cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
405
Views
2
Helpful
10
Replies

Sip-profile not applying to inbound calls

Warja
Level 1
Level 1

Hi all,

Have a customer with a CUBE that has a SIP trunk out to a telephony provider, and I'm trying to setup SIP communications to a 3rd party contact centre provider. The 3rd party CC will be connected via a separate link that traverses a firewall that is NATing the traffic. Specific calls inbound from the IPT provider will be redirected to the 3rd party contact centre, and calls will also be made from the 3rd party CC out the SIP trunk to the telephony provider via the same CUBE.

I have the inbound calls working correctly, modifying the source address and number format in the SIP messaging as required with sip-profiles assigned to the dial peers. However, outbound calls are failing, as I can see in the SIP debugs that the number format and IP addressing aren't being modified on those calls. I have applied the sip-profile at the voice service voip - sip level, as these messages need to be modified before a dial peer is selected, but I cannot seem to get them to take affect.

I have confirmed my rule works fine in the Cisco Collaboration Solutions Analyzer, so I believe the problem doesn't lie with the rule itself, but with how it is being applied.

The only idea I've had is that the media and control is bound to a different interface under voice service voip - sip, so maybe it isn't being applied? But if that's the case, I have no idea where else I could apply the sip-profile where it will affect these calls.

Modified example (real IPs hashed out, but trust me they match )

voice service voip
 sip
  sip-profiles inbound
  sip-profiles 3 inbound
!
voice class sip-profiles 3
 request ANY sip-header To modify "sip:\+61(.*)@#.#.#.#" "sip:0\1@#.#.#.#"
!

Any ideas?

Thanks in advance,

Jason

1 Accepted Solution

Accepted Solutions

Warja
Level 1
Level 1

Just updating with the solution. My friend was right, once I created a loopback on the CUBE itself with the public IP all of my SIP profiles started applying. Also helped once I pushed for actual remote access instead of trying to talk the customer through configuring the devices over the phone. Thanks again for all your help, it was very much appreciated

View solution in original post

10 Replies 10

Can you please provide a little bit more details on why you'd need to apply this globally? I don't quite understand why you cannot do in on the dial peers.



Response Signature


Warja
Level 1
Level 1

I did actually just try applying it to the inbound dial-peer, but it didn't seem to help. In both instances (and also when it's applied in both places) in the debugs I see the initial invite come in with the incorrect number format and destination address, then I see it match my inbound dial-peer, then it sends a "SIP/2.0 400 Bad Request - 'Invalid Host'" message back with the incorrect number format and IP address. During my googling I saw people saying that I would need to make the modifications before dial-peer selection, and the place to do that is under voice service voip - sip.

Appreciate the help

Jason

You'll need to modify more than what you have in your SIP profile when you use NAT. Try with this.

voice class sip-profiles 10
 rule 10 request ANY sip-header From modify "<inside IP of SBC>" "<outside IP of SBC>" 
 rule 20 request ANY sip-header From modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 30 request ANY sip-header Remote-Party-ID modify "Remote-Party-ID:(.*)(<sip:.*@.*>)" "Remote-Party-ID: \2" 
 rule 40 response ANY sip-header Remote-Party-ID modify "Remote-Party-ID:(.*)(<sip:.*@.*>)" "Remote-Party-ID: \2" 
 rule 50 request ANY sip-header P-Asserted-Identity modify "P-Asserted-Identity:(.*)(<sip:.*@.*>)" "P-Asserted-Identity: \2" 
 rule 60 response ANY sip-header P-Asserted-Identity modify "P-Asserted-Identity:(.*)(<sip:.*@.*>)" "P-Asserted-Identity: \2" 
 rule 70 request ANY sip-header Contact modify "(<.*)@<outside IP of SBC>:(.*)>" "\1@<public IP of SBC>:\2>" 
 rule 80 response ANY sip-header Contact modify "(<.*)@<outside IP of SBC>:(.*)>" "\1@<public IP of SBC>:\2>" 
 rule 90 request ANY sip-header Via modify "(SIP.*) <outside IP of SBC>(.*)" "\1 <public IP of SBC>\2" 
 rule 100 request INVITE sip-header Requested-By modify "(.*:)<outside IP of SBC>>" "\1<public IP of SBC>>" 
 rule 110 request ANY sdp-header Session-Owner modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 120 response ANY sdp-header Session-Owner modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 130 request ANY sdp-header Connection-Info modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 140 response ANY sdp-header Connection-Info modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 150 request ANY sdp-header Audio-Connection-Info modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 160 response ANY sdp-header Audio-Connection-Info modify "<outside IP of SBC>" "<public IP of SBC>
!
voice class sip-profiles 110
 rule 10 request ANY sip-header From modify "<public IP of SBC>" "<outside IP of SBC>" 
 rule 20 request OPTIONS sip-header SIP-Req-URI modify "<public IP of SBC>" "<outside IP of SBC>" 
 rule 30 request ANY sip-header To modify "<public IP of SBC>" "<outside IP of SBC>" 
!
voice class sip-profiles 210
 rule 10 request ANY sip-header Via modify "(SIP.*) <outside IP of SBC>(.*)" "\1 <public IP of SBC>\2" 
 rule 20 request OPTIONS sip-header From modify "(<.*):<outside IP of SBC>" "\1:<public IP of SBC>" 
 rule 30 request ANY sip-header To modify "(<.*):<outside IP of SBC>" "\1:<public IP of SBC>" 
 rule 40 request OPTIONS sip-header Contact modify "(<.*):<outside IP of SBC>" "\1:<public IP of SBC>" 
 rule 50 response ANY sdp-header Connection-Info modify "<outside IP of SBC>" "<public IP of SBC>" 
 rule 60 response ANY sdp-header Audio-Connection-Info modify "<outside IP of SBC>" "<public IP of SBC>"
!
voice class sip-options-keepalive 2100
 description ** 3rd party CC - Options-Ping **
 sip-profiles 210
!
dial-peer voice 200 voip
 description Inbound calls from 3rd party CC
 incoming uri via 3rdCC
 voice-class sip profiles 110 inbound
!
dial-peer voice 210 voip
 description Outbound calls to 3rd party CC
 session server-group 2100
 voice-class sip profiles 10
 voice-class sip options-keepalive profile 2100

 



Response Signature


For changing the number format I would suggest that you use voice translation rules. Something along with this should make the changes you mentioned.

voice translation-rule 10
 rule 1 /^+\61\(.*\)/ /0\1/
!
voice translation-profile 3rdCC-OUT
 translate called 10
!
dial-peer voice 210 voip
 description Outbound calls to 3rd party CC
 translation-profile outgoing 3rdCC-OUT


Response Signature


Warja
Level 1
Level 1

Thanks for your responses, they are very much appreciated.  I know I need more than that single line, but as my issue was getting the rules to be applied at all I was keeping it simple at first. My plan was to add the remaining required rules once I could see they were getting applied to the calls.

I think my main problem is the "SIP/2.0 400 Bad Request - 'Invalid Host'" response the CUBE is sending back to the 3rd party. A friend mentioned he had seen this previously, and for him the CUBE was just dropping the calls because the destination IP didn't exist on the CUBE. He suggested creating a loopback on the CUBE with the public IP which resolved the issue when he encountered it, but the customer is reporting that this has not helped

With this “the destination IP didn't exist on the CUBE” what do you mean by that? Is destination referring to the 3:rd party CC system or is it the nated IP of the interface on the Cube facing the 3:rd party CC system?



Response Signature


The public IP address is being NAT'd from a firewall. Adding the public address as a loopback on the CUBE itself does seem to have alleviated the Invalid Host issue. Haven't been able to reapply the other SIP header modifications as I don't have direct access to the CUBE, and have been having to send the config changes to the customer for them to apply, then waiting for their feedback (I'm pushing for remote access )

How does your dial peer match in the inbound direction? Would it be possible for you to share your running configuration, with any sensitive information masked out, so that we can verify it?



Response Signature


Warja
Level 1
Level 1

Just updating with the solution. My friend was right, once I created a loopback on the CUBE itself with the public IP all of my SIP profiles started applying. Also helped once I pushed for actual remote access instead of trying to talk the customer through configuring the devices over the phone. Thanks again for all your help, it was very much appreciated

Just as an FYI, we run a number of SBC that are being located behind a firewall that does NAT and we don’t have a loopback interface with the public IP on these. You can get it to work without that, but as your not sharing your running configuration or answering my question about how you match inbound dial peer it’s a little hard to help you out.



Response Signature