Merry Chirstmas all! I hope all has had a good Christmas today. I came across a "CME explained" document that I created some time back of an old config I had of an CallManager Express, where I put some explanations of key config statements and what they do. I hope this helps some of you who do CMEs and need some explanations of things. See below the config (in black) and explanations (in blue). I deleted some of this so it wouldnt be so long.
CME2821#show run
Building configuration...
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname CME2821
!
boot-start-marker
boot system
flash:c2800nm-advipservicesk9-mz.124-4.XC7.bin This
IOS image MUST be compatible with the CME version that is on here.
We are using 4.0(3), and this image is the “least” image we can
have for 4.0(3) to run properly on our 2821 router.
boot-end-marker
logging buffered 51200 warnings
aaa new-model
aaa authentication login default local
aaa session-id common
resource policy
clock timezone central -6
clock summer-time zone recurring
network-clock-participate wic 1
network-clock-select 1 T1 0/1/0
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.75.1
192.168.75.10
Exclusion that will not allow client IPs of .1 through .10 to be
handed out to clients. This scope will start at .11 .
!
ip dhcp pool phone
Name of the DHCP pool is “phone”.
import all
network 192.168.75.0 255.255.255.0
option 150 ip 192.168.75.1
Option 150 tells the phones where to look for the TFTP server, so
that it knows where to get its phone loads.
default-router 192.168.75.1
ip domain name company.net
!
isdn switch-type primary-ni
Type of PRI used is Primary NI 2 is used.
!
voice-card 0
no dspfarm
voice service voip
The allow statements allow calls from protocol to protocol. H323 to
H323, H323 to SIP, etc.
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
supplementary-service h450.12
h323
default
sip
default
header-passing
default
registrar server expires max 3600 min
3600
default
!
voice class codec 1
codec preference 1 g711ulaw
use uncompressed voice, for internal LANs, you don’t need to
compress the voice. You only need compression when going over a T1,
Frame-Relay, etc.
!
voice translation-rule 1
This is voice translation-rule 1. You reference this much like
access-list 1 in an ACL. Notice down in the “voice
translation-profile strip9” that the “translate called 1”
references this translation-rule. This rule is not applied to
anything, because the 9 is stripped off by default. No need to
apply.
rule 1 /^9\(.*\)/ /\1/
This rule strips the 9 off the from of the digits. EX. When you
push 9 to get an outside line, it takes that 9 off before handing it
over to the PRI, or in our case, the Cisco IAD.
!
Below, this translation-rule below (2) adds digits to the numbers
going out. Rule #1 in this translation-rule states that any call
with an extension of 83XX should have added to it a “205413”, at
the front. Because, in this case, the NoVux Cisco IAD expects to see
10 digits from our CME. This IS configurable on their side. Rule #2
states to add a “205876” to anything coming in from the LAN with
a 4 digit string of “15XX”. Our block of numbers are
205.876.1500 – 1532. Same for rule #3, where our two main lines
4490 and 4494 need to have a “205986” in front of the two
extensions before being forwarded out to the Cisco IAD. If these
rules where not in place, you would not be able to get past the Cisco
IAD, therefore you would get a fast busy signal.
*****NOTE*****
If you get another dialtone AFTER you dial your number, that means
that the IAD (in this case) is expecting digits from ONLY the DIDs
they have listed and it is programmed into the Cisco IAD (Nuvox
owned). This is a security feature, and it will only allow calls
from the DIDs they list. If you get dial tone and digits are sent
without problem to the IAD, the IAD is the issue.
voice translation-rule 2
rule 1 /^\(83..\)$/ /205413\1/
rule 2 /^\(15..\)$/ /205876\1/
rule 3 /^\(44..\)$/ /205986\1/
!
Below, this translation-rule (3) was for test purposes in
troubleshooting an issue, not relevant to this config.
voice translation-rule 3
rule 1 /.*/ /2054138323/
!
voice translation-profile callerid
translate calling 3
!
Below, this was named “fix_clid” because the NuVox Cisco IAD
expects 10 digits, and we have to provide a way to do so. Therefore,
if you look down at voice-port 0/1/0:23, you will notice that this
profile is applied to that voice-port. Hence, 10 digits are
forwarded to the NuVox Cisco IAD.
voice translation-profile fix_clid
translate calling 2
!
Below, this is a translation-profile which a translation-rule goes
into. OR the translation-rule is referenced by the
translation-profile. Remember this one is not being used, because
the 9 is stripped off the number before being sent out by default.
“strip9” is what the translation-profile is called.
voice translation-profile strip9
translate called 1
“1” is the translation-rule that is referenced (voice
translation-rule 1). Kindof like your portfolio has pictures in it,
where a translation-profile has a translation-rule in it.
!
crypto pki trustpoint
TP-self-signed-1571388936
enrollment selfsigned
subject-name
cn=IOS-Self-Signed-Certificate-1571388936
revocation-check none
rsakeypair TP-self-signed-1571388936
!
username company privilege 15 password
7 XXXXXXX
!
controller T1 0/1/0
framing esf
linecode b8zs
pri-group timeslots 1-24
!
controller T1 0/1/1
framing esf
linecode b8zs
pri-group timeslots 1-24
!
interface GigabitEthernet0/0
description LAN
no ip address
duplex auto
speed auto
!
===============================================
These two
sub-interfaces are for the voice and data vlans. They connect to a
trunk port on the 3560.
interface GigabitEthernet0/0.1
encapsulation dot1Q 1 native
ip address 192.168.73.4 255.255.255.0
no snmp trap link-status
!
interface GigabitEthernet0/0.5
encapsulation dot1Q 5
ip address 192.168.75.1 255.255.255.0
no snmp trap link-status
===============================================
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/3/0
switchport mode trunk
switchport voice vlan 5
!
interface FastEthernet0/3/1
switchport mode trunk
switchport voice vlan 5
!
interface FastEthernet0/3/2
switchport mode trunk
switchport voice vlan 5
!
interface FastEthernet0/3/3
switchport mode trunk
switchport voice vlan 5
!
interface Serial0/1/0:23
no ip address
NO ip address needed
encapsulation ppp
Usually ppp, but router defaults to HDLC
isdn switch-type primary-ni
switch type named from phone company
isdn incoming-voice voice
voice calls come in
!
interface Serial0/1/1:23
no ip address
encapsulation ppp
shutdown
isdn switch-type primary-ni
isdn incoming-voice voice
!
interface Service-Engine1/0
This interface is for Unity Express.
ip unnumbered GigabitEthernet0/0.1
service-module ip address 192.168.73.8
255.255.255.0
MUST be on the same network as the router LAN scheme.
service-module ip default-gateway
192.168.73.4
Notice on same LAN IP scheme also.
!
interface Vlan1
You need an IP address on these two vlans if you are going to use the
4 port switch module in the router. Do not use it for vlan 1 or vlan
5, but you can for other vlans if need be.
no ip address
!
interface Vlan5
no ip address
!
ip route 0.0.0.0 0.0.0.0 192.168.73.1
ip route 192.168.73.8 255.255.255.255
Service-Engine1/0
Tells the router where to route to for the CUE config.
!
ip http server
Must have on if you are going to do any admin work via the GUI.
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life
86400 requests 10000
!
snmp-server community 4star$ RO
!
Below are the TFTP phone loads, ring tones, etc. Do not delete
any of these. Remember “option 150” in your DHCP scope? This is
what its after, depending on the type of phone you have. DO NOT
DELETE ANY OF THESE.
tftp-server flash:P0030702T023.bin
tftp-server flash:P00405000700.bin
tftp-server flash:P0030702T023.loads
tftp-server flash:P0030702T023.sb2
tftp-server flash:P0030702T023.sbn
tftp-server flash:CVM70.2-0-0-112.sbn
tftp-server flash:Jar70.2-9-0-117.sbn
tftp-server flash:TERM70.7-0-1-0s.LOADS
tftp-server flash:TERM70.DEFAULT.loads
tftp-server flash:TERM71.DEFAULT.loads
tftp-server flash:cnu70.2-7-4-134.sbn
tftp-server flash:Analog1.raw
tftp-server flash:Analog2.raw
tftp-server flash:AreYouThere.raw
!
control-plane
!
voice-port 0/0/0
voice-port 0/0/1
voice-port 0/1/0:23
translation-profile outgoing fix_clid
voice-port 0/1/1:23
!
Below, this dial peer is for voice-mail. The pilot number for
voicemail is 7000. Notice the IP address in the “target” is the
CUE module. G711 is also used.
dial-peer voice 5 voip
destination-pattern 7...
session protocol sipv2
session target ipv4:192.168.73.8
dtmf-relay sip-notify
codec g711ulaw
no vad
!
These dial-peers have a description that explain themselves.
Notice on all that a port is listed for where they will be forwarded
out, or in. Also, notice they are “pots” dial-peers and not
“voip” dial peers, meaning they are coming from or going to the
PRI.
dial-peer voice 1 pots
description ===== INBOUND CALLS =====
===== INBOUND CALLS =====
incoming called-number .
direct-inward-dial
port 0/1/0:23
!
dial-peer voice 2 pots
description ===== 911 CALLS =====
===== 911 CALLS =====
destination-pattern 911
port 0/1/0:23
prefix 911
!
dial-peer voice 3 pots
description ===== LOCAL CALLS =====
===== LOCAL CALLS =====
destination-pattern 9[2-9]......
clid override rdnis
port 0/1/0:23
!
dial-peer voice 4 pots
description ===== 911 CALLS STRIP 9
===== ===== 911 CALLS STRIP 9 =====
destination-pattern 9911
port 0/1/0:23
prefix 911
!
dial-peer voice 6 pots
description ===== LONG DISTANCE CALLS
===== ===== LONG DISTANCE CALLS =====
destination-pattern
91[2-9]..[2-9]......
clid override rdnis
port 0/1/0:23
prefix 1
!
dial-peer voice 7 pots
description ===== INTERNATIONAL CALLS
===== ===== INTERNATIONAL CALLS =====
destination-pattern 9011T
port 0/1/0:23
prefix 011
!
Below, you have the telephony-service where you tell it several
things like what load to use for what phone, no auto-registration of
the phones (they have to be manually added for security reasons),
maximum of 52 phones supported, maximum of 192 extensions, voicemail
pilot, call forwarding, pushing “9” to get outside dialtone,
etc.
telephony-service
no auto-reg-ephone
load 7960-7940 P0030702T023
load 7941GE SCCP41.8-0-4SR3AS
load 7941 SCCP41.8-0-4SR3AS
load 7970 SCCP70.8-0-4SR3AS
max-ephones 52
max-dn 192
ip source-address 192.168.75.1 port
2000
dialplan-pattern 1 205XXXXXXX
extension-length 4 extension-pattern XXXX
voicemail 7000
max-conferences 8 gain -6
call-forward pattern .T
transfer-system full-consult
transfer-pattern .T
secondary-dialtone 9
create cnf-files version-stamp 7960
Sep 24 2007 20:25:01
!
The extensions below in the “ephone-dn” section. Description
shows up in the top right corner of the phone, where name shows up
when you are calling someone (it tells them who you are instead of
the extension), and the number is the actual extension number.
ephone-dn 1 dual-line
number 8323
description Joey XXXXX
name Joey XXXXX
!
ephone-dn 2 dual-line
number 4490
name XXXXXXX
!
These two are the message waiting indicators numbers. CUE uses
the number 8000 plus your extension number to turn the light on your
phone on or off.
ephone-dn 100
number 8000....
mwi on
!
ephone-dn 101
number 8001....
mwi off
!
Below is where the actual physical phones start. You put in the
mac-address of the phone, tell it what type of phone so it knows what
kind of phone load to look for, and you assign the extension with the
“button” command. The “button” command goes like this:
button (physical button on the side of your phone:ephone-dn #). So,
“button 1:1” would refer to first button on the right side of the
phone, and extension 8323, which is Joey’s.
ephone 1
device-security-mode none
mac-address 001B.5494.A209
type 7970
mwi-line 2
button 1:1 2:2 3:4 4:50
!
ephone 2
device-security-mode none
mac-address 001A.E22A.C835
type 7940
button 1:5
banner login ^C******This is a private
network********^C
!
line con 0
line aux 0
line 66
no activation-character
no exec
transport preferred none
transport input all
transport output all
line vty 0 4
access-class 23 in
privilege level 15
transport input telnet ssh
line vty 5 15
access-class 23 in
privilege level 15
transport input telnet ssh
!
scheduler allocate 20000 1000
ntp clock-period 17180269
ntp server 140.221.9.20
!
webvpn context Default_context
ssl authenticate verify all
!
no inservice
!
end
