Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

public h.323 and sip Clients dial into internal network via VCSE

Hi,

We have a situation today someone tried to call internal endpoint- xxxxx (h.323) from public Internet by using below string.

Xxxxx@vcse.company.com.au.

Where VCSE.company.com.au is the A record for the VCS expressway and public DNS server have a SRV records for H.323 and SIP calls.

My understanding was, public endpoints can use only the below string.

Xxxxx@ip address of the VCS expressway or

Xxxxx@company.com.au , not the Xxxxx@vcse.company.com.au

we had a transform to strip the suffix for above 2 scenarios in the expressway , but not for the xxxxx@vcse.company.com.au.

Then the call went through the traversal zone to VCS control to kit the ISDN GW to Make ISDN calls.

Can someone confirm the strings which can be used from the public Internet?

CHRIS

Sent from Cisco Technical Support iPad App

3 REPLIES
Community Member

public h.323 and sip Clients dial into internal network via VCSE

HI Chris

If your search rule to route calls inside (to VCS C) is Any Alias, any kind of Alias will be redirected to the VCS C, even those with a unknow domain.

If the attempt was (for example) 9xxxx@vcse.company.com.au where the 9 is a prefix (like GW prefix) on the VCS C, the call will be sent to the GW (and maybe can complete)

The calls can be made to the SRV record (domain), IP Address or VCS E A record.

The difference is when you use SRV record, you can share your domain using it on URI/AOR of your video devices.In the other options you need to manipulate the address.

You need to use CPL to deny access to services to unregistered, unauthenticated or undesired users.

Regards

Elter

public h.323 and sip Clients dial into internal network via VCSE

Hi Chris,

As mentioned by Elter, check the search rules which is matched for the incoming calls to expressway.

As pointed correctly if you have set this as "any alias" then it will forward all the calls ir-respective of the "domain" part.

Another possibility could be the rule match first is set to "continue" and there are any other search rules with lower priority which are matching??

Thanks

Alok

Community Member

Re: public h.323 and sip Clients dial into internal network via

Thanks Elter and Alok.

I believe the better way to do it via CPL rather than more transforms and search rules.

Chris

Sent from Cisco Technical Support iPad App

502
Views
0
Helpful
3
Replies
CreatePlease to create content