Accepted Solutions
AFAICT your missing the SIP-UA configuration. As stated in in my previous reply and in the referenced post that @b.winter mentioned you need to have this defined for the SIP phones to successfully register.
Apart from this you should remove the line with username and password from your SIP phones as that’s not needed.
Follow up to my previous post. Please see the full run down of what I would recommend you to look at in your configuration.
ip dhcp pool ccp-pool import all network 10.10.10.0 255.255.255.128 default-router 10.10.10.1 lease 0 2 !Missing option 150 to point out TFTP if this is used for the phones ! voice service voip ip address trusted list ipv4 0.0.0.0 0.0.0.0 !This turns off all security for call fraud prevention and is not recommended ! voice service voip no allow-connections h323 to h323 no allow-connections h323 to sip no allow-connections sip to h323 !None of these are needed ! registrar server !Change the registrar line to this localhost dns:legacypensions.com !Not sure what this command does? Never seen it used for CME ! voice class h323 1 call start fast !None of these are needed ! voice register global no authenticate register no authenticate realm legacy !None of these are needed AFAIK ! voice register pool 2 id mac E840.400C.4F8B type 9971 number 1 dn 2 cor incoming UNRESTRICTED default presence call-list no username cisco password cisco !As previously pointed out this command is not needed for Cisco phones with CME. Remove this from all configured SIP phones codec g711ulaw !Recommend you to use a voice-class codec list no vad camera video no keep-conference ! interface GigabitEthernet0/0 !Recommend you to create an ACL to limit the allowed traffic on this interface to allow the needed ports for the SIP trunk to your service provider ! !As an example this its from our configuration template ![A.A.A.A] = LAN Interface IP Address (Voice Vlan) ![B.B.B.B] = Assigned IP address from ITSP (Outside Interface) ![C.C.C.C] = ITSP SIP SBC IP Address ![D.D.D.D] = ITSP CPE IP address !Note: Please note that for some telco, SIP SBC is same as CPE IP address !Some service providers use TCP instead of UDP, or both. Adopt the ACL as needed for the requirements specific to the service provider. ip access-list extended PSTN_ACL remark Permit SIP from ITSP CUBE to TETRA PAK CUBE permit udp host [C.C.C.C] host [B.B.B.B] eq 5060 permit udp host [C.C.C.C] eq 5060 host [B.B.B.B] remark Permit RTP from ITSP CUBE to TETRA PAK CUBE permit udp host [C.C.C.C] host [B.B.B.B] range 16384 32766 remark Permit ICMP from ITSP CUBE to TETRA PAK CUBE permit icmp host [C.C.C.C] host [B.B.B.B] permit icmp host [D.D.D.D] host [B.B.B.B] ! interface GigabitEthernet0/0/1 ip access-group PSTN_ACL in call treatment on call threshold global cpu-avg low 70 high 80 call threshold global total-mem low 70 high 80 call spike 10 steps 6 size 200
!These thresholds will need to be adopted to fit your need ! !What are these dial peers used for? dial-peer voice 101 voip dial-peer voice 100 voip dial-peer voice 102 voip dial-peer voice 103 voip dial-peer voice 220 voip dial-peer voice 88 voip dial-peer voice 89 voip !If not needed please remove them.
!At a minimum you should clean them up to not be a mix of inbound and outbound at the same time, plus there are multiple once that would do the same thing. !Remove the bind statements from this dial peer as it is defined on the tenant dial-peer voice 1111 voip no voice-class sip bind control source-interface GigabitEthernet0/0 no voice-class sip bind media source-interface GigabitEthernet0/0 ! !Remove the incoming called-number . from this dial peer as your using VIA header info for the match dial-peer voice 1000 voip no incoming called-number . !
Apart from this I would recommend you to upgrade your router to this version, 15.7(3)M8, as that is the current recommended option for this platform.
AFAICT your missing the SIP-UA configuration. As stated in in my previous reply and in the referenced post that @b.winter mentioned you need to have this defined for the SIP phones to successfully register.
Apart from this you should remove the line with username and password from your SIP phones as that’s not needed.
Not seen these two commands in CME configuration earlier.
authenticate register authenticate realm legacy
Could you try without them? And you still have the line with username and password defined on your SIP device configuration, please remove that as well and try.
