Cbeyond Cisco Cube Configuration SIP Trunk Lync Cisco

On March 23, 2011, in Cisco, by admin

Here is my Cisco router Cube confiuration with Cbeyond. This device is also routing internet traffic with NAT and VPN

Building configuration…
Current configuration : 9249 bytes
!
! Last configuration change at 17:06:31 UTC Wed Mar 23 2011 by admin
!
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Router
!
boot-start-marker
boot-end-marker
!
!
logging buffered 51200 warnings
!
aaa new-model
!
!
aaa authentication login sdm_vpn_xauth_ml_1 local
aaa authorization network sdm_vpn_group_ml_1 local
!
!
!
!
!
aaa session-id common
!
no network-clock-participate wic 0
!
dot11 syslog
ip source-route
!
!
ip cef
!
!
!
ip domain name fintechcommunications.com
ip name-server 66.180.96.12
ip name-server 64.238.96.12
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
voice service voip
 ip address trusted list
  ipv4 192.168.22.212
  ipv4 192.168.1.8
  ipv4 192.168.1.4
  ipv4 192.168.1.6
  ipv4 192.168.1.7
  ipv4 192.168.1.5
 allow-connections h323 to h323
 allow-connections h323 to sip
 allow-connections sip to h323
 allow-connections sip to sip
 supplementary-service h450.12
 no supplementary-service sip moved-temporarily
 no supplementary-service sip refer
 sip
  header-passing sip-sip
  error-passthru
  registrar server expires max 3600 min 3600
  asserted-id pai
  localhost dns:sipconnect.lax0.cbeyond.net
  no update-callerid
  history-info
  midcall-signaling passthru
  privacy-policy passthru
!
voice class codec 1
 codec preference 1 g711ulaw
 codec preference 2 g711alaw
 codec preference 3 g729r8
!
voice class sip-profiles 3
 request INVITE sip-header Diversion remove
!
!
voice register global
 max-dn 56
 max-pool 14
!
!
!
voice translation-rule 103
 rule 1 /^\([2-9]………\)/ /+1\1/
 rule 2 /^\(………..\)/ /+\1/
 rule 3 /^\(………..\)/ /+\1/
!
!
voice translation-profile AddPlusForOCS
 translate calling 103
!
!
voice-card 0
 dsp services dspfarm
!
crypto pki token default removal timeout 0
!
crypto pki trustpoint TP-self-signed-4115930597
 enrollment selfsigned
 subject-name cn=IOS-Self-Signed-Certificate-4115930597
 revocation-check none
!
!
crypto pki certificate chain TP-self-signed-4115930597
 certificate self-signed 01
  30820259 308201C2 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
  69666963 6174652D 34313135 39333035 3937301E 170D3130 31303233 32303134
  30345A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D34 31313539
  33303539 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
  8100E484 DAF0ED87 E1F979E8 D0A6C630 6369BAFD 2F8C4B3C 07CF9A67 6B1A6BEE
  B9506A0F B7200800 8BD32A9B F458EA47 26E16E25 3C9CEC9E 6A0CFF3E 0A5FD71E
  533E407D 464EBCE4 BAA207DB 91C7DD91 E90FD5BE F8227A83 AF142B88 F3567B3F
  0CFC7BD4 5FDB91E7 25A80338 1A7919AA B30A8AE3 27709D93 3C536EFA A9180CBA
  63010203 010001A3 8180307E 300F0603 551D1301 01FF0405 30030101 FF302B06
  03551D11 04243022 8220526F 75746572 2E66696E 74656368 636F6D6D 756E6963
  6174696F 6E732E63 6F6D301F 0603551D 23041830 16801488 C0A982B5 B855FEA9
  01638892 F686E641 9109DD30 1D060355 1D0E0416 041488C0 A982B5B8 55FEA901
  638892F6 86E64191 09DD300D 06092A86 4886F70D 01010405 00038181 00A8FD12
  813B61B7 FA59258C 33DF9492 ABA41BCC CEE24A6D 91AD0660 E246BC77 0774CF61
  1A7A31B2 3D149F97 C780CD4B C8306F96 75EE6DB9 F29A4CF1 BA09C3EA D052B8BC
  7B990641 C98A509B 8FCE7ABB 10BD91F8 67CB7916 571A5B45 AECC228D 37730139
  A977E465 8D8D04C5 8A5F19CB 468C3DED 3D221847 37A8851E E481C864 9D
   quit
!
!
license udi pid CISCO2811 sn FTX1236A3AZ
username admin privilege 15 password 0 XXXXX

