cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1908
Views
0
Helpful
0
Replies
Highlighted

l2l VPN Connectivity issue between Cisco 2911 Router Cisco ASA 5505

Hello,

I am having an issue connecting four remote office Cisco ASA 5505's to the base office Cisco 2911. This configuration is a static from the remote ASA's end to static to the 2911 end. The debug shows the following error as I attempt to initiate the tunnel from the remote end:

Dec 11 16:12:25 [IKEv1]: IP = 66.180.111.137, Error: Unable to remove PeerTblEntry

Dec 11 16:13:00 [IKEv1]: IP = 66.180.111.137, Removing peer from peer table failed, no match

ASA Version 7.2(2)
!
hostname Jenco-DMcOmber
domain-name default.domain.invalid
enable password 6qR.Z1XKp/ZjrtuB encrypted
names
!
interface Vlan1
nameif inside
security-level 100
ip address 192.168.2.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
ip address dhcp setroute
!
interface Vlan3
no forward interface Vlan1
nameif dmz
security-level 50
no ip address
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passwd 2KFQnbNIdI.2KYOU encrypted
boot system disk0:/asa825-k8.bin
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid
same-security-traffic permit inter-interface
same-security-traffic permit intra-interface
object-group network Outside-VPN
description VPN Access
network-object 10.10.0.0 255.255.0.0
access-list inside_access_in extended permit ip any any
access-list outside_access_in extended permit ip any any
access-list MY_VPN_100 remark ACL to encrypt traffic from home to office
access-list MY_VPN_100 extended permit ip 192.168.0.0 255.255.0.0 10.10.0.0 255.255.0.0
access-list inside_nat0_outbound remark NAT Exempt Policy for IPSec Encryption
access-list inside_nat0_outbound extended permit ip 192.168.0.0 255.255.0.0 10.10.0.0 255.255.0.0
access-list nonat extended permit ip 192.168.0.0 255.255.0.0 10.10.0.0 255.255.0.0
access-list outside_access_in_1 extended permit ip any any
access-list inside_access_in_1 extended permit ip any any
access-list outside_access_in_2 extended permit ip any any
access-list asdm_cap_selector_inside extended permit ip host 192.168.2.8 host 10.10.10.2
access-list asdm_cap_selector_inside extended permit ip host 10.10.10.2 host 192.168.2.8
access-list asdm_cap_selector_outside extended permit ip host 192.168.2.8 host 10.10.10.2
access-list asdm_cap_selector_outside extended permit ip host 10.10.10.2 host 192.168.2.8
pager lines 24
logging enable
logging list VPN level debugging
logging list VPN level debugging class vpn
logging console critical
logging trap VPN
logging history debugging
logging asdm VPN
mtu inside 1500
mtu outside 1500
mtu dmz 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 0 access-list nonat
nat (inside) 1 0.0.0.0 0.0.0.0
access-group outside_access_in_2 in interface outside
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
username dmcomber password Ws/TWc.OQj6/T8YJ encrypted privilege 15
aaa authentication listener http inside port www redirect
aaa authentication listener https inside port 1443 redirect
http server enable
http 192.168.2.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
crypto ipsec transform-set MY-TRANSFORM esp-aes-192 esp-sha-hmac
crypto map MY_VPN 100 match address MY_VPN_100
crypto map MY_VPN 100 set peer 66.180.111.137
crypto map MY_VPN 100 set transform-set MY-TRANSFORM
crypto map MY_VPN 100 set reverse-route
crypto map MY_VPN interface outside
crypto isakmp policy 100
authentication pre-share
encryption aes-192
hash sha
group 5
lifetime 86400
tunnel-group 66.180.111.137 type ipsec-l2l
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside
!
dhcpd address 192.168.2.2-192.168.2.254 inside
dhcpd enable inside
!

!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
  message-length maximum 512
policy-map global_policy
class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
!
service-policy global_policy global
prompt hostname context
Cryptochecksum:95f7f6bb1c7148a05beaf846cfce857a
: end

Dec 11 16:12:25 [IKEv1]: IP = 66.180.111.137, Error: Unable to remove PeerTblEntry
Dec 11 16:13:00 [IKEv1]: IP = 66.180.111.137, Removing peer from peer table failed, no match

I can ping this public IP from the ASA and ping my home public from the 2911. Below you will see my configs. Any assistance is much appreciated.

boot-start-marker

boot system flash:c2900-universalk9-mz.SPA.151-4.M1.bin

boot-end-marker

!