Apart from this your dial peers are messy beyond comprehension. To much to comment on from a mobile device. Will circle back to this later.
Follow up to my previous post. Please see the full run down of what I would recommend you to look at in your configuration.
ip dhcp pool ccp-pool import all network 10.10.10.0 255.255.255.128 default-router 10.10.10.1 lease 0 2 !Missing option 150 to point out TFTP if this is used for the phones ! voice service voip ip address trusted list ipv4 0.0.0.0 0.0.0.0 !This turns off all security for call fraud prevention and is not recommended ! voice service voip no allow-connections h323 to h323 no allow-connections h323 to sip no allow-connections sip to h323 !None of these are needed ! registrar server !Change the registrar line to this localhost dns:legacypensions.com !Not sure what this command does? Never seen it used for CME ! voice class h323 1 call start fast !None of these are needed ! voice register global no authenticate register no authenticate realm legacy !None of these are needed AFAIK ! voice register pool 2 id mac E840.400C.4F8B type 9971 number 1 dn 2 cor incoming UNRESTRICTED default presence call-list no username cisco password cisco !As previously pointed out this command is not needed for Cisco phones with CME. Remove this from all configured SIP phones codec g711ulaw !Recommend you to use a voice-class codec list no vad camera video no keep-conference ! interface GigabitEthernet0/0 !Recommend you to create an ACL to limit the allowed traffic on this interface to allow the needed ports for the SIP trunk to your service provider ! !As an example this its from our configuration template ![A.A.A.A] = LAN Interface IP Address (Voice Vlan) ![B.B.B.B] = Assigned IP address from ITSP (Outside Interface) ![C.C.C.C] = ITSP SIP SBC IP Address ![D.D.D.D] = ITSP CPE IP address !Note: Please note that for some telco, SIP SBC is same as CPE IP address !Some service providers use TCP instead of UDP, or both. Adopt the ACL as needed for the requirements specific to the service provider. ip access-list extended PSTN_ACL remark Permit SIP from ITSP CUBE to TETRA PAK CUBE permit udp host [C.C.C.C] host [B.B.B.B] eq 5060 permit udp host [C.C.C.C] eq 5060 host [B.B.B.B] remark Permit RTP from ITSP CUBE to TETRA PAK CUBE permit udp host [C.C.C.C] host [B.B.B.B] range 16384 32766 remark Permit ICMP from ITSP CUBE to TETRA PAK CUBE permit icmp host [C.C.C.C] host [B.B.B.B] permit icmp host [D.D.D.D] host [B.B.B.B] ! interface GigabitEthernet0/0/1 ip access-group PSTN_ACL in call treatment on call threshold global cpu-avg low 70 high 80 call threshold global total-mem low 70 high 80 call spike 10 steps 6 size 200
!These thresholds will need to be adopted to fit your need ! !What are these dial peers used for? dial-peer voice 101 voip dial-peer voice 100 voip dial-peer voice 102 voip dial-peer voice 103 voip dial-peer voice 220 voip dial-peer voice 88 voip dial-peer voice 89 voip !If not needed please remove them.
!At a minimum you should clean them up to not be a mix of inbound and outbound at the same time, plus there are multiple once that would do the same thing. !Remove the bind statements from this dial peer as it is defined on the tenant dial-peer voice 1111 voip no voice-class sip bind control source-interface GigabitEthernet0/0 no voice-class sip bind media source-interface GigabitEthernet0/0 ! !Remove the incoming called-number . from this dial peer as your using VIA header info for the match dial-peer voice 1000 voip no incoming called-number . !
Apart from this I would recommend you to upgrade your router to this version, 15.7(3)M8, as that is the current recommended option for this platform.
Glad to hear that. Your most welcome. It was an interesting one for sure. ':-D' It would be nice if you would take the time to vote as helpful on the appropriate answers.
As @b.winter wrote this is definitely caused by that SIP phones needs the router to act as a registrar server for CME and SRST registered phones. When you try to use the SIP-UA configuration for a service provider SIP trunk registrations you break the functionality of the gateway to act as a registrar. Using tenant(s) for the service provider configuration free up the SIP-UA to be used for CME phone registration.
Please have a look at this wonderful document about IOS dial peer call routing for details on tenant configuration.
