I am looking for information on how I can design either a policy/search rule or a configuration to provide a limited amount of our external customers the ability to dial into our network via SIP. We have a VCS-E(Cluster of 2) sitting in the DMZ with traversal links to our internal VCS_C (Cluster of 2). Currently we have configured the VCSE to always 'check credentials' for any incoming jabber/MOVI/SIP call. However we would like to offer just a few of our customers the ability to call into specific conferences or SIP clients/endpoints. Our plan is to block everybody else from dialing into our network via the expressway. How do I accomplish this ?
Could implement a set of call policy rules (VCS configuration > Call Policy) on the VCS-E to allow/deny certain incoming calls. The rules will be handled top down, so the very last rule you'd want it to be the deny, and all allows above that.
Example CLP that will deny all incoming traffic, but allow traffic from Cisco.com domains written as an XML file: