Who Me Too'd this topic

CME / ios / SIP Experts,

I am trying to get Cisco Unified Call Manager Express (CME) up and running on my 2901 ios router:

Cisco IOS Software, C2900 Software (C2900-UNIVERSALK9-M), Version 15.1(3)T4, RELEASE SOFTWARE (fc1)

I have configured the SIP server and added a couple of SIP phones and am now testing SIP REGISTER via the Blink (Mac OS X) client.

The client is on a private 192.168.x.x network.

The Cisco CME Router is sitting between internet (public IP address) and private 192.168.x.x network.

The Client is configured to send SIP requests to the private network interface on the Cisco CME Router.

The behavior I am seeing from Client SIP log is summarised below:

1. Blink (REGISTER sip:mydomain.com) -> Cisco CME

2. Cisco CME (100 Trying) -> Blink

3. Cisco CME (401 Unauthourized + WW-Authenticate) -> Blink

4. Blink (REGISTER sip:mydomain.com + Authorization) -> CISCO CME

5. Cisco CME (100 Trying) -> Blink

6. Cisco CME (REFER sip:XXXX@192.168.X.130)

    Where the REFER is to actual SIP address of the Blink Mac OS X client

7. Cisco CME (500 Internal Server Error) -> Blink

9.  Repeating :  Cisco CME (REFER sip:XXXX@192.168.X.130)

So the question is:

1. Why is the original REGISTER not successful

2. Why is the CME SIP Registar send the REFER back?

Here is the relavant Subset of the CME/ios of Config:

<Config>

!

version 15.1

no service pad

service tcp-keepalives-in

service tcp-keepalives-out

service timestamps debug datetime msec localtime show-timezone

service timestamps log datetime msec localtime show-timezone

service password-encryption

service sequence-numbers

!

hostname toadstool

!

boot-start-marker

boot system flash0:/c2900-universalk9-mz.SPA.151-3.T4.bin

boot-end-marker

!

!

....

!

!

ip dhcp excluded-address 192.168.10.1 192.168.10.99

ip dhcp excluded-address 192.168.10.126 192.168.10.254

ip dhcp excluded-address 200.30.200.1 200.30.200.79

ip dhcp excluded-address 200.30.200.91 200.30.200.126

!

....

ip domain name froghop.com

....

voice-card 0

dsp services dspfarm

!

!

!

voice service voip

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

no supplementary-service h450.7

no supplementary-service sip moved-temporarily

no supplementary-service sip refer

fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none

sip

  registrar server expires max 600 min 60

!

!

voice register global

mode cme

source-address 200.30.200.190 port 5060

max-dn 20

max-pool 35

load 8961 8961/sip8961.9-2-2SR1-9

load 7942 7942-62/SIP42.9-2-1S

authenticate register

authenticate realm froghop.com

time-format 24

date-format D/M/Y

tftp-path flash:

create profile sync 0002689782282013

!

voice register dn  1

number 72332

call-forward b2bua busy 723851 

call-forward b2bua noan 725851 timeout 30

name Joe Toad

label Joe Toad

!

voice register dn  2

number 611851

call-forward b2bua noan 72332 timeout 20

name LineA Home

label Home Line-A

!

voice register dn  3

number 72851

label 942 Door

!

voice register dn  4

number 723851

label Home Line-C

!

voice register pool  1

id mac 000B.8233.9B86

number 1 dn 2

username XXXX password XXXXX

!

voice register pool  2

id mac 0000.BEE1.BEE2

number 1 dn 1

username joe password XXXXX

!

!

!

voice translation-rule 5

rule 1 /^001161\(.*\)/ /0\1/

rule 2 /^\+61\(.*\)/ /0\1/

!

!

voice translation-profile local

translate called 5

!

!

....

!

interface Loopback0

ip address 200.30.200.190 255.255.255.224

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

zone-member security in-zone

!

interface Null0

no ip unreachables

!

interface GigabitEthernet0/0

description $ETH-LAN$$FW_INSIDE$

ip address 200.30.200.130 255.255.255.224

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip nat outside

ip virtual-reassembly in

zone-member security in-zone

duplex auto

speed auto

no mop enabled

!

interface GigabitEthernet0/1

description $ETH-LAN$$FW_INSIDE$

ip address 192.168.10.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat inside

ip virtual-reassembly in

zone-member security PRIVATE-ZONE

duplex auto

speed auto

no mop enabled

!

interface FastEthernet0/2/0

description $ETH-LAN$$FW_INSIDE$

ip address 192.168.1.160 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat inside

ip virtual-reassembly in

zone-member security PRIVATE-ZONE

duplex auto

speed auto

no mop enabled

!

interface FastEthernet0/2/1

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

shutdown

duplex auto

speed auto

no mop enabled

!

interface ATM0/3/0

no ip address

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

no atm ilmi-keepalive

!

interface ATM0/3/0.1 point-to-point

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

pvc 8/35

  encapsulation aal5mux ppp dialer

  dialer pool-member 1

!

!

interface GigabitEthernet0/0/0

!

interface GigabitEthernet0/0/1

!

interface GigabitEthernet0/0/2

!

interface GigabitEthernet0/0/3

!

interface Virtual-Template1 type serial

description $FW_INSIDE$

ip unnumbered Loopback0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip nat outside

ip virtual-reassembly in

zone-member security in-zone

!

interface Vlan1

description $ETH-4ESG$$INTF-INFO-10/100/1000 Ethernet$$ETH-LAN$FW-DMZ$$FW_INSIDE$$ES_LAN$

ip address 200.30.200.1 255.255.255.128

no ip redirects

no ip unreachables

no ip proxy-arp

ip nbar protocol-discovery

ip flow ingress

ip flow egress

ip nat outside

ip virtual-reassembly in

zone-member security dmz-zone

!

interface Dialer0

description $FW_OUTSIDE$

ip address 175.249.76.71 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

ip flow ingress

ip flow egress

ip nat outside

ip virtual-reassembly in

zone-member security out-zone

encapsulation ppp

dialer pool 1

dialer-group 1

ppp authentication chap pap callin

ppp chap hostname XXXXXXXXXXXX@XXXXXXXXXXXXXXXX

ppp chap password 7 101D5A49544442

ppp pap sent-username XXXXXXXXXX@XXXXXXXXXXX password 7 XXXXXXXXXXXXXXXX

service-policy input sdmappfwp2p_CCP_MEDIUM

service-policy output sdmappfwp2p_CCP_MEDIUM

!

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

....

!

!

control-plane

!

call threshold global cpu-avg low 68 high 75

call threshold global total-mem low 75 high 85

call threshold global total-calls low 1 high 1

!

!

!

mgcp profile default

!

!

dspfarm profile 10 transcode 

description G711Transcode

codec g711ulaw

codec g711alaw

maximum sessions 4

associate application SCCP

!

dspfarm profile 20 transcode 

description GenTranscode

codec g729abr8

codec g729ar8

codec g729r8

codec g722-64

codec ilbc

codec g729br8

codec isac

codec gsmamr-nb

codec pass-through

maximum sessions 1

associate application SCCP

!

dspfarm profile 30 conference 

description Conference

codec g711ulaw

codec g711alaw

codec g729ar8

codec g729abr8

codec g729r8

codec g729br8

codec g722-64

codec ilbc

maximum sessions 1

associate application SCCP

!

dial-peer voice 1 voip

description PSTN

translation-profile outgoing local

preference 1

session protocol sipv2

session target sip-server

incoming called-number .T

dtmf-relay sip-notify

!

!

sip-ua

authentication username xxxxxxxxxxxxxx password 7 xxxxxxxxxxxxxxxxx

timers connect 100

sip-server dns:pots-gw.froghop.com

!

!

!

gatekeeper

shutdown

!

!

telephony-service

no auto-reg-ephone

max-dn 20

ip source-address 200.30.200.190 port 2000

max-redirect 5

cnf-file location flash:

time-format 24

date-format dd-mm-yy

max-conferences 8 gain -6

web admin system name XXXXXXXxx secret 5 XXXXXXXXXXXXXXXX

dn-webedit

time-webedit

transfer-system full-consult

directory last-name-first

create cnf-files version-stamp 7960 Jun 21 2012 08:27:54

!

!

....

....

ntp server 171.10.7.211

end

</Config>

With the SIP configuration. I have deliberately not added in any bind commands for the Control and Media interfaces, as the CME ios Router should be acting as gateway between Public & Private interfaces and so should be handling SIP requests on both of these interfaces.

I am not using any Cisco phone and so do not need to support skinny (CSSP) and just want to support generic SIP gateways and phones.

I have not started to work on getting Dial Plans sorted out yet, as if I cannot get a phone to REGISTER, then nothing else will work or is testable.

I have also attached the SIP Log trace from Blink in the attached file.

Thank you for any light you can throw on this.

John.