Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
513
Views
0
Helpful
1
Replies

CPL Rules - Expressway-E

Dean O'Meara
Level 1
Level 1

‎12-04-2020 04:20 AM

Afternoon,

We are in the process fo migrating our customers VCS Platform over to Expressway and we have hit an issue with CPL.

As per Ciscos recommendations on Expressway we are now proxying External System registrations from the Expressway-E to Expressway-C

 

If we register an internal system to the Expressway-C and attempt to dial an external entity for example john@smith.com the call routes fine, if we then register an external system via the Expressway-E to the Expressway-C (I can see the registration is on the Expressway-C when doing this) & then attempt to call John@smith.com we get a 403 forbidden.

After doing some digging I can see the Expressway-E is matching one of our rules within the CPL which is

Detail="CPL: <rule origin=".*" destination=".*" message-regex="">

 

Any idea of how we can change this so that it will allow authenticated systems to dial but not compromise security?

 

Labels:
0 Helpful
1 Reply 1

Roger Kallberg
VIP
VIP

‎12-04-2020 05:10 AM

Can't you exempt the origin to come from C and with a source from your domain? I'm not all good at CPL language, but it should from what I can tell be possible to do something in line with this.



Response Signature


0 Helpful
Customers Also Viewed These Support Documents