Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CPL Rules in VCS-E

Hello!

I have been trying to help a customer implement some CPL rules to allow certain users from jabber.com accounts to call in and reject others.  I'm using the Rules from Configuration Call Policy Add Call Policy rule, and the Call Policy mode is set to Local CPL.  I think the rules are pretty straightforward, but the VCS is still allowing calls to get through.  At one point, I just had the following rule;

Source pattern - (.*)@jabber.com   Destination pattern - .*    Action - Reject

The calls from my jabber.com account were still connecting.  Am I making a mistake with the regular expressions?  Is there an issue with the CPL implementation on the VCS?  Here are the devices involved;

VCS-E running X8.2.2

Jabber for Telepresence 4.8.8 downloaded from the free Jabber site.  Registered to https://boot.ciscojabbervideo.com/endpoint/configuration

Thanks!

  • TelePresence
1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

Hello Bob -If I'm

Hello Bob -

If I'm understanding the problem correct, you're using the CPL web interface in the VCS, and not creating a CPL script yourself?  If so, the web interface only truly works for authenticated sources, not external unauthenticated sources, such as Jabber.com.  You need to create a custom CPL script to accomplish this, as the web interface uses "orgin" where it should use "unauthenticated-orgin", as origin is meant for authenticated sources.

Attached is a CPL script based on your example I threw together, it will work with VCS X8 and above.  if you're running VCS X7.x, than the language in the script will need to be changed.

3 REPLIES
VIP Purple

Hello Bob -If I'm

Hello Bob -

If I'm understanding the problem correct, you're using the CPL web interface in the VCS, and not creating a CPL script yourself?  If so, the web interface only truly works for authenticated sources, not external unauthenticated sources, such as Jabber.com.  You need to create a custom CPL script to accomplish this, as the web interface uses "orgin" where it should use "unauthenticated-orgin", as origin is meant for authenticated sources.

Attached is a CPL script based on your example I threw together, it will work with VCS X8 and above.  if you're running VCS X7.x, than the language in the script will need to be changed.

New Member

Thanks Patrick!That was the

Thanks Patrick!

That was the detail I was missing in all of this.

As a side note, in discussing this with another customer they told me they had also run into this issue and their solution was to put the Default Zone in "Treat as authenticated" mode and the web interface CPL rules would apply.  I realize that this is not ideal as it could affect phone book propagation and Presence, but it is working for them.

Thanks again!

VIP Purple

Glad it works for you.Having

Glad it works for you.

Having the Default Zone set to "Treat as authenticated" is a very bad idea.  It could interfere with authentication allowing anyone with any password to authenticate, if search rules rely on authentication, provisioning as you mention.  Several issues might arise.

309
Views
0
Helpful
3
Replies
This widget could not be displayed.