username fintech secret 5 XXXXXXXX!
redundancy
!
!
controller T1 0/0/0
!
!
crypto ctcp
!
crypto isakmp policy 1
 encr 3des
 authentication pre-share
 group 2
crypto isakmp key XXXX address 0.0.0.0 0.0.0.0
!
crypto isakmp client configuration group fintech
 key XXXXX pool SDM_POOL_1
 acl 101
 save-password
crypto isakmp profile sdm-ike-profile-1
   match identity group fintech
   client authentication list sdm_vpn_xauth_ml_1
   isakmp authorization list sdm_vpn_group_ml_1
   client configuration address respond
   virtual-template 1
!
!
crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac
!
crypto ipsec profile SDM_Profile1
 set transform-set ESP-3DES-SHA
 set pfs group2
 set isakmp-profile sdm-ike-profile-1
!
!
crypto dynamic-map SDM_DYNMAP_1 1
 set transform-set ESP-3DES-SHA1
 match address 100
!
!
crypto map SDM_CMAP_1 65535 ipsec-isakmp dynamic SDM_DYNMAP_1
!
!
!
!
!
!
interface FastEthernet0/0
 ip address 192.168.1.6 255.255.255.0
 ip nat inside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface FastEthernet0/1
 description $ETH-WAN$
 ip address 74.7.XXX.XXX 255.255.255.248
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 crypto map SDM_CMAP_1
!
interface Virtual-Template1 type tunnel
 ip unnumbered FastEthernet0/0
 tunnel mode ipsec ipv4
 tunnel protection ipsec profile SDM_Profile1
!
ip local pool SDM_POOL_1 192.168.1.225 192.168.1.235
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
!
!
ip nat inside source route-map SDM_RMAP_1 interface FastEthernet0/1 overload
ip nat inside source static tcp 192.168.1.2 25 74.7.221.xxx.xxx route-map nonat extendable
ip nat inside source static tcp 192.168.1.2 443 74.7.221.xxx.xxx 443 route-map nonat extendable
ip nat inside source static tcp 192.168.1.2 1328 74.7.221.xxx.xxx 1328 route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 22 74.7.221.xxx.xxx 22 route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 25 74.7.221.xxx.xxx 25 route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 53 74.7.221.xxx.xxx 53 route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 80 74.7.221.xxx.xxx route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 110 74.7.221.xxx.xxx route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 143 74.7.221.xxx.xxx route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 443 74.7.221.xxx.xxx route-map nonat extendable
ip nat inside source static tcp 192.168.1.3 10000 74.7.221.xxx.xxx10000 route-map nonat extendable
ip route 0.0.0.0 0.0.0.0 74.7.221.xxx.xxx

!
logging esm config
access-list 100 remark CCP_ACL Category=4
access-list 100 remark IPSec Rule
access-list 100 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 101 remark CCP_ACL Category=4
access-list 101 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 remark CCP_ACL Category=16
access-list 102 remark IPSec Rule
access-list 102 deny   ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 150 deny   ip host 192.168.1.2 192.168.2.0 0.0.0.255
access-list 150 permit ip host 192.168.1.2 any
access-list 150 deny   ip host 192.168.1.3 192.168.2.0 0.0.0.255
access-list 150 permit ip host 192.168.1.3 any
access-list 150 deny   ip host 192.168.1.7 192.168.2.0 0.0.0.255
access-list 150 permit ip host 192.168.1.7 any
!
!
!
!
route-map SDM_RMAP_1 permit 1
 match ip address 102
!
route-map nonat permit 10
 match ip address 150
!
!
!
!
control-plane
!
!
voice-port 0/1/0
!
voice-port 0/1/1
!
voice-port 0/1/2
!
voice-port 0/1/3
!
!
!
mgcp profile default
!
!
dial-peer voice 9 voip
 destination-pattern .T
 session protocol sipv2
 session target sip-server
 incoming called-number 9T
 voice-class codec 1 
 dtmf-relay rtp-nte
!
dial-peer voice 1 voip
 description lync
 translation-profile outgoing AddPlusForOCS
 destination-pattern 949…….
 session protocol sipv2
 session target ipv4:192.168.1.7
 session transport tcp
 incoming called-number 949…….
 voice-class sip dtmf-relay force rtp-nte
 voice-class sip early-offer forced
 voice-class sip profiles 3
 voice-class sip block 183 sdp present
 dtmf-relay rtp-nte
 codec g711ulaw
 no vad
!
dial-peer voice 2 voip
 description Cucm8
 destination-pattern 9492003010
 session protocol sipv2
 session target ipv4:192.168.1.4
 incoming called-number 9492003010
 voice-class codec 1 
 voice-class sip dtmf-relay force rtp-nte
 dtmf-relay rtp-nte
 no vad
!
!
sip-ua
 credentials username 949XXXXXXX password 7 XXXX realm default
 authentication username 949XXXXXXX password 7 XXXXX no remote-party-id
 retry invite 2
 retry register 10
 timers connect 100
 registrar dns:sipconnect.lax0.cbeyond.net expires 3600
 sip-server dns:sipconnect.lax0.cbeyond.net
 connection-reuse
 host-registrar
!
!
!
telephony-service
 no auto-reg-ephone
 max-ephones 35
 max-dn 144
 max-redirect 5
 max-conferences 8 gain -6
 web admin system name admin secret 5 XXXXXXX transfer-system full-consult
!
!
ephone-dn  34
 number 9492003010
 description SIP VM trunk registration
 preference 10
!
!
!
line con 0
line aux 0
line vty 0 4
 privilege level 15
 transport input telnet ssh
 transport output telnet ssh
line vty 5 100
 transport input telnet ssh
 transport output telnet ssh
!
scheduler allocate 20000 1000
end

 
If you enjoyed this article, please consider sharing it!
Facebook Twitter Digg

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.



Go To Top »