Looking for input on using an EX90 at a home office. They want to use a hardware VPN and connect the EX90 to a Cisco 881 router. The EX90 will be registered with CUCM 8.6
Presently this is setup, and the EX90 is registered with the CUCM. Ihave two current issues
1) When the home office EX90 calls an EX90 in the campus, they never get ringback and the call fails to connect. We've looked at all the firewalls and ACL's and I've been assured they are configured to allow traffic from and to the subnets for the CUCM, and the endpoints.
2) The EX90 then unregisters and will not attempt to re-register with CUCM.
CUCM traces show the following for the unregister event.
17:30:37.673 |EndPointUnregistered - An endpoint has unregistered Device name:SEP00506006F5B9 Device IP address:10.95.6.2 Protocol:SIP Device type:584 Device description:Robert-EX90 Reason Code:13 IPAddressAttributes:0 LastSignalReceived:SIPStationDPrimaryLineTimeout CallState:17075772195-call_received7 App ID:Cisco CallManager Cluster ID:Agilent-TP-CUCM Node ID:scstpcucm02|AlarmSEP00506006F5B9^*^SEP00506006F5B9
Any thoughts on why the device would not continue to resent registration requests once it has unregistered?
A packet capture for the EX90 call attempt and subsuqient unregistering from CUCM would be enlightening here. I suggest running it from CUCM using the utils network capture command. This will show you what is happening to the SIP packets after they have crossed the network. You may also need to run one from the EX90 side to see what happens to the replies from CUCM after they have crossed the network.
My first guess would be protocol inspection on an ASA/ZBFW which is looking at the SIP dialog and messing with the headers. For example, if the ASA is doing NAT on the egress interface of the VPN traffic it's possible that it's modifying the IP address in the headers to an external IP instead of leaving the pre-NAT (tunneled) IP in place.
Without PCAP files it's hard to do more than guess here.
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...
This document describe how DST changes and how time changes are
implemented in DST. Daylight Saving Time (DST) is the practice of
setting the clocks forward 1 hour from standard time during the summer
months, and back again in the fall, in order to make b...