0.0.255.255 any
access-list 104 deny   ip 127.0.0.0 0.255.255.255 any
access-list 104 deny   ip host 255.255.255.255 any
access-list 104 deny   ip host 0.0.0.0 any
access-list 104 deny   ip any any log
snmp-server community public RO
!
!
!
!
!
tftp-server flash:/phones/7941_7961/SCCP41.8-4-2S.loads alias SCCP41.8-4-2S.load
s
tftp-server flash:/phones/7941_7961/term41.default.loads alias term41.default.lo
ads
tftp-server flash:/phones/7941_7961/term61.default.loads alias term61.default.lo
ads
tftp-server flash:/phones/7941_7961/cnu41.8-4-1-23.sbn alias cnu41.8-4-1-23.sbn
tftp-server flash:/phones/7941_7961/apps41.8-4-1-23.sbn alias apps41.8-4-1-23.sb
n
tftp-server flash:/phones/7941_7961/dsp41.8-4-1-23.sbn alias dsp41.8-4-1-23.sbn
tftp-server flash:/phones/7941_7961/jar41sccp.8-4-1-23.sbn alias jar41sccp.8-4-1
-23.sbn
tftp-server flash:/phones/7941_7961/cvm41sccp.8-4-1-23.sbn alias cvm41sccp.8-4-1
-23.sbn
tftp-server flash:/ringtones/Analog1.raw alias Analog1.raw
tftp-server flash:/ringtones/Analog2.raw alias Analog2.raw
tftp-server flash:/ringtones/AreYouThere.raw alias AreYouThere.raw
tftp-server flash:/ringtones/DistinctiveRingList.xml alias DistinctiveRingList.x
ml
tftp-server flash:/ringtones/RingList.xml alias RingList.xml
tftp-server flash:/ringtones/AreYouThereF.raw alias AreYouThereF.raw
tftp-server flash:/ringtones/Bass.raw alias Bass.raw
tftp-server flash:/ringtones/CallBack.raw alias CallBack.raw
tftp-server flash:/ringtones/Chime.raw alias Chime.raw
tftp-server flash:/ringtones/Classic1.raw alias Classic1.raw
tftp-server flash:/ringtones/Classic2.raw alias Classic2.raw
tftp-server flash:/ringtones/ClockShop.raw alias ClockShop.raw
tftp-server flash:/ringtones/Drums1.raw alias Drums1.raw
tftp-server flash:/ringtones/Drums2.raw alias Drums2.raw
tftp-server flash:/ringtones/FilmScore.raw alias FilmScore.raw
tftp-server flash:/ringtones/HarpSynth.raw alias HarpSynth.raw
tftp-server flash:/ringtones/Jamaica.raw alias Jamaica.raw
tftp-server flash:/ringtones/KotoEffect.raw alias KotoEffect.raw
tftp-server flash:/ringtones/MusicBox.raw alias MusicBox.raw
tftp-server flash:/ringtones/Piano1.raw alias Piano1.raw
tftp-server flash:/ringtones/Piano2.raw alias Piano2.raw
tftp-server flash:/ringtones/Pop.raw alias Pop.raw
tftp-server flash:/ringtones/Pulse1.raw alias Pulse1.raw
tftp-server flash:/ringtones/Ring1.raw alias Ring1.raw
tftp-server flash:/ringtones/Ring2.raw alias Ring2.raw
tftp-server flash:/ringtones/Ring3.raw alias Ring3.raw
tftp-server flash:/ringtones/Ring4.raw alias Ring4.raw
tftp-server flash:/ringtones/Ring5.raw alias Ring5.raw
tftp-server flash:/ringtones/Ring6.raw alias Ring6.raw
tftp-server flash:/ringtones/Ring7.raw alias Ring7.raw
tftp-server flash:/ringtones/Sax1.raw alias Sax1.raw
tftp-server flash:/ringtones/Sax2.raw alias Sax2.raw
tftp-server flash:/ringtones/Vibe.raw alias Vibe.raw
tftp-server flash:/Desktops/CampusNight.png
tftp-server flash:/Desktops/TN-CampusNight.png
tftp-server flash:/Desktops/CiscoFountain.png
tftp-server flash:/Desktops/TN-CiscoFountain.png
tftp-server flash:/Desktops/CiscoLogo.png
tftp-server flash:/Desktops/TN-CiscoLogo.png
tftp-server flash:/Desktops/Fountain.png
tftp-server flash:/Desktops/TN-Fountain.png
tftp-server flash:/Desktops/MorroRock.png
tftp-server flash:/Desktops/TN-MorroRock.png
tftp-server flash:/Desktops/NantucketFlowers.png
tftp-server flash:/Desktops/TN-NantucketFlowers.png
tftp-server flash:Desktops/320×212x16/List.xml
tftp-server flash:Desktops/320×212x12/List.xml
tftp-server flash:Desktops/320×216x16/List.xml
tftp-server flash:/bacdprompts/en_bacd_allagentsbusy.au alias en_bacd_allagentsb
usy.au
tftp-server flash:/bacdprompts/en_bacd_disconnect.au alias en_bacd_disconnect.au
tftp-server flash:/bacdprompts/en_bacd_enter_dest.au alias en_bacd_enter_dest.au
tftp-server flash:/bacdprompts/en_bacd_invalidoption.au alias en_bacd_invalidopt
ion.au
tftp-server flash:/bacdprompts/en_bacd_music_on_hold.au alias en_bacd_music_on_h
old.au
tftp-server flash:/bacdprompts/en_bacd_options_menu.au alias en_bacd_options_men
u.au
tftp-server flash:/bacdprompts/en_bacd_welcome.au alias en_bacd_welcome.au
tftp-server flash:/bacdprompts/en_bacd_xferto_operator.au alias en_bacd_xferto_o
perator.au
!
control-plane
!
call threshold interface FastEthernet0/0 int-calls low 4 high 4
!
!
voice-port 0/0/0
 timeouts ringing infinity
!
voice-port 0/0/1
 timeouts ringing infinity
!
voice-port 0/0/2
 timeouts ringing infinity
!
voice-port 0/0/3
 timeouts ringing infinity
!
voice-port 0/1/0
 trunk-group ALL_FXO 64
 connection plar opx 401
 description Configured by CCA 4 FXO-0/1/0-Custom-OP
 caller-id enable
!
voice-port 0/1/1
 trunk-group ALL_FXO 64
 connection plar opx 275
 description Configured by CCA 4 FXO-0/1/1-Custom-OP
 caller-id enable
!
voice-port 0/1/2
 trunk-group ALL_FXO 64
 connection plar opx 501
 description Configured by CCA 4 FXO-0/1/2-Custom-OP
 caller-id enable
!
voice-port 0/1/3
 trunk-group ALL_FXO 64
 connection plar opx 203
 description Configured by CCA 4 FXO-0/1/3-Custom-OP
 caller-id enable
!
voice-port 0/4/0
 auto-cut-through
 signal immediate
 input gain auto-control -15
 description Music On Hold Port
!
sccp local Loopback0
sccp ccm 10.1.1.1 identifier 1 version 3.1
sccp
!
sccp ccm group 1
 associate ccm 1 priority 1
!
dial-peer cor custom
 name internal
 name local
 name local-plus
 name international
 name national
 name national-plus
 name emergency
 name toll-free
!
!
dial-peer cor list call-internal
 member internal
!
dial-peer cor list call-local
 member local
!
dial-peer cor list call-local-plus
 member local-plus
!
dial-peer cor list call-national
 member national
!
dial-peer cor list call-national-plus
 member national-plus
!
dial-peer cor list call-international
 member international
!
dial-peer cor list call-emergency
 member emergency
!
dial-peer cor list call-toll-free
 member toll-free
!
dial-peer cor list user-internal
 member internal
 member emergency
!
dial-peer cor list user-local
 member internal
 member local
 member emergency
 member toll-free
!
dial-peer cor list user-local-plus
 member internal
 member local
 member local-plus
 member emergency
 member toll-free
!
dial-peer cor list user-national
 member internal
 member local
 member local-plus
 member national
 member emergency
 member toll-free
!
dial-peer cor list user-national-plus
 member internal
 member local
 member local-plus
 member national
 member national-plus
 member emergency
 member toll-free
!
dial-peer cor list user-international
 member internal
 member local
 member local-plus
 member international
 member national
 member national-plus
 member emergency
 member toll-free
!
!
dial-peer voice 1 pots
 service stcapp
 port 0/0/0
!
dial-peer voice 2 pots
 service stcapp
 port 0/0/1
!
dial-peer voice 3 pots
 service stcapp
 port 0/0/2
!
dial-peer voice 4 pots
 service stcapp
 port 0/0/3
!
dial-peer voice 5 pots
 description ** MOH Port **
 destination-pattern ABC
 port 0/4/0
 no sip-register
!
dial-peer voice 50 pots
 description ** incoming dial peer **
 incoming called-number .%
 port 0/1/0
!
dial-peer voice 51 pots
 description ** incoming dial peer **
 incoming called-number .%
 port 0/1/1
!
dial-peer voice 52 pots
 description ** incoming dial peer **
 incoming called-number .%
 port 0/1/2
!
dial-peer voice 53 pots
 description ** incoming dial peer **
 incoming called-number .%
 port 0/1/3
!
dial-peer voice 2000 voip
 description ** cue voicemail pilot number **
 destination-pattern 401
 b2bua
 voice-class sip outbound-proxy ipv4:10.1.10.1
 session protocol sipv2
 session target ipv4:10.1.10.1
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
dial-peer voice 54 pots
 description ** FXO pots dial-peer **
 destination-pattern A0
 port 0/1/0
 no sip-register
!
dial-peer voice 55 pots
 description ** FXO pots dial-peer **
 destination-pattern A1
 port 0/1/1
 no sip-register
!
dial-peer voice 56 pots
 description ** FXO pots dial-peer **
 port 0/1/2
 no sip-register
!
dial-peer voice 57 pots
 description ** FXO pots dial-peer **
 destination-pattern A3
 port 0/1/3
 no sip-register
!
dial-peer voice 1000 voip
 permission term
 description ** Incoming call from SIP trunk (Generic SIP Trunk Provider) **
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 incoming called-number .%
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1001 voip
 corlist outgoing call-local
 description ** star code to SIP trunk (Generic SIP Trunk Provider) **
 destination-pattern *..
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1003 voip
 description ** Passthrough Inbound Calls from CUE **
 translation-profile incoming SIP_Passthrough
 b2bua
 session protocol sipv2
 session target ipv4:10.1.10.1
 incoming called-number ABCDT
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
dial-peer voice 1005 voip
 description ** Passthrough Inbound MWI from CUE **
 b2bua
 session protocol sipv2
 session target ipv4:10.1.10.1
 incoming called-number A80T
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
dial-peer voice 58 pots
 trunkgroup ALL_FXO
 corlist outgoing call-emergency
 description **CCA*North American-10-Digit*Emergency**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 1
 destination-pattern 9911
 forward-digits all
 no sip-register
!
dial-peer voice 59 pots
 trunkgroup ALL_FXO
 corlist outgoing call-emergency
 description **CCA*North American-10-Digit*Emergency**
 translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
 preference 1
 destination-pattern 911
 forward-digits all
 no sip-register
!
dial-peer voice 60 pots
 trunkgroup ALL_FXO
 corlist outgoing call-local
 description **CCA*North American-10-Digit*10-Digit Local**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 9[2-9]..[2-9]……
 forward-digits all
 no sip-register
!
dial-peer voice 61 pots
 trunkgroup ALL_FXO
 corlist outgoing call-local
 description **CCA*North American-10-Digit*Service Numbers**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 9[2-9]11
 forward-digits all
 no sip-register
!
dial-peer voice 62 pots
 trunkgroup ALL_FXO
 corlist outgoing call-national
 description **CCA*North American-10-Digit*Long Distance**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 91[2-9]..[2-9]……
 forward-digits all
 no sip-register
!
dial-peer voice 63 pots
 trunkgroup ALL_FXO
 corlist outgoing call-international
 description **CCA*North American-10-Digit*International**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 9011T
 forward-digits all
 no sip-register
!
dial-peer voice 64 pots
 trunkgroup ALL_FXO
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 91800…….
 forward-digits all
 no sip-register
!
dial-peer voice 65 pots
 trunkgroup ALL_FXO
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 91888…….
 forward-digits all
 no sip-register
!
dial-peer voice 66 pots
 trunkgroup ALL_FXO
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 91877…….
 forward-digits all
 no sip-register
!
dial-peer voice 67 pots
 trunkgroup ALL_FXO
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing OUTGOING_TRANSLATION_PROFILE
 preference 5
 destination-pattern 91866…….
 forward-digits all
 no sip-register
!
dial-peer voice 1020 voip
 corlist outgoing call-national
 description **CCA*North American-10-Digit*Long Distance**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 91[2-9]..[2-9]……
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1021 voip
 corlist outgoing call-international
 description **CCA*North American-10-Digit*International**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 9011T
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1022 voip
 corlist outgoing call-local
 description **CCA*North American-10-Digit*Service Numbers**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 9[2-9]11
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1023 voip
 corlist outgoing call-emergency
 description **CCA*North American-10-Digit*Emergency**
 translation-profile outgoing CALLER_ID_TRANSLATION_PROFILE
 preference 2
 destination-pattern 911
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1024 voip
 corlist outgoing call-emergency
 description **CCA*North American-10-Digit*Emergency**
 translation-profile outgoing PSTN_Outgoing
 preference 2
 destination-pattern 9911
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1025 voip
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 91866…….
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1026 voip
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 91877…….
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1027 voip
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 91888…….
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1028 voip
 corlist outgoing call-toll-free
 description **CCA*North American-10-Digit*Toll-Free**
 translation-profile outgoing PSTN_Outgoing
 preference 1
 destination-pattern 91800…….
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 dtmf-relay rtp-nte

dial-peer voice 3000 voip
 description 40
 translation-profile incoming 40_Called_4
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 incoming called-number 408504120[1-2]
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 1006 voip
 description ** AA from SIP Trunk (Auto Attendant)**
 translation-profile incoming AA_Profile
 voice-class codec 1
 voice-class sip dtmf-relay force rtp-nte
 session protocol sipv2
 session target sip-server
 incoming called-number 4085041200
 dtmf-relay rtp-nte
 ip qos dscp cs5 media
 ip qos dscp cs4 signaling
 no vad
!
dial-peer voice 2001 voip
 description ** cue auto attendant number **
 translation-profile outgoing PSTN_CallForwarding
 destination-pattern 400
 b2bua
 voice-class sip outbound-proxy ipv4:10.1.10.1
 session protocol sipv2
 session target ipv4:10.1.10.1
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
dial-peer voice 2003 voip
 description ** cue auto attendant PSTN number **
 translation-profile outgoing AA_Profile
 destination-pattern 4085041200$
 b2bua
 voice-class sip outbound-proxy ipv4:10.1.10.1
 session protocol sipv2
 session target ipv4:10.1.10.1
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
dial-peer voice 2012 voip
 description ** cue prompt manager number **
 translation-profile outgoing PSTN_CallForwarding
 destination-pattern 409
 b2bua
 voice-class sip outbound-proxy ipv4:10.1.10.1
 session protocol sipv2
 session target ipv4:10.1.10.1
 dtmf-relay sip-notify
 codec g711ulaw
 no vad
!
!
no dial-peer outbound status-check pots
sip-ua
 authentication username 4085041200 password 7 11584B5643
 no remote-party-id
 retry invite 2
 retry register 10
 timers connect 100
 registrar ipv4:1.1.100.254:5060 expires 3600
 sip-server ipv4:1.1.100.254:5060
 host-registrar
!
!
!
telephony-service
 video
 em logout 0:0 0:0 0:0
 fxo hook-flash
 max-ephones 14
 max-dn 56
 ip source-address 10.1.1.1 port 2000
 max-redirect 20
 auto assign 10 to 19
 auto assign 5 to 8 type anl
 calling-number initiator
 service phone videoCapability 1
 service dnis overlay
 service dnis dir-lookup
 timeouts interdigit 5
 system message UC520
 url services http://10.1.10.1/voiceview/common/login.do
 url authentication http://10.1.10.1/voiceview/authentication/authenticate.do
 load 7941 SCCP41.8-4-2S
 load 7941GE SCCP41.8-4-2S
 load 7961 SCCP41.8-4-2S
 load 7961GE SCCP41.8-4-2S
 time-zone 5
 voicemail 401
 max-conferences 8 gain -6
 call-forward pattern .T
 call-forward system redirecting-expanded
 moh flash:/media/music-on-hold.au
 multicast moh 239.10.16.16 port 2000
 web admin system name cisco secret 5 $1$3ESN$2EUVlVgjpHZki873h1ojv0
 dn-webedit
 time-webedit
 transfer-system full-consult dss
 transfer-pattern 9.T
 transfer-pattern .T
 secondary-dialtone 9
 night-service day Sun 17:00 09:00
 night-service day Mon 17:00 09:00
 night-service day Tue 17:00 09:00
 night-service day Wed 17:00 09:00
 night-service day Thu 17:00 09:00
 night-service day Fri 17:00 09:00
 night-service day Sat 17:00 09:00
 night-service date Dec 25 00:00 23:59
 night-service date Dec 24 00:00 23:59
 create cnf-files version-stamp 7960 Dec 10 2009 19:29:33
!
!
ephone-template  15
 url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
 softkeys idle  Redial Newcall Cfwdall Pickup Gpickup Dnd Login
 softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
 softkeys connected  Hold Endcall Trnsfer Confrn Acct Park
 button-layout 7931 2
!
!
ephone-template  16
 url services 1 http://10.1.10.1/voiceview/common/login.do VoiceviewExpress
 softkeys idle  Redial Newcall Cfwdall Pickup Gpickup Dnd Login
 softkeys seized  Cfwdall Endcall Redial Pickup Gpickup Callback
 softkeys connected  Hold Endcall Trnsfer Confrn Acct Park
!
!
ephone-dn  1
 number 101 no-reg primary
 description pageforall
 name IP-Paging1
 paging ip 239.1.1.1 port 2000
!
!
ephone-dn  5  dual-line
 number 301 no-reg primary
 label 301
 description PhoneA Analog
 name PhoneA Analog
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  6  dual-line
 number 302 no-reg primary
 label 302
 description PhoneB Analog
 name PhoneB Analog
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  7  dual-line
 number 303 no-reg primary
 label 303
 description PhoneC Analog
 name PhoneC Analog
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  8  dual-line
 number 304 no-reg primary
 label 304
 description PhoneD Analog
 name PhoneD Analog
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  9
 number BCD no-reg primary
 description MoH
 moh out-call ABC
!
!
ephone-dn  10  dual-line
 number 201 secondary 4085041201 no-reg both
 pickup-group 1
 label 201
 description FirstName Lastname
 name FirstName Lastname
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  11  dual-line
 number 202 secondary 4085041202 no-reg both
 pickup-group 1
 label 202
 description b cipc
 name b cipc
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  12  dual-line
 number 203 no-reg primary
 pickup-group 1
 label 203
 description c cipc
 name c cipc
 call-forward busy 401
 call-forward noan 401 timeout 10
 translation-profile incoming CallBlocking
!
!
ephone-dn  13  dual-line
 number 275 no-reg both
 label 275
 description 275
 name b cipc
 call-forward busy 401
 call-forward noan 401 timeout 10
 huntstop channel
!
!
ephone-dn  14  dual-line
 number 205 no-reg primary
 label 205
 description 205
 name 205
!
!
ephone-dn  15  dual-line
 number 206 no-reg primary
 label 206
 description 206
 name 206
!
!
ephone-dn  16  dual-line
 number 207 no-reg primary
 label 207
 description 207
 name 207
!
!
ephone-dn  17  dual-line
 number 208 no-reg primary
 label 208
 description 208
 name 208
!
!
ephone-dn  18  dual-line
 number 209 no-reg primary
 label 209
 description 209
 name 209
!
!
ephone-dn  19  dual-line
 number 210 no-reg primary
 label 210
 description 210
 name 210
!
!
ephone-dn  53
 number 701 no-reg primary
 park-slot
 label Park Slot 701
!
!
ephone-dn  54
 number 4085041201
 description SIP Main Number registration
 preference 10
!
!
ephone-dn  55
 number A801… no-reg primary
 mwi off
!
!
ephone-dn  56
 number A800… no-reg primary
 mwi on
!
!
ephone  1
 device-security-mode none
 video
 mac-address 0050.5629.01D1
 ephone-template 16
 username “acipc” password 1234
 speed-dial 1 917181234567 label “dad”
 mtp
 type CIPC
 button  1:10
!
!
!
ephone  2
 device-security-mode none
 mac-address DA2F.F08C.0000
 ephone-template 16
 max-calls-per-button 2
 username “afsx” password 1234
 type anl
 button  1:5
!
!
!
ephone  3
 device-security-mode none
 mac-address DA2F.F08C.0001
 ephone-template 16
 max-calls-per-button 2
 username “bfsx” password 1234
 type anl
 button  1:6
!
!
!
ephone  4
 device-security-mode none
 mac-address DA2F.F08C.0002
 ephone-template 16
 max-calls-per-button 2
 username “cfxs” password 1234
 type anl
 button  1:7
!
!
!
ephone  5
 device-security-mode none
 mac-address DA2F.F08C.0003
 ephone-template 16
 max-calls-per-button 2
 username “dfxs” password 1234
 type anl
 button  1:8
!
!
!
ephone  6
 device-security-mode none
 video
 mac-address 0003.6BF2.4F72
 ephone-template 16
 username “bcipc” password 1234
 type 7960
 button  1:11 3m10 4m12 6:13
!
!
!
ephone  7
 device-security-mode none
 video
 mac-address 0050.5629.01D2
 ephone-template 16
 username “ccipc” password 1234
 paging-dn 1
 mtp
 type CIPC
 button  1:12
!
!
ephone-hunt 1 sequential
 pilot 501
 list 201, 202, 203
 final 401
 timeout 8, 8, 8
 no-reg pilot
 statistics collect
!
!
banner login ^CCisco Configuration Assistant. Version: 2.1. Thu Dec 10 14:39:07
PST 2009^C
alias exec cca_voice_mode PBX
!
line con 0
 no modem enable
line aux 0
line 2
 no activation-character
 no exec
 transport preferred none
 transport input all
line vty 5 100
!
ntp master
end

UC520#

UC520#            sh ver
Cisco IOS Software, UC500 Software (UC500-ADVIPSERVICESK9-M), Version 12.4(22)YB
4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2009 by Cisco Systems, Inc.
Compiled Fri 07-Aug-09 21:08 by prod_rel_team

ROM: System Bootstrap, Version 12.4(11r)XW, RELEASE SOFTWARE (fc1)

UC520 uptime is 11 hours, 34 minutes
System returned to ROM by reload at 08:27:51 PST Thu Dec 10 2009
System restarted at 08:29:05 PST Thu Dec 10 2009
System image file is “flash:uc500-advipservicesk9-mz.124-22.YB4″
Last reload reason: Reload Command

This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.

A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html

If you require further assistance please contact us by sending email to
export@cisco.com.

Cisco UC520-8U-4FXO-K9 (MPC8358) processor (revision 0×202) with 249856K/12288K
bytes of memory.
Processor board ID FHK114728R7
MPC8358 CPU Rev: Part Number 0×804A, Revision ID 0×20
14 User Licenses
10 FastEthernet interfaces
2 terminal lines
4 Voice FXO interfaces
4 Voice FXS interfaces
1 Voice MoH interface
1 cisco service engine(s)
128K bytes of non-volatile configuration memory.
125440K bytes of ATA CompactFlash (Read/Write)

Configuration register is 0×2102

UC520#
UC520# sh ip int b
Interface                  IP-Address      OK? Method Status                Prot
ocol
FastEthernet0/0            1.1.100.4       YES TFTP   up                    up

In0/0                      10.1.10.2       YES TFTP   up                    up

FastEthernet0/1/0          unassigned      YES unset  up                    down

FastEthernet0/1/1          unassigned      YES unset  up                    up

FastEthernet0/1/2          unassigned      YES unset  up                    down

FastEthernet0/1/3          unassigned      YES unset  up                    down

FastEthernet0/1/4          unassigned      YES unset  up                    down

FastEthernet0/1/5          unassigned      YES unset  up                    down

FastEthernet0/1/6          unassigned      YES unset  up                    down

FastEthernet0/1/7          unassigned      YES unset  up                    up

FastEthernet0/1/8          unassigned      YES unset  up                    down

Vlan1                      192.168.10.1    YES NVRAM  up                    up

Vlan100                    10.1.1.1        YES NVRAM  up                    up

NVI0                       10.1.10.2       YES unset  up                    up

Virtual-Access1            unassigned      YES unset  down                  down

Virtual-Template1          192.168.10.1    YES TFTP   down                  down

Loopback0                  10.1.10.2       YES NVRAM  up                    up

UC520#

Posted in Routing & Switching Lab | Leave a Comment »

Supervisor Engine 720 Front Panel Status LEDs

Posted by Peter Kurdziel on December 9, 2009


Table 2-16 Supervisor Engine 720 Front Panel Status LEDs

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/hardware/Module_Installation/Sup_Eng_Guide/02superv.html#wp1081940

LED
Color and Meaning

STATUS

The STATUS LED indicates the status of the supervisor engine.

Green—All diagnostics pass. The supervisor engine is operational (normal initialization sequence).

Orange—The supervisor engine is booting or running diagnostics (normal initialization sequence) or an overtemperature condition has occurred. (A minor temperature threshold has been exceeded during environmental monitoring.)

Red—The diagnostic test failed. The supervisor engine is not operational because a fault occurred during the initialization sequence or an overtemperature condition has occurred. (A major temperature threshold has been exceeded during environmental monitoring.)

SYSTEM

The SYSTEM LED indicates the status of the system components.

Green—All chassis environmental monitors are reporting OK.

Orange—A minor hardware problem has been detected.

Red—A major hardware problem has occurred

ACTIVE

The ACTIVE LED indicates whether the supervisor engine is operating in active mode or is in standby mode.

Green—The supervisor engine is operational and active.

Orange—The supervisor engine is in standby mode.

PWR MGMT

The supervisor engine monitors each module’s power requirements and status relative to the system’s overall power capacity before fully powering up each module in the chassis.

Orange—Power-up mode; running self-diagnostics.

Green—Power management is functioning normally and sufficient power is available for all modules.

Orange—A minor power management problem has been detected. There is insufficient power for all modules to power up.

Red—A major power failure has occurred.

DISK 0 and DISK 1 LEDs

These LEDs are illuminated green when the installed Flash PC card is being accessed and is performing either a read operation or a write operation.

Posted in CATALYST, Troubleshooting | Leave a Comment »

http://www.cisco.com/en/US/products/prod_end_of_life.html

Posted by Peter Kurdziel on December 5, 2009

End-of-Sale and End-of-Life Products

http://www.cisco.com/en/US/products/hw/tsd_products_support_end-of-sale_and_end-of-life_products_list.html




These products have reached end-of-life status, which means they are no
longer orderable from Cisco and may be no longer supported directly by
Cisco. If the product category and series you are looking for is not
visible on this page, then the product has not reached end-of-life
status and can be found in Product Support. Learn more about Cisco’s end-of-life policy.

<!–
###################################################################
###################################################################
## Hey! It looks like there are empty sub-sub-categories in the #
## data for this page! This tempalte may not deal with empty #
## sub-sub-categories gracefully. #
###################################################################
###################################################################
–>

Application Networking Services

Cisco Interfaces and Modules

Cisco IOS and NX-OS Software

Network Management

Network Management (continued)

Optical Networking

Routers

Security

Storage Networking

Switches

Universal Gateways and Access Servers

Video, Cable and Content Delivery

Voice and Unified Communications

Wireless

Posted in Routing & Switching Lab | Leave a Comment »

End-of-Sale and End-of-Life Products

Posted by Peter Kurdziel on December 5, 2009

End-of-Sale and End-of-Life Products

These products are no longer being sold and might not be supported.

http://www.cisco.com/en/US/products/prod_end_of_life.html

Posted in Routing & Switching Lab | Leave a Comment »

Installing NetScaler VPX on VMware ESX 4.0

Posted by Peter Kurdziel on December 3, 2009

Installing NetScaler VPX on VMware ESX 4.0

After you have installed and configured VMware ESX 4.0, you can use VMware
vSphere client to install one or more instances of NetScaler VPX on the VMware
ESX. Each instance is a virtual NetScaler appliance. The number of instances that
you can install depends on the amount of memory available on the hardware that
is running VMware ESX.

To install NetScaler VPX on VMware ESX 4.0 by using VMware vSphere
Client

1. Start the VMware vSphere client on your workstation.
2. In the IP address / Name text box, type the IP address of the VMware ESX
server that you want to connect to.
3. In the User Name and Password text boxes, type the administrator
credentials, and then click Login.
4. On the File menu, click Deploy OVF Template.
5. In the Deploy OVF Template dialog box, in Deploy from file, browse to
the location at which you saved the NetScaler VPX setup files, select the
.ovf file, and click Next.
6. Map the networks shown in the VPX OVF template to the networks that
you configured on the ESX host. Click Next to start installing VPX on
VMware ESX. When installation is complete, a pop-up window informs
you of the successful installation

Posted in Virtualization | Leave a Comment »

Error: Failed to lock the file

Posted by Peter Kurdziel on December 3, 2009

I am installing  NetScaler VPX and I ran into an issue with the ESX server.

I ran into an issue where I could not power on my ESX server.
I was getting this error “

Error: Failed to lock the file

The solution is to go into the ***vmdk.lck folder and rename the .lck to .txt.

The server starts right up after that change.

Posted in Virtualization | Leave a Comment »

Configuring a Citrix NetScaler for the First Time

Posted by Peter Kurdziel on December 2, 2009

Configuring a Citrix NetScaler for the First Time

Your new NetScaler is preconfigured with a default IP address (the NSIP) and associated subnet mask for management access. The default NSIP is 192.168.100.1 and the subnet mask (netmask) is 255.255.0.0. You can change these values to fit the addressing scheme for your network. For your initial configuration, you must also specify at least one MIP. Before saving your new configuration, you should change the administrator password.

If you are setting up two NetScaler appliances as a high availability pair, you configure one as primary and the other as secondary.

set ns config – ipaddress 10.102.29.60 – netmask 255.255.255.0

add ns ip 10.102.29.61 255.255.255.0 -type mip

add route 0.0.0.0 0.0.0.0 10.102.29.1

set system user nsroot administrator

save ns config

reboot

Configuring a High Availability Pair for the First Time

In one-arm configuration, both NS1 and NS2 and servers S1, S2, and S3 are connected to the switch.

In two-arm configuration, both NS1 and NS2 are connected to two switches. The servers S1, S2, and S3 are connected to the second switch. The traffic between client and the servers passes through either NS1 or NS2.

To set up a high availability environment, configure one NetScaler as primary and another as secondary. Perform the following tasks on each of the NetScalers:

  • Add a node.
  • Disable high availability monitoring for unused interfaces.

Configuring System Settings

To configure HTTP parameters by using the configuration utility

  1. In the navigation pane, expand System, and then click Settings.
  2. In the details pane, under Settings, click Change HTTP parameters.
  3. In the Configure HTTP parameters dialog box, specify values for some or all of the parameters that appear under the headings listed in the table above.
  4. Click OK.

To set the FTP port range by using the configuration utility

  1. In the left pane, expand System, and click Settings. The Settings page appears in the right pane.
  2. Under Settings, click Change Global System Settings. The Configure Global Settings dialog box appears.
  3. Under FTP Port Range, in the Start Port and End Port text boxes, type the lowest and highest port numbers, respectively, for the range you want to specify (for example, 5000 and 6000).
  4. Click OK.

Enabling and Disabling Layer 2 or 3 Mode

  • enable ns mode <Mode>
  • disable ns mode <Mode>
  • show ns mode

Examples

> enable ns mode l3

Done

> show ns mode

Mode                           Acronym              Status

——-                        ——-              ——

1)     Fast Ramp                      FR                   ON

2)     Layer 2 mode                   L2                   OFF

.

.

.

9)     Layer 3 mode (ip forwarding)   L3                   ON

.

.

.

Done

>

> disable ns mode l3

Done

> show ns mode

Mode                           Acronym              Status

——-                        ——-              ——

1)     Fast Ramp                      FR                   ON

2)     Layer 2 mode                   L2                   OFF

.

.

.

9)     Layer 3 mode (ip forwarding)   L3                   OFF

.

.

.

Done

Enabling and Disabling MAC-Based Forwarding Mode

enable ns mode mbf
 Done
> show ns mode

        Mode                           Acronym              Status
        -------                        -------              ------
 1)     Fast Ramp                      FR                   ON
 2)     Layer 2 mode                   L2                   OFF
 .
 .
 .
 6)     MAC-based forwarding           MBF                  ON
 .
 .
 .
 Done
> 

> disable ns mode mbf
 Done
> show ns mode

        Mode                           Acronym              Status
        -------                        -------              ------
 1)     Fast Ramp                      FR                   ON
 2)     Layer 2 mode                   L2                   OFF
 .
 .
 .
 6)     MAC-based forwarding           MBF                  OFF
 .
 .
 .
 Done
>

Configuring Network Interfaces

set interface 1/8 -duplex full
 Done
> show interface 1/8
        Interface 1/8 (Gig Ethernet 10/100/1000 MBits) #2
        flags=0x4000 <ENABLED, DOWN, down, autoneg, 802.1q>
        MTU=1514, native vlan=1, MAC=00:d0:68:15:fd:3d, downtime 162h01m03s
        Requested: media UTP, speed AUTO, duplex FULL, fctl OFF,
                 throughput 0

        RX: Pkts(0) Bytes(0) Errs(0) Drops(0) Stalls(0)
        TX: Pkts(0) Bytes(0) Errs(0) Drops(0) Stalls(0)
        NIC: InDisc(0) OutDisc(0) Fctls(0) Stalls(0) Hangs(0) Muted(0)
        Bandwidth thresholds are not set.

 Done

To configure a VLAN by using the NetScaler command line

Type the following commands to create a VLAN, bind interfaces to it, verify the configuration, and display the statistics. If you have already created the VLAN, skip the first command.

  • add vlan <id>
  • bind vlan <id> [-ifnum <interface_name>]
  • show vlan [<id>]

Example

> add vlan 2
 Done
> bind vlan 2 -ifnum 1/8
 Done
> show vlan 2

1)      VLAN ID: 2
        Member Interfaces : 1/8         Tagged: None
 Done
>
> stat vlan 2
VLAN ID 2Rate (/s)                                     Total
Packets received                                   0                    0
Bytes received                                     0                    0
Packets sent                                       0                    0
Bytes sent                                         0                    0
Packets dropped                                   --                    0
Broadcast pkts sent & received                    --                    0
 Done
>

Configuring Link Aggregate Channels

> add channel LA/1
 Done
> bind channel LA/1 1/8
 Done
> show channel LA/1
1)      Interface LA/1 (802.3ad Link Aggregate) #9
        flags=0x1004000 <ENABLED, DOWN, AGGREGATE, down, HAMON, 802.1q>
        MTU=1514, native vlan=1, MAC=02:d0:68:15:fd:3b, downtime 0h00m00s
        Requested: media NONE, speed NONE, duplex NONE, fctl NONE,
                 throughput 0
        Actual: throughput 0
        LA mode: MANUAL, distribution: Conn: ENABLED, MAC: BOTH
                1/8: unknown                    DOWN 162h40m02s

        RX: Pkts(0) Bytes(0) Errs(0) Drops(0) Stalls(0)
        TX: Pkts(0) Bytes(0) Errs(0) Drops(0) Stalls(0)
        NIC: InDisc(0) OutDisc(0) Fctls(0) Stalls(0) Hangs(0) Muted(0)
        Bandwidth thresholds are not set.

 Done
>

To configure clock synchronization on your NetScaler

  1. Log on to the NetScaler command line and enter the shell command.
  2. At the shell prompt, copy the ntp.conf file from the /etc directory to the /nsconfig directory. If the file already exists in the /nsconfig directory, make sure that you remove the following entries from the ntp.conf file:

restrict localhost

restrict 127.0.0.2

These entries are required only if you want to run the device as a time server. However, this feature is not supported on the NetScaler.

  1. Edit /nsconfig/ntp.conf by typing the IP address for the desired NTP server under the file’s server and restrict entries.
  2. Create a file named rc.netscaler in the /nsconfig directory, if the file does not already exist in the directory.
  3. Edit /nsconfig/rc.netscaler by adding the following entry: /usr/sbin/ntpd -c /nsconfig/ntp.conf -l /var/log/ntpd.log &

This entry starts the ntpd service, checks the ntp.conf file, and logs messages in the /var/log directory.

Note: If the time difference between the NetScaler and the time server is more than 1000 sec, the ntpd service terminates with a message to the NetScaler log. To avoid this, you need to start ntpd with the -g option,which forcibly syncs the time. Add the following entry in /nsconfig/rc.netscaler:

/usr/sbin/ntpd -g -c /nsconfig/ntp.conf -l /var/log/ntpd.log &

If you do not want to forcibly sync the time when there is a large difference, you can set the date manually and then start ntpd again. You can check the time difference between the NetScaler and the time server by executing the following command in the shell:

ntpdate -q <IP address or domain name of the NTP server>
  1. Reboot the NetScaler to enable clock synchronization.

Note: If you want to start time synchronization before you restart the NetScaler, you can enter the

/usr/sbin/ntpd -c /nsconfig/ntp.conf -l /var/log/ ntpd.log &

command (which you added to the rc.netscaler file in step 5) at the shell prompt.

Configuring DNS

  • add dns nameServer <IP>
  • show dns nameServer <IP>

Example

> add dns nameServer 10.102.29.10

Done

> show dns nameServer 10.102.29.10

1)       10.102.29.10  -  State: DOWN

Done

>

SNMP

  • add snmp manager <IPAddress> … [-netmask <netmask>]
  • show snmp manager <IPAddress>

Example

> add snmp manager 10.102.29.5 -netmask 255.255.255.255

Done

> show snmp manager 10.102.29.5

1)      10.102.29.5         255.255.255.255

Done

>

  • add snmp trapspecific <IP>
  • show snmp trap

Example

> add snmp trap specific 10.102.29.3

Done

> show snmp trap

Type        DestinationIP    DestinationPort  Version     SourceIP         Min-Severity   Community

—-        ————-    —————  ——-     ——–         ————   ———

generic     10.102.29.9      162              V2          NetScaler IP     N/A            public

generic     10.102.29.5      162              V2          NetScaler IP     N/A            public

generic     10.102.120.101   162              V2          NetScaler IP     N/A            public

.

.

.

specific    10.102.29.3      162              V2          NetScaler IP     -              public

Done

>

  • set snmp alarm <trapName> [-state ENABLED | DISABLED ]
  • show snmp alarm <trapName>

Example

> set snmp alarm LOGIN-FAILURE -state ENABLED

Done

> show snmp alarm LOGIN-FAILURE

Alarm                            Alarm Threshold    Normal Threshold  Time  State      Severity      Logging

—–                            —————    —————-  —-  ——–   ————- ——–

1) LOGIN-FAILURE                    N/A                N/A               N/A   ENABLED    -             ENABLED

Done

>

  • set snmp alarm <trapName> [-severity <severity>]
  • show snmp alarm <trapName>

Example

> set snmp alarm LOGIN-FAILURE -severity Major

Done

> show snmp alarm LOGIN-FAILURE

Alarm                            Alarm Threshold    Normal Threshold  Time  State      Severity      Logging

—–                            —————    —————-  —-  ——–   ————- ——–

1) LOGIN-FAILURE                    N/A                N/A               N/A   ENABLED    Major         ENABLED

Done

>

Enabling Load Balancing

  • enable feature lb
  • show feature

Example

> enable feature lb

Done

> show feature

Feature                        Acronym              Status

——-                        ——-              ——

1)     Web Logging                    WL                   OFF

2)     Surge Protection               SP                   OFF

3)     Load Balancing                 LB                   ON

.

.

.

9)     SSL Offloading                 SSL                  ON

.

.

.

Done

Configuring Services and a Vserver

  • add service <name> <IPaddress> <serviceType> <port>
  • add lb vserver <vServerName> <serviceType> [<IPaddress> <port>]
  • bind lb vserver <name> <serviceName>
  • show service bindings <serviceName>

Example

> add service service-HTTP-1 10.102.29.5 HTTP 80

Done

> add lb vserver vserver-LB-1 HTTP 10.102.29.60 80

Done

> bind lb vserver vserver-LB-1 service-HTTP-1

Done

> show service bindings service-HTTP-1

service-HTTP-1 (10.102.29.5:80) – State : DOWN

1)      vserver-LB-1 (10.102.29.60:80) – State : DOWN

Done

To configure persistence based on cookies by using the NetScaler command line

  • set lb vserver <name> -persistenceType COOKIEINSERT
  • show lb vserver <name>

Example

> set lb vserver vserver-LB-1 -persistenceType COOKIEINSERT

Done

> show lb vserver vserver-LB-1

vserver-LB-1 (10.102.29.60:80) – HTTP   Type: ADDRESS

.

.

.

Persistence: COOKIEINSERT (version 0)   Persistence Timeout: 2 min

.

.

.

Done

>

To configure persistence based on server IDs in URLs by using the NetScaler command line

  • set lb vserver <name> -persistenceType URLPASSIVE
  • show lb vserver <name>

Example

> set lb vserver vserver-LB-1 -persistenceType URLPASSIVE

Done

> show lb vserver vserver-LB-1

vserver-LB-1 (10.102.29.60:80) – HTTP   Type: ADDRESS

.

.

.

Persistence: URLPASSIVE Persistence Timeout: 2 min

.

.

.

Done

>

Configuring Features to Protect the Load Balancing Configuration

Configuring URL Redirection

You can configure URL redirection to provide notifications of vserver malfunctions, and you can configure backup vservers to take over if a primary vserver becomes unavailable.

  • set lb vserver <name> -redirectURL <URL>
  • show lb vserver <name>

Example

> set lb vserver vserver-LB-1 -redirectURL http://www.newdomain.com/mysite/maint                                             enance

Done

> show lb vserver vserver-LB-1

vserver-LB-1 (10.102.29.60:80) – HTTP   Type: ADDRESS

State: DOWN

Last state change was at Wed Jun 17 08:56:34 2009 (+666 ms)

.

.

.

Redirect URL: http://www.newdomain.com/mysite/maintenance

.

.

.

Done

>

Configuring Backup Vservers

  • set lb vserver <name> [-backupVserver <string>]
  • show lb vserver <name>

Example

> set lb vserver vserver-LB-1 -backupVserver vserver-LB-2

Done

> show lb vserver vserver-LB-1

vserver-LB-1 (10.102.29.60:80) – HTTP   Type: ADDRESS

State: DOWN

Last state change was at Wed Jun 17 08:56:34 2009 (+661 ms)

.

.

.

Backup: vserver-LB-2

.

.

.

Done

>

Enabling Compression

By default, compression is not enabled. You must enable the compression feature to allow compression of HTTP responses that are sent to the client.

  • enable ns feature CMP
  • show ns feature

Example

> enable ns feature CMP

Done

> show ns feature

Feature                        Acronym              Status

——-                        ——-              ——

1)     Web Logging                    WL                   ON

2)     Surge Protection               SP                   OFF

.

7)     Compression Control            CMP                  ON

8)     Priority Queuing               PQ                   OFF

.

Done

Configuring Services to Compress Data

  • set service <name> -CMP YES
  • show service <name>

Example

> show service SVC_HTTP1

SVC_HTTP1 (10.102.29.18:80) – HTTP

State: UP

Last state change was at Tue Jun 16 06:19:14 2009 (+737 ms)

Time since last state change: 0 days, 03:03:37.200

Server Name: 10.102.29.18

Server ID : 0   Monitor Threshold : 0

Max Conn: 0     Max Req: 0      Max Bandwidth: 0 kbits

Use Source IP: NO

Client Keepalive(CKA): NO

Access Down Service: NO

TCP Buffering(TCPB): NO

HTTP Compression(CMP): YES

Idle timeout: Client: 180 sec   Server: 360 sec

Client IP: DISABLED

Cacheable: NO

SC: OFF

SP: OFF

Down state flush: ENABLED

1)      Monitor Name: tcp-default

State: DOWN     Weight: 1

Probes: 1095    Failed [Total: 1095 Current: 1095]

Last response: Failure – TCP syn sent, reset received.

Response Time: N/A

Done

Binding a Compression Policy to a Vserver

To bind a compression policy to a vserver by using the NetScaler command line

At the NetScaler command prompt, type the following commands to bind a compression policy to an LB vserver and verify the configuration:

  • bind lb vserver <name> -policyName <string>
  • show lb vserver <name>

Example

                            > bind lb vserver lbvip -policyName ns_cmp_msapp
                            Done
                            > show lb vserver lbvip
                            lbvip (8.7.6.6:80) - HTTP       Type: ADDRESS
                            State: UP
                            Last state change was at Thu May 28 05:37:21 2009 (+685 ms)
                            Time since last state change: 19 days, 04:26:50.470
                            Effective State: UP
                            Client Idle Timeout: 180 sec
                            Down state flush: ENABLED
                            Disable Primary Vserver On Down : DISABLED
                            Port Rewrite : DISABLED
                            No. of Bound Services :  1 (Total)       1 (Active)
                            Configured Method: LEASTCONNECTION
                            Current Method: Round Robin, Reason: Bound service's state changed to UP
                            Mode: IP
                            Persistence: NONE
                            Vserver IP and Port insertion: OFF
                            Push: DISABLED  Push VServer:
                            Push Multi Clients: NO
                            Push Label Rule:

                            Bound Service Groups:
                            1)      Group Name: Service-Group-1

                            1) Service-Group-1 (10.102.29.252: 80) - HTTP State: UP Weight:                                              1

                            1)      Policy : ns_cmp_msapp Priority:0
                            Done

Securing Load Balanced Traffic by Using SSL

  • enable feature SSL
  • show ns feature

Example

> enable feature ssl

Done

> show ns feature

Feature Acronym Status

——- ——- ——

1) Web Logging WL ON

2) SurgeProtection SP OFF

3) Load Balancing LB ON . . .

9) SSL Offloading SSL ON

10) Global Server Load Balancing GSLB ON . .

Done >

Creating HTTP Services

  • add service <name> <IP> <port>
  • show service name

> add service SVC_HTTP1 10.102.29.18 HTTP 80

Done

> show service SVC_HTTP1

SVC_HTTP1 (10.102.29.18:80) – HTTP

State: UP

Last state change was at Wed Jul 15 06:13:05 2009

Time since last state change: 0 days, 00:00:15.350

Server Name: 10.102.29.18

Server ID : 0   Monitor Threshold : 0

Max Conn: 0     Max Req: 0      Max Bandwidth: 0 kbits

Use Source IP: NO

Client Keepalive(CKA): NO

Access Down Service: NO

TCP Buffering(TCPB): NO

HTTP Compression(CMP): YES

Idle timeout: Client: 180 sec   Server: 360 sec

Client IP: DISABLED

Cacheable: NO

SC: OFF

SP: OFF

Down state flush: ENABLED

1)      Monitor Name: tcp-default

State: UP       Weight: 1

Probes: 4       Failed [Total: 0 Current: 0]

Last response: Success – TCP syn+ack received.

Response Time: N/A

Done

Adding an SSL-Based Vserver

  • add lb vserver <name> <serviceType> [<IPAddress> <port>]
  • show lb vserver <name>

Example

> add lb vserver vserver-SSL-1 SSL 10.102.29.50 443

Done

> show lb vserver vserver-SSL-1

vserver-SSL-1 (10.102.29.50:443) – SSL Type: ADDRESS

State: DOWN[Certkey not bound] Last state change was at Tue Jun 16 06:33:08 2009 (+176 ms)

Time since last state change: 0 days, 00:03:44.120

Effective State: DOWN Client Idle Timeout: 180 sec

Down state flush: ENABLED

Disable Primary Vserver On Down : DISABLED

No. of Bound Services : 0 (Total) 0 (Active)

Configured Method: LEASTCONNECTION Mode: IP

Persistence: NONE

Vserver IP and Port insertion: OFF

Push: DISABLED Push VServer: Push Multi Clients: NO Push Label Rule: Done

Caution: To ensure secure connections, you must bind a valid SSL certificate to the SSL-based vserver before you enable it.

Binding Services to the SSL Vserver

  • bind lb vserver <name> <serviceName>
  • show lb vserver <name>

Example

> bind lb vserver vserver-SSL-1 SVC_HTTP1

Done

> show lb vserver vserver-SSL-1 vserver-SSL-1 (10.102.29.50:443) – SSL Type:

ADDRESS State: DOWN[Certkey not bound]

Last state change was at Tue Jun 16 06:33:08 2009 (+174 ms)

Time since last state change: 0 days, 00:31:53.70

Effective State: DOWN Client Idle

Timeout: 180 sec

Down state flush: ENABLED Disable Primary Vserver On Down :

DISABLED No. of Bound Services : 1 (Total) 0 (Active)

Configured Method: LEASTCONNECTION Mode: IP Persistence: NONE Vserver IP and

Port insertion: OFF Push: DISABLED Push VServer: Push Multi Clients: NO Push Label Rule:

1) SVC_HTTP1 (10.102.29.18: 80) – HTTP

State: DOWN Weight: 1

Done

Adding a Certificate Key Pair

  • add ssl certKey <certkeyName> -cert <string> [-key <string>]
  • show sslcertkey <name>

Example

> add ssl certKey CertKey-SSL-1 -cert ns-root.cert -key ns-root.key

Done

> show sslcertkey CertKey-SSL-1

Name: CertKey-SSL-1 Status: Valid,

Days to expiration:4811 Version: 3

Serial Number: 00 Signature Algorithm: md5WithRSAEncryption Issuer: C=US,ST=California,L=San

Jose,O=Citrix ANG,OU=NS Internal,CN=de fault

Validity Not Before: Oct 6 06:52:07 2006 GMT Not After : Aug 17 21:26:47 2022 GMT

Subject: C=US,ST=California,L=San Jose,O=Citrix ANG,OU=NS Internal,CN=d efault Public Key Algorithm: rsaEncryption Public Key

size: 1024

Done

Binding an SSL Certificate Key Pair to the Vserver

  • bind ssl vserver <vServerName> -certkeyName <string>
  • show ssl vserver <name>

Example

> bind ssl vserver Vserver-SSL-1 -certkeyName CertKey-SSL-1

Done

> show ssl vserver Vserver-SSL-1

Advanced SSL configuration for VServer Vserver-SSL-1:

DH: DISABLED

Ephemeral RSA: ENABLED Refresh Count: 0

Session Reuse: ENABLED Timeout: 120 seconds

Cipher Redirect: ENABLED

SSLv2 Redirect: ENABLED

ClearText Port: 0

Client Auth: DISABLED

SSL Redirect: DISABLED

Non FIPS Ciphers: DISABLED

SSLv2: DISABLED SSLv3: ENABLED TLSv1: ENABLED

1) CertKey Name: CertKey-SSL-1 Server Certificate

1) Cipher Name: DEFAULT

Description: Predefined Cipher Alias

Done

Creating an SSL Action to Enable OWA Support

  • add ssl action <name> -OWASupport ENABLED
  • show SSL action <name>

> add ssl action Action-SSL-OWA -OWASupport enabled

Done

> show SSL action Action-SSL-OWA

Name: Action-SSL-OWA

Data Insertion Action: OWA

Support: ENABLED

Done

Creating SSL Policies

  • add ssl policy <name> -rule <expression> -reqAction <string>
  • show ssl policy <name>

Example

> add ssl policy Policy-SSL-1 -rule ns_true -reqaction Action-SSL-OWA

Done

> show ssl policy Policy-SSL-1

Name: Policy-SSL-1      Rule: ns_true

Action: Action-SSL-OWA  Hits: 0

Policy is bound to following entities

1)      PRIORITY : 0

Done

Binding the SSL Policy to an SSL Vserver

  • bind ssl vserver <vServerName> -policyName <string>
  • show ssl vserver <name>

Example

> bind ssl vserver Vserver-SSL-1 -policyName Policy-SSL-1

Done

> show ssl vserver Vserver-SSL-1

Advanced SSL configuration for VServer Vserver-SSL-1:

DH: DISABLED

Ephemeral RSA: ENABLED          Refresh Count: 0

Session Reuse: ENABLED          Timeout: 120 seconds

Cipher Redirect: ENABLED

SSLv2 Redirect: ENABLED

ClearText Port: 0

Client Auth: DISABLED

SSL Redirect: DISABLED

Non FIPS Ciphers: DISABLED

SSLv2: DISABLED SSLv3: ENABLED TLSv1: ENABLED

1)      CertKey Name: CertKey-SSL-1 Server Certificate

1)      Policy Name: Policy-SSL-1

Priority: 0

1)      Cipher Name: DEFAULT

Description: Predefined Cipher Alias

Done

>

Verifying the Configuration

After you finish configuring your system, complete the following checklists to verify your configuration.

Configuration Checklist

  • The build running is:
  • There are no incompatibility issues. (Incompatibility issues are documented in the build’s release notes.)
  • The port settings (speed, duplex, flow control, monitoring) are the same as the switch’s port.
  • Enough mapped IP addresses have been configured to support all server-side connections during peak times.
    • The number of configured mapped IP addresses is: ____
    • The expected number of simultaneous server connections is:

[ ] 62,000 [ ] 124,000 [ ] Other____

Topology Configuration Checklist

  • The routes have been used to resolve servers on other subnets.

The routes entered are:

________________________________________________________________________________________________________________________________________________________________________

  • If the NetScaler is in a public-private topology, reverse NAT has been configured.
  • The failover (high availability) settings configured on the NetScaler resolve in a one arm or two-arm configuration. All unused network interfaces have been disabled: _________________________ ________________________________________________________
  • If the NetScaler is placed behind an external load balancer, then the load balancing policy on the external load balancer is not “least connection.”

The load balancing policy configured on the external load balancer is: _______________________________________________________

  • If the NetScaler is placed in front of a firewall, the session time-out on the firewall is set to a value greater than or equal to 300 seconds.

The value configured for the session time-out is: ___________________

Server Configuration Checklist

  • “Keep-alive” has been enabled on all the servers.

The value configured for the keep-alive time-out is: ___________________

  • The default gateway has been set to the correct value. (The default gateway should either be a NetScaler or upstream router.) The default gateway is: _________________________________________
  • The server port settings (speed, duplex, flow control, monitoring) are the same as the switch port settings. ____________________________________________________________________________________________________________________________________________________________________________________
  • If the Microsoft® Internet Information Server is used, buffering is enabled on the server.
  • If an Apache Server is used, the MaxConn (maximum number of connections) parameter is configured on the server and on the NetScaler.

The MaxConn (maximum number of connections) value that has been set is: ____________________________________________________________

  • If a NetScape® Enterprise Server™ is used, the maximum requests per connection parameter is set on the NetScaler.

The maximum requests per connection value that has been set is: ____________________________________________________________

Software Features Configuration Checklist

  • Does the Layer 2 mode feature need to be disabled? (Disable if another Layer 2 device is working in parallel with a NetScaler.)

Reason for enabling or disabling: ________________________________________________________________________________________________________________________

  • Does the MAC-based forwarding feature need to be disabled? (If the MAC address used by return traffic is different, it should be disabled.)

Reason for enabling or disabling: ________________________________________________________________________________________________________________________

  • Does host-based reuse need to be disabled? (Is there virtual hosting on the servers?)

Reason for enabling or disabling: ________________________________________________________________________________________________________________________

  • Do the default settings of the surge protection feature need to be changed?

Reason for changing or not changing: ________________________________________________________________________________________________________________________

Access Checklist

  • The system IPs can be pinged from the client-side network.
  • The system IPs can be pinged from the server-side network.
  • The managed server(s) can be pinged through the NetScaler.
  • Internet hosts can be pinged from the managed servers.
  • The managed server(s) can be accessed through the browser.
  • The Internet can be accessed from managed server(s) using the browser.
  • The system can be accessed using SSH.
  • Admin access to all managed server(s) is working.

Note: When you are using the ping utility, ensure that the pinged server has ICMP ECHO enabled, or your ping will not succeed.

Firewall Checklist

The following firewall requirements have been met:

  • UDP 161 (SNMP)
  • UDP 162 (SNMP trap)
  • TCP/UDP 3010 (GUI)
  • HTTP 80 (GUI)
  • TCP 22 (SSH)

* Caution: To ensure secure connections, you must bind a valid SSL certificate to the SSL-based vserver before you enable it.

Posted in Load Balancing | Leave a Comment »

I’ll be adding some VoIP posts this week.

Posted by Peter Kurdziel on November 29, 2009

I’ll be adding some VoIP posts during this week.

Posted in VOIP | Leave a Comment »

Lucrative Tax Break for Your Small Business Customers-And More Potential Business for You

Posted by Peter Kurdziel on November 26, 2009

Lucrative Tax Break for Your  Small Business Customers—And More Potential Business for You

Dear Partner,

Take advantage of a chance to increase business before the end of
the year.

As a benefit of the American Recovery and Reinvestment Tax Act of
2009, beneficial provisions of IRC Section 168(k) (relating to bonus
depreciation) and Section 179* (relating to increased deductions) have
been extended for new equipment and software placed in service.

As a result, your small business customers don’t have to
postpone investing in Cisco® Small Business technology products
that will help them work more securely and effectively anytime,
anywhere. That’s good for their business. And good for yours,
too.

Help your customers take advantage of this tax break today. Tell
your customers today
.

* Bonus depreciation is available for all businesses
and provides an immediate depreciation deduction of 50 percent of the
cost of new equipment and software placed in service during calendar
year 2009. For taxable years beginning in 2009, 100 percent of new
equipment and software purchases up to $250,000 can be expensed
immediately.
To limit this benefit to small
businesses, the maximum immediate expense amount is reduced
dollar-for-dollar to the extent that a taxpayer’s total new
equipment and software purchases for the year exceed $800,000. (None
of this information should be construed as or constitutes tax
advice—please consult your tax adviser for a complete and
detailed analysis.)
For
more on Section 179, visit the IRS website.

Learn more

Welcome to the human network

Posted in Routing & Switching Lab | Leave a Comment »