06-05-2012 12:53 AM - edited 03-17-2019 11:16 PM
Hi,
I am looking, it is possible to create a script to block calls between SubZones, I mean, I don't want, for example, that the Subzone Sales can call to SubZone Marketing.
I haven't different Alias Prefix, the Alias prefix are the same in both SubZones, Is it possible to block call due to IP addressing or the name of SubZone?
In the CPL extensions xsd file and CPL XSD file I didn't find any about Block by IP addressing or between SubZones.
I could find the follwoing example script:
*****************************************************************************************+
<?xml version="1.0" encoding="UTF-8" ?>
<cpl xmlns="urn:ietf:params:xml:ns:cpl"
xmlns:taa="http://www.tandberg.net/cpl-extensions"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:cpl cpl.xsd">
<taa:routed>
<address-switch field="registered-origin">
<not-present>
<address-switch field="originating-zone">
<address is="DefaultZone">
<!-- Reject call with a status code of 403 (Forbidden) -->
<reject status="403" reason="Denied by policy"/>
</address>
<address is="DefaultSubZone">
<!-- Reject call with a status code of 403 (Forbidden) -->
<reject status="403" reason="Denied by policy"/>
</address>
<otherwise>
<proxy/>
</otherwise>
</address-switch>
</not-present>
</address-switch>
</taa:routed>
</cpl>
*******************************************************************************************
But only block calls between DefaultZone and DefaultSubZone.
Thakns in advance.
Best regards.
Solved! Go to Solution.
06-05-2012 02:12 AM
Hi,
at the time when the CPL is processed, the location of the destination device is not yet known, and you therefore can't do CPL decisions based on destination zone or subzone.
To work around this, you could for instance use a unique prefix/syntax for each subzone, so that you can implicitly identify the destination zone/subzone based on this prefix/syntax.
It would also be possible to 'outsource' this decision making with the use of Policy Service, which is an off-box service which can be customized greatly. The external Policy server could for example have an SQL database containing information about all your devices and their associated zone/subzone, and base its decision making on the information which the VCS provides about source and destination aliases for a given call, along with a variety of other metrics.
http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_External_Policy_Deployment_Guide_X7.pdf would be a great starting point if you wish to look further into Policy Service.
Hope this helps,
Andreas
06-05-2012 02:12 AM
Hi,
at the time when the CPL is processed, the location of the destination device is not yet known, and you therefore can't do CPL decisions based on destination zone or subzone.
To work around this, you could for instance use a unique prefix/syntax for each subzone, so that you can implicitly identify the destination zone/subzone based on this prefix/syntax.
It would also be possible to 'outsource' this decision making with the use of Policy Service, which is an off-box service which can be customized greatly. The external Policy server could for example have an SQL database containing information about all your devices and their associated zone/subzone, and base its decision making on the information which the VCS provides about source and destination aliases for a given call, along with a variety of other metrics.
http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_External_Policy_Deployment_Guide_X7.pdf would be a great starting point if you wish to look further into Policy Service.
Hope this helps,
Andreas
06-05-2012 02:49 AM
Hi Andreas,
Thanks for the information.
I am going to try the External Policy.
Best regards.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide