Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2279
Views
0
Helpful
3
Replies

Call policy on Expressway-E

Go to solution
Igor Aliyev
Level 1
Level 1

‎01-28-2020 03:38 AM - edited ‎01-28-2020 03:43 AM

Good day everyone,

 

Recently I have configured call policy rules on Expressway-e and right now there are two rules:

 

1) Allow unauthenticated by regex:         0[1-4]\d{3}@11\.11\.11\.11

2) Deny unauthenticated by regex:         .+@.+

 

So the first rule should allow to enter anyone to conference rooms, while the second should deny any fraud calls.

However, when I try to call from outside by URI 01234@11.11.11.11 I get my call rejected.

When i delete the second rule call proceeds.

What can be the problem?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
goranpilat
Level 3
Level 3
In response to Igor Aliyev

‎01-29-2020 12:54 AM

Hi,

 

You said you left the source blank. please try to put .* in the source field. Also , just for fun, try to set the rule to authenticated. I see on some of my deployments I have all the rules doubled , both with authenticated and unauthenticated option, so there must have been some kind of issue there, although I don't exactly remember what it was...

 

regs

View solution in original post

0 Helpful
3 Replies 3

Go to solution
goranpilat
Level 3
Level 3

‎01-28-2020 05:52 AM

Hi,

 

seems your calls are not hitting the first rule, only second (and when that one is deleted, none of the rules are hit). what did you put in the source pattern field? How does your SIP from address look like? did you check event log immediately after you tried the failed call?

 

Regards

0 Helpful

Go to solution
Igor Aliyev
Level 1
Level 1
In response to goranpilat

‎01-28-2020 08:01 PM

It seems so to me as well, but Check Pattern tool shows match.

I left source blank for Unauthenticated User and my SIP from address looks like trading@corp.xyz. I also tried to add SIP from URI to source field but with there was no result.

In every case logs give this:

tvcs: Event="Call Rejected" Service="SIP" Src-ip="5.5.5.5" Src-port="5060" Src-alias-type="SIP" Src-alias="sip:trading@corp.xyz" Dst-alias-type="SIP" Dst-alias="sip:01234@11.11.11.11" Call-serial-number="1d7b0ae0-00f9-409b-ae55-b6c184aa92b6" Tag="dcc8fbbd-688e-4521-aac4-19656a6d2217" Detail="Forbidden" Protocol="TCP" Response-code="403" Level="1" UTCTime="2020-01-29 03:57:21,732"
0 Helpful

Go to solution
goranpilat
Level 3
Level 3
In response to Igor Aliyev

‎01-29-2020 12:54 AM

Hi,

 

You said you left the source blank. please try to put .* in the source field. Also , just for fun, try to set the rule to authenticated. I see on some of my deployments I have all the rules doubled , both with authenticated and unauthenticated option, so there must have been some kind of issue there, although I don't exactly remember what it was...

 

regs

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents