Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
459
Views
0
Helpful
1
Replies

Restrict calls between a subzone and particular extensions on Cisco VCS

Go to solution
misha_bac
Level 1
Level 1

‎05-26-2016 07:23 AM - edited ‎03-18-2019 05:59 AM

Hello, I use Cisco VCS 8.5.3, my goal is to restrict calls between a subzone and particular extentions.
I've tried following solutions:

  1. Uploading call policy XML file
  2. Use of Call policy web interface to restrict calls

XML file:

<taa:routed>
 <address-switch field="originating-zone">
 <address is="Zone_ABC">
  <address-switch field="destination">
   <!-- Allow inter-zone calls -->
   <address regex="11111|11112">
    <proxy/>
   </address>
   <!-- Block all other calls -->
    <address regex="1.*">
     <reject status="403" reason="Denied by policy"/>
    </address>
   </address-switch>
  </address>
</address-switch>
</taa:routed>

But when I apply XML file, or try to use very simple web rule (for example: source 11111, destination 12222, action reject) I am still able to place the call from 11111 to 12222.

What can be the cause of the problem and what else can I try to be able to forbid calls between a subzone and particular exentions?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni

‎05-26-2016 09:48 AM

Attached is an example CPL script that should work.  Using that CPL script, I was able to block calls from an entire subzone to a destination alias located in the default subzone, and was still able to call any other endpoint in the default subzone without issue.  Note, you should enter the name of the subzone as you have it configured on the VCS, including spaces if any are present.

The script is based on the CPL example "restricting access to a local gateway" in the VCS X8.5 Admin Guide on pg 413, other CPL reference material and examples can be seen starting on pg 410.

View solution in original post

block_calls_from_subzone_cpl.zip
0 Helpful
1 Reply 1

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni

‎05-26-2016 09:48 AM

Attached is an example CPL script that should work.  Using that CPL script, I was able to block calls from an entire subzone to a destination alias located in the default subzone, and was still able to call any other endpoint in the default subzone without issue.  Note, you should enter the name of the subzone as you have it configured on the VCS, including spaces if any are present.

The script is based on the CPL example "restricting access to a local gateway" in the VCS X8.5 Admin Guide on pg 413, other CPL reference material and examples can be seen starting on pg 410.

block_calls_from_subzone_cpl.zip
0 Helpful
Customers Also Viewed These Support Documents