Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
673
Views
0
Helpful
2
Replies

repercussions of removing ACL 3 from UC560 Vlan90?

bpiatek
Level 1
Level 1

‎03-30-2011 07:34 AM - edited ‎03-21-2019 03:52 AM

had issues with SIP direct transfer of external calls from reception to user voicemail

removed ACL 3  from Vlan90 (CUE vlan)

transfer now works, but what are long term repercussions?

we beleive the deny ip 69.xxx.xxx.xxx 0.0.0.15 any  was causing the issue

relevant code below:

interface Vlan90
description $FW_INSIDE$
ip address 10.1.10.2 255.255.255.252
ip access-group 103 in
 ip nat inside
ip virtual-reassembly in

access-list 103 remark auto generated by SDM firewall configuration

##NO_ACES_8##
access-list 103 remark SDM_ACL Category=1
access-list 103 permit tcp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 103 permit udp 10.1.1.0 0.0.0.255 eq 2000 any
access-list 103 deny   ip 69.xxx.xxx.xxx 0.0.0.15 any
access-list 103 deny   ip 192.0.1.0 0.0.0.255 any
access-list 103 deny   ip 10.1.1.0 0.0.0.255 any
access-list 103 deny   ip host 255.255.255.255 any
access-list 103 deny   ip 127.0.0.0 0.255.255.255 any
access-list 103 permit ip any any

Labels:
0 Helpful
2 Replies 2

Steven DiStefano
VIP Alumni
VIP Alumni

‎04-05-2011 05:58 PM

interesting...

describe the call flow please and what sip trunk provider?

0 Helpful

David Trad
VIP Alumni
VIP Alumni

‎04-05-2011 07:19 PM

Hi Brian,

Is your call flow as follows:

A calls SIP DID 123456789 >>> Incoming call lands at Reception EXT:100 >>> Receptionist Transfers call direct to EXT:101 VM >>> Transfer does not take place?

Is this the process that is undertaken and where you are experiencing the issues?

Steven,

Can you please explain to us why there is an ACL on the SIP Providers IP to block access to the CUE? I believe I am failing to understand something here, as I would wonder what would happed if you decided to pluck out a DID from a 100 In-Dial and use that for say Prompt Management or to access your VM remotely, would such an ACL also prevent this from happening???

Cheers,

David.

Cheers, David Trad. **When you rate a persons post, you are indicating a thank you or that it helped, but at the same time you are also helping to maintain the community spirit - You don't have to rate posts and you wont be looked down upon :) *
0 Helpful
Customers Also Viewed These Support Documents