!

no logging queue-limit

logging buffered 9000

no logging rate-limit

no logging console

!

aaa new-model

!

!

aaa authentication login default local

aaa authentication login ciscocp_vpn_xauth_ml_1 local

aaa authentication login sdm_vpn_xauth_ml_4 local

aaa authorization exec default local

aaa authorization network ciscocp_vpn_group_ml_1 local

aaa authorization network sdm_vpn_group_ml_4 local

!

!

!

!

!

aaa session-id common

!

clock timezone MST -7 0

clock summer-time MST recurring

!

no ipv6 cef

no ip source-route

!

ip traffic-export profile TAC mode capture

  bidirectional

ip cef

!

!

!

ip dhcp excluded-address 10.10.60.1 10.10.60.49

ip dhcp excluded-address 10.10.70.1 10.10.70.49

ip dhcp excluded-address 10.10.80.1 10.10.80.49

ip dhcp excluded-address 10.10.90.1 10.10.90.49

ip dhcp excluded-address 10.10.80.150 10.10.80.254

ip dhcp excluded-address 10.10.80.0 10.10.80.15

!

ip dhcp pool WIRELESS

network 10.10.70.0 255.255.255.0

default-router 10.10.70.1

dns-server 10.10.10.200

lease 2

!

ip dhcp pool VOIP

network 10.10.90.0 255.255.255.0

default-router 10.10.90.1

option 150 ip 10.10.90.1

dns-server 10.10.10.200

lease 2

!

!

ip domain name jencotech.com

ip name-server 66.180.96.12

!

multilink bundle-name authenticated

!

!

!

!

!

ctl-client

server capf 10.10.90.1 trustpoint cme_root

server tftp 10.10.90.1 trustpoint cme_root

server cme 10.10.90.1 username jadmin password 1 0521260B2C0D40

server cme-tftp 10.10.90.1 trustpoint cme_root

sast1 trustpoint cme_root

sast2 trustpoint cme_cert

!

capf-server

auth-mode auth-string

cert-enroll-trustpoint cme_root password 1 083343411D

trustpoint-label cme_root

source-addr 10.10.90.1

!

!

crypto pki server cme_root

database level complete

grant auto

lifetime certificate 7305

lifetime ca-certificate 7305

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-2494847547

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2494847547

revocation-check none

rsakeypair TP-self-signed-2494847547

!

crypto pki trustpoint cme_root

enrollment url

http://66.180.111.140:80

revocation-check none

rsakeypair cme_root

!

crypto pki trustpoint cme_cert

enrollment url

http://66.180.111.140:80

revocation-check none

!

!

crypto pki certificate chain TP-self-signed-2494847547

certificate self-signed 01

  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 32343934 38343735 3437301E 170D3131 31303235 31393131

  32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34393438

  34373534 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  81009E8A 26188720 62E67E50 2F2E8102 8A13E28D 774EC9B3 680558B8 00B5A4A9

  4CFF6C75 B56C3D62 3CB594F3 3AB5BEF3 5C5783DD E5D283E5 BBF78049 72E6E115

  064451F3 85816876 FAC8A2E3 3AEBD3CA 6BC22FD8 56DBC781 06E63A58 DF6F6CEF

  FD384FD8 6296B529 C17BED4B B68F2987 5CCC09C7 AC561822 E342E2A8 F5C22177

  2CA70203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603

  551D2304 18301680 14B0A413 AB0CDA39 74CE5A65 0E26C9E0 408E877D 09301D06

  03551D0E 04160414 B0A413AB 0CDA3974 CE5A650E 26C9E040 8E877D09 300D0609

  2A864886 F70D0101 05050003 81810043 1596FBB7 73CF5DC2 ED6EF63D 1575A18F

  37C3EC9C FC6E3065 3E83DD44 50702A78 DF18893D F7F1F342 FAD234D3 9A8359DE

  90595B08 77ECEA76 25887045 6631A72E F6DEA32D 3D99F044 2B95AC89 D9082DEC

  96D2F104 C1DE7F3B 2C02277D FB8BBA46 258CF747 67F0FA7B 6A5DCE03 BD5CA886

  257A8F39 4A07964E 6A42500F 7151FB

        quit

crypto pki certificate chain cme_root

certificate ca 01

  308201FF 30820168 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  13311130 0F060355 04030C08 636D655F 726F6F74 301E170D 31313130 32373037

  31343432 5A170D33 31313032 37303731 3434325A 30133111 300F0603 5504030C

  08636D65 5F726F6F 7430819F 300D0609 2A864886 F70D0101 01050003 818D0030

  81890281 8100B897 182A2F69 F8D7ECB7 3F2BED75 A4EB787F 9B5BFF09 64DF87CC

  48B240B0 9DCB68BB E51D5D00 93F9E6B5 6C448F62 8137BAAF 9F332A62 8CD1AFCB

  62489E17 2BAC5889 9D193AF9 9FE49C46 4F2E5FDF 9F33ED6C BC31B4B0 C2C7BD1C

  2A2E5F80 BD6DA0D2 4C1C1E54 817F0782 29182467 E0BEDC55 D2B1CE6A 0FBA9E46

  F9A01E7C 314F0203 010001A3 63306130 0F060355 1D130101 FF040530 030101FF

  300E0603 551D0F01 01FF0404 03020186 301F0603 551D2304 18301680 1436A77A

  961AA816 148A13DF C1BFA67F 0059E0E9 FC301D06 03551D0E 04160414 36A77A96

  1AA81614 8A13DFC1 BFA67F00 59E0E9FC 300D0609 2A864886 F70D0101 04050003

  81810063 75E8F736 D60C8CE5 838E3A2B F9DD381C AA148578 69B4C36C 7B00EC86

  9803B8A0 9598B2D5 33FB1C35 E755556C 284FED91 E02F32C3 181D45DE 35C7DC2B

  47A34E1D 3ECC7DA6 E37F979D 7779079D 4116ABD3 1E6A2731 D5ADFD57 24A899BB

  143A76ED 3092BC64 6B0AD687 9EECF75E 30DB5F7F 93A64EE5 933FF65C 8DFB771E B9BCF9

        quit

crypto pki certificate chain cme_cert

certificate 02

  30820200 30820169 A0030201 02020102 300D0609 2A864886 F70D0101 05050030

  13311130 0F060355 04030C08 636D655F 726F6F74 301E170D 31313130 32373037

  31363436 5A170D33 31313032 37303731 3434325A 30283126 30240609 2A864886

  F70D0109 0216174A 656E636F 2D434D45 2E6A656E 636F7465 63682E63 6F6D3081

  9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 8181009E C4C18608

  8ACC3DCF 269CD380 1AE18EF3 28F07E8F C260378C A4959623 5C296296 FB741554

  F6768C39 A125A170 623EC846 9560399B 673C5638 D1D3DC2C B7A4F330 F3528A6C

  0583F1D1 567F9438 1E54B9A4 A31A24E1 428105B5 1C2E782F 89C88EA6 A3AA0597

  2F0A89B2 4215B47F 88E12B1C B21D309D 5C71F4E9 10C83044 25C8F902 03010001

  A34F304D 300B0603 551D0F04 04030205 A0301F06 03551D23 04183016 801436A7

  7A961AA8 16148A13 DFC1BFA6 7F0059E0 E9FC301D 0603551D 0E041604 147D0E8A

  89377582 37E89CFE CB37CF50 37B00A82 15300D06 092A8648 86F70D01 01050500

  03818100 B0A6476F 5A0AF2FA 72A89C69 F5E81C9D B4FEE5C3 F7DEA18A 7D5B7F57

  D9FC7074 A02010EF 9B0588EA 098884E7 B30F3353 E251BFBD BC2E5E63 28923F8A

  8B61DCA1 F013437F 240CFF08 63FC0CCA 427DF951 BF793391 1E261CB9 56DBAE36

  BEFB685C 527BCF33 B9013F3E D7485080 3660680B 6BBA1783 3C0D9FA6 7EC4BA73 7DE2B777

        quit

certificate ca 01

  308201FF 30820168 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  13311130 0F060355 04030C08 636D655F 726F6F74 301E170D 31313130 32373037

  31343432 5A170D33 31313032 37303731 3434325A 30133111 300F0603 5504030C

  08636D65 5F726F6F 7430819F 300D0609 2A864886 F70D0101 01050003 818D0030

  81890281 8100B897 182A2F69 F8D7ECB7 3F2BED75 A4EB787F 9B5BFF09 64DF87CC

  48B240B0 9DCB68BB E51D5D00 93F9E6B5 6C448F62 8137BAAF 9F332A62 8CD1AFCB

  62489E17 2BAC5889 9D193AF9 9FE49C46 4F2E5FDF 9F33ED6C BC31B4B0 C2C7BD1C

  2A2E5F80 BD6DA0D2 4C1C1E54 817F0782 29182467 E0BEDC55 D2B1CE6A 0FBA9E46

  F9A01E7C 314F0203 010001A3 63306130 0F060355 1D130101 FF040530 030101FF

  300E0603 551D0F01 01FF0404 03020186 301F0603 551D2304 18301680 1436A77A

  961AA816 148A13DF C1BFA67F 0059E0E9 FC301D06 03551D0E 04160414 36A77A96

  1AA81614 8A13DFC1 BFA67F00 59E0E9FC 300D0609 2A864886 F70D0101 04050003

  81810063 75E8F736 D60C8CE5 838E3A2B F9DD381C AA148578 69B4C36C 7B00EC86

  9803B8A0 9598B2D5 33FB1C35 E755556C 284FED91 E02F32C3 181D45DE 35C7DC2B

  47A34E1D 3ECC7DA6 E37F979D 7779079D 4116ABD3 1E6A2731 D5ADFD57 24A899BB

  143A76ED 3092BC64 6B0AD687 9EECF75E 30DB5F7F 93A64EE5 933FF65C 8DFB771E B9BCF9

        quit

voice-card 0

dspfarm

dsp services dspfarm

!

!

voice rtp send-recv

!

voice service voip

ip address trusted list

  ipv4 0.0.0.0 0.0.0.0

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

supplementary-service h450.12

no supplementary-service sip moved-temporarily

no supplementary-service sip refer

fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw

vpn-group 1

  vpn-gateway 1

https://66.180.111.140/SSLVPNphone

  vpn-trustpoint 1 trustpoint cme_cert root

  vpn-hash-algorithm sha-1

vpn-profile 1

  host-id-check disable

sip

  header-passing

  error-passthru

  registrar server expires max 3600 min 3600

  localhost dns:sipconnect.den0.cbeyond.net

  outbound-proxy dns:sip-proxy.den0.cbeyond.net

  early-offer forced

  midcall-signaling passthru

!

voice class codec 1

codec preference 1 g711ulaw

!

voice class custom-cptone leavetone

dualtone conference

  frequency 600 900

  cadence 300 150 300 100 300 50

!

voice class custom-cptone jointone

dualtone conference

  frequency 600 900

  cadence 300 150 300 100 300 50

!

!

voice hunt-group 1 parallel

final 5000

list 710,720,751,753,754

timeout 16

pilot 4000

!

!

voice hunt-group 10 parallel

final 5000

list 752,7999

timeout 16

pilot 4001

!

!

!

!

voice translation-rule 1

rule 1 /7194655810/ /5000/

rule 2 /7194711200/ /5001/

rule 3 /7194655829/ /4000/

!

voice translation-rule 9

rule 1 /^911$/ /911/

rule 2 /^9\(.*\)/ /\1/

rule 3 /^719\(.*\)/ /9\1/

rule 4 /\(..........\)/ /91\1/

!

voice translation-rule 10

rule 1 /^.*/ /7195340313/

!

voice translation-rule 99

rule 2 /\(^9\)\([2-9]......\)/ /\2/

rule 3 /\(^9\)\([2-9]..[2-9]......\)/ /\2/

rule 5 /^9\(.......\)$/ /719\1/

rule 6 /\(^.......\)$/ /9\1/

rule 7 /5000/ /7194655827/

rule 9 /5001/ /7194655828/

rule 11 /^911$/ /911/

rule 12 /^9911$/ /911/

rule 14 /^9\(.*\)/ /\1/

!

voice translation-rule 410

rule 1 /^9\(.......\)$/ /719\1/

rule 2 /5000/ /7194655810/

rule 3 /5001/ /7194655820/

rule 4 /^2\(..\)$/ /71939791\1/

rule 5 /^9\(.*\)/ /\1/

!

!

voice translation-profile CUE_Incoming

translate calling 9

translate called 1

!

voice translation-profile OUTBOUND_e164

translate calling 10

translate called 9

translate redirect-target 410

translate redirect-called 410

!

voice translation-profile PSTN_CallForwarding

translate redirect-target 410

translate redirect-called 410

!

!

license udi pid CISCO2911/K9 sn FCZ150427LS

license accept end user agreement

license boot module c2900 technology-package securityk9

license agent notify

http://10.10.10.202:8081/clm/servlet/HttpListenServlet

dummy dummy

hw-module ism 0

!

hw-module pvdm 0/0

!

!

!

username jadmin privilege 15 secret 5 $1$5FEp$XPj.yq39Rmnz1sLlhLkVe1

username Myra privilege 5 secret 5 $1$77V7$jl6RNSCtPxzCq4B1z4nFr0

username kcarlson privilege 15 secret 5 $1$GEst$V95.4bjl392foYqhtfPhP0

username dmcomber privilege 5 secret 5 $1$5Waj$a5/NWhzmlD/VPgQYBUZlM/

username srobbins privilege 5 secret 5 $1$r4XE$CS2YxYn8IawDnrp/XHJDt.

username bmcginn privilege 5 secret 5 $1$7piK$ukXztBQm8rKuiCqXhQ.Mq.

username jcarney privilege 5 secret 5 $1$atyL$z4AwwnBxgZbhjpZui.MSA0

username wrobbins privilege 5 secret 5 $1$xGnL$mje12Iyw2zN9cRDoEPKkx.

username kparsons privilege 15 secret 5 $1$JKVl$RBagk8FyZ5Gd6/LKKYDgt.

username dharris privilege 15 secret 5 $1$2Jp1$18qdkFkjm8uqgwZHYuzE40

!

redundancy

!

!

!

!

ip ftp username admin

ip ftp password admin

!

crypto keyring S2S

  pre-shared-key address 0.0.0.0 0.0.0.0 key jenco11

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp policy 2

encr aes

hash md5

authentication pre-share

group 2

!

crypto isakmp policy 100

encr aes 192

authentication pre-share

group 5

crypto isakmp key jenco-en1 address 66.180.111.137

!

crypto isakmp client configuration group VPNusers

key jencovpn

dns 10.10.10.200

pool VPN

acl 107

include-local-lan

crypto isakmp profile VPNC

   match identity group VPNusers

   client authentication list sdm_vpn_xauth_ml_4

   isakmp authorization list sdm_vpn_group_ml_4

   client configuration address respond

   virtual-template 4

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac

crypto ipsec transform-set TRANSFORM esp-aes 192 esp-sha-hmac

!

crypto ipsec profile HUBSPOKE

set transform-set ESP-3DES-SHA3

!

crypto ipsec profile VPNclients

set transform-set ESP-3DES-SHA

!

!

!

crypto dynamic-map dmap 10

set transform-set ESP-3DES-SHA

!

crypto dynamic-map vpndynamic 100

set transform-set TRANSFORM

match address MY-VPN

reverse-route

!

!

!

!

crypto map dynamic-map 10 ipsec-isakmp dynamic dmap

!

crypto map mydymap 100 ipsec-isakmp dynamic vpndynamic

!

crypto map static-map 10 ipsec-isakmp

! Incomplete

set peer 66.180.111.140

!

!

!

!

!

interface Loopback0

ip address 10.1.10.2 255.255.255.0

!

interface Loopback10

ip address 66.180.111.139 255.255.255.255

no ip redirects

no ip unreachables

!

interface Loopback20

ip address 66.180.111.138 255.255.255.255

ip virtual-reassembly in

!

interface Loopback30

ip address 66.180.111.140 255.255.255.255

!

interface Loopback37

ip address 66.180.111.137 255.255.255.255

crypto map mydymap

!

interface Tunnel100

bandwidth 1440

ip address 10.20.100.1 255.255.255.0

no ip redirects

ip mtu 1400

ip nhrp authentication jencovpn

ip nhrp map multicast dynamic

ip nhrp network-id 999

ip nhrp holdtime 450

ip tcp adjust-mss 1360

tunnel source 66.180.111.138

tunnel mode gre multipoint

tunnel protection ipsec profile HUBSPOKE

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

no ip address

ip nbar protocol-discovery

ip flow ingress

ip flow egress

duplex full

speed 1000

vlan-id dot1q 999

  exit-vlan-config

!

!

interface GigabitEthernet0/0.10

description === Servers ===

encapsulation dot1Q 1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

ip tcp adjust-mss 1412

!

interface GigabitEthernet0/0.60

description === Workstations ===

encapsulation dot1Q 60 native

ip address 10.10.60.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.70

description === Wireless ===

encapsulation dot1Q 70

ip address 10.10.70.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.80

description === VPN Clients ===

encapsulation dot1Q 80

ip address 10.10.80.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.90

description === VoIP ===

encapsulation dot1Q 90

ip address 10.10.90.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface ISM0/0

ip unnumbered Loopback0

service-module ip address 10.1.10.1 255.255.255.0

!Application: CUE Running on ISM

service-module ip default-gateway 10.1.10.2

no keepalive

!

interface GigabitEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface GigabitEthernet0/2

description $ES_LAN$

ip address 64.207.43.92 255.255.255.248 secondary

ip address 64.207.43.91 255.255.255.248 secondary

ip address 64.207.43.90 255.255.255.248 secondary

ip address 66.180.111.130 255.255.255.252

no ip redirects

no ip unreachables

ip nbar protocol-discovery

ip flow ingress

ip nat outside

ip virtual-reassembly in

ip verify unicast reverse-path

duplex auto

speed auto

no cdp enable

!

interface ISM0/1

description Internal switch interface connected to Internal Service Module

no ip address

shutdown

!

interface Virtual-Template2

no ip address

!

interface Virtual-Template4 type tunnel

ip unnumbered GigabitEthernet0/2

tunnel mode ipsec ipv4

tunnel protection ipsec profile VPNclients

!

interface Vlan1

no ip address

!

ip local pool VPN 10.10.80.64 10.10.80.127

ip local pool REMOTE 10.10.70.64 10.10.70.127

ip local pool SSLVPNphone_pool 10.10.90.100 10.10.90.150

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip http path flash0:

ip flow-top-talkers

top 10

sort-by bytes

!

ip nat inside source static tcp 10.10.10.200 110 interface GigabitEthernet0/2 110

ip nat inside source static tcp 10.10.10.200 80 interface GigabitEthernet0/2 80

ip nat inside source static tcp 10.10.10.200 25 interface GigabitEthernet0/2 25

ip nat inside source static tcp 10.10.10.200 443 interface GigabitEthernet0/2 443

ip nat inside source route-map SDM_RMAP_3 interface GigabitEthernet0/2 overload

ip route 0.0.0.0 0.0.0.0 66.180.111.129

ip route 10.1.10.1 255.255.255.255 ISM0/0

ip route 10.20.10.0 255.255.255.0 10.20.100.20 name UTAH_DATA

ip route 10.20.90.0 255.255.255.0 10.20.100.20 name UTAH_VOIP

!

ip access-list extended DMVPN_ROUTING

permit ip any any

ip access-list extended MY-VPN

permit ip 10.10.0.0 0.0.255.255 192.168.0.0 0.0.255.255

ip access-list extended S2S_ROUTING

permit ip any any

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 69 permit any

access-list 100 remark CCP_ACL Category=4

access-list 100 permit ip 10.0.0.0 0.255.255.255 any

access-list 101 deny   ip 77.0.0.0 0.0.0.255 any

access-list 101 deny   ip 123.0.0.0 0.0.0.255 any

access-list 101 deny   ip 213.0.0.0 0.0.0.255 any

access-list 101 deny   ip 87.0.0.0 0.0.0.255 any

access-list 101 deny   ip 218.0.0.0 0.0.0.255 any

access-list 101 deny   ip 84.0.0.0 0.0.0.255 any

access-list 101 deny   ip 95.0.0.0 0.0.0.255 any

access-list 101 permit tcp any any established

access-list 101 permit icmp any host 64.207.43.90

access-list 101 permit tcp any host 64.207.43.90 eq 443

access-list 101 permit tcp any host 64.207.43.90 eq pop3

access-list 101 permit tcp any host 64.207.43.90 eq www

access-list 101 permit tcp any host 64.207.43.90 eq smtp

access-list 101 permit udp any host 64.207.43.90 eq non500-isakmp

access-list 101 permit udp any host 64.207.43.90 eq isakmp

access-list 101 permit esp any host 64.207.43.90

access-list 101 permit ahp any host 64.207.43.90

access-list 101 permit udp host 66.180.96.12 eq domain any

access-list 101 permit udp host 64.238.96.12 eq domain any

access-list 101 deny   ip any any log

access-list 103 permit ip 10.10.90.0 0.0.0.255 any

access-list 103 remark SDM_ACL Category=2

access-list 103 deny   ip any 10.10.30.128 0.0.0.127

access-list 103 deny   ip 10.10.20.0 0.0.0.255 10.10.30.128 0.0.0.127

access-list 103 deny   ip 10.10.10.0 0.0.0.255 10.10.30.128 0.0.0.127

access-list 103 deny   ip any 10.10.80.0 0.0.0.255

access-list 103 permit ip 10.10.10.0 0.0.0.255 any

access-list 103 deny   ip any 10.10.10.0 0.0.0.255

access-list 103 permit ip 10.10.70.0 0.0.0.255 any

access-list 103 deny   ip any 10.10.60.0 0.0.0.255

access-list 107 permit ip 10.10.10.0 0.0.0.255 any

access-list 107 permit ip 10.10.20.0 0.0.0.255 any

access-list 107 permit ip 10.10.30.0 0.0.0.255 any

access-list 107 permit ip 10.10.80.0 0.0.0.255 any

access-list 107 permit ip 10.10.90.0 0.0.0.255 any

access-list 107 permit ip 10.10.60.0 0.0.0.255 any

access-list 112 deny   ip 10.10.0.0 0.0.255.255 192.168.0.0 0.0.255.255

access-list 112 permit ip 10.10.0.0 0.0.255.255 any

!

!

!

!

route-map SDM-RMAP_2 permit 10

!

route-map S2S_ROUTE permit 5

match ip address S2S_ROUTING

set ip next-hop 64.207.43.92

!

route-map 107 permit 1

match ip address 107

!

route-map DMVPN_ROUTE permit 10

match ip address DMVPN_ROUTING

set ip next-hop 64.207.43.92

!

route-map SDM_RMAP_1 permit 1

match ip address 103

!

route-map SDM_RMAP_2 permit 1

match ip address 104

!

route-map SDM_RMAP_3 permit 1

match ip address 103

!

route-map MY-VPN permit 15

match ip address MY-VPN

set ip next-hop 64.207.43.92

!

route-map nonat permit 15

match ip address 112

!

!

snmp-server community BUCKeyes RO

snmp-server community Ge7C&hw RO

snmp-server ifindex persist

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps envmon fan shutdown supply temperature

snmp-server enable traps config

snmp-server enable traps syslog

snmp-server host 10.10.10.202 version 2c BUCKeyes

snmp-server host 10.10.10.204 version 2c BUCKeyes

tftp-server flash:DistinctiveRingList.xml

tftp-server flash:RingList.xml

tftp-server flash:Vibe.raw

tftp-server flash:Classic2.raw

tftp-server flash:ClockShop.raw

tftp-server flash:Drums1.raw

tftp-server flash:Drums2.raw

tftp-server flash:FilmScore.raw

tftp-server flash:HarpSynth.raw

tftp-server flash:Jamaica.raw

tftp-server flash:KotoEffect.raw

tftp-server flash:MusicBox.raw

tftp-server flash:Piano1.raw

tftp-server flash:Piano2.raw

tftp-server flash:Pop.raw

tftp-server flash:Pulse1.raw

tftp-server flash:Ring1.raw

tftp-server flash:Ring2.raw

tftp-server flash:Ring3.raw

tftp-server flash:Ring4.raw

tftp-server flash:Ring5.raw

tftp-server flash:Ring6.raw

tftp-server flash:Ring7.raw

tftp-server flash:Sax1.raw

tftp-server flash:Sax2.raw

tftp-server flash:Analog1.raw

tftp-server flash:Analog2.raw

tftp-server flash:AreYouThere.raw

tftp-server flash:AreYouThereF.raw

tftp-server flash:Bass.raw

tftp-server flash:CallBack.raw

tftp-server flash:Chime.raw

tftp-server flash:Classic1.raw

tftp-server flash:/Phones/7940-7960/v6.0.4/P00306000400.bin alias P00306000400.bin

tftp-server flash:/Phones/7940-7960/v6.0.4/P00306000400.sb2 alias P00306000400.sb2

tftp-server flash:/Phones/7940-7960/v6.0.4/P00306000400.sbn alias P00306000400.sbn

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.bin alias P00308010100.bin

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.loads alias P00308010100.loads

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.sb2 alias P00308010100.sb2

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.sbn alias P00308010100.sbn

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.bin alias P00308010200.bin

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.loads alias P00308010200.loads

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.sb2 alias P00308010200.sb2

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.sbn alias P00308010200.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/apps42.8-5-2TH1-9.sbn alias apps42.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/cnu42.8-5-2TH1-9.sbn alias cnu42.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/cvm42sccp.8-5-2TH1-9.sbn alias cvm42sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/dsp42.8-5-2TH1-9.sbn alias dsp42.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/jar42sccp.8-5-2TH1-9.sbn alias jar42sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/SCCP42.8-5-2S.loads alias SCCP42.8-5-2S.loads

tftp-server flash:Phones/7975/v8.5.2/apps75.8-5-2TH1-9.sbn alias apps75.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/cnu75.8-5-2TH1-9.sbn alias cnu75.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/cvm75sccp.8-5-2TH1-9.sbn alias cvm75sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/dsp75.8-5-2TH1-9.sbn alias dsp75.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/jar75sccp.8-5-2TH1-9.sbn alias jar75sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/SCCP75.8-5-2S.loads alias SCCP75.8-5-2S.loads

tftp-server flash:Phones/7975/v8.5.2SR1/apps75.8-5-2CA1-6.sbn alias apps75.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/cnu75.8-5-2CA1-6.sbn alias cnu75.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/cvm75sccp.8-5-2CA1-6.sbn alias cvm75sccp.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/dsp75.8-5-2CA1-6.sbn alias dsp75.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/jar75sccp.8-5-2CA1-6.sbn alias jar75sccp.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/SCCP75.8-5-2SR1S.loads alias SCCP75.8-5-2SR1S.loads

tftp-server flash:Phones/7975/v8.5.3/apps75.8-5-3TH1-6.sbn alias apps75.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/cnu75.8-5-3TH1-6.sbn alias cnu75.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/cvm75sccp.8-5-3TH1-6.sbn alias cvm75sccp.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/dsp75.8-5-3TH1-6.sbn alias dsp75.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/jar75sccp.8-5-3TH1-6.sbn alias jar75sccp.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/SCCP75.8-5-3S.loads alias SCCP75.8-5-3S.loads

tftp-server flash:Phones/7975/v8.5.3SR1/apps75.8-5-3ES4.sbn alias apps75.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/cnu75.8-5-3ES4.sbn alias cnu75.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/cvm75sccp.8-5-3ES4.sbn alias cvm75sccp.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/dsp75.8-5-3ES4.sbn alias dsp75.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/jar75sccp.8-5-3ES4.sbn alias jar75sccp.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/SCCP75.8-5-3SR1S.loads alias SCCP75.8-5-3SR1S.loads

tftp-server flash:Phones/7975/v8.5.4/apps75.8-5-4TH1-6.sbn alias apps75.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/cnu75.8-5-4TH1-6.sbn alias cnu75.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/cvm75sccp.8-5-4TH1-6.sbn alias cvm75sccp.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/dsp75.8-5-4TH1-6.sbn alias dsp75.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/jar75sccp.8-5-4TH1-6.sbn alias jar75sccp.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/SCCP75.8-5-4S.loads alias SCCP75.8-5-4S.loads

tftp-server flash:Phones/7975/v9.0.2SR1/apps75.9-0-2ES2.sbn alias apps75.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/cnu75.9-0-2ES2.sbn alias cnu75.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/cvm75sccp.9-0-2ES2.sbn alias cvm75sccp.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/dsp75.9-0-2ES2.sbn alias dsp75.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/jar75sccp.9-0-2ES2.sbn alias jar75sccp.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/SCCP75.9-0-2SR1S.loads alias SCCP75.9-0-2SR1S.loads

tftp-server flash:Phones/7975/v9.0.2SR2/apps75.9-0-2ES3.sbn alias apps75.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/cnu75.9-0-2ES3.sbn alias cnu75.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/cvm75sccp.9-0-2ES3.sbn alias cvm75sccp.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/dsp75.9-0-2ES3.sbn alias dsp75.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/jar75sccp.9-0-2ES3.sbn alias jar75sccp.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/SCCP75.9-0-2SR2S.loads alias SCCP75.9-0-2SR2S.loads

tftp-server flash:Phones/7975/v9.0.3/apps75.9-0-3TH1-22.sbn alias apps75.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/cnu75.9-0-3TH1-22.sbn alias cnu75.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/cvm75sccp.9-0-3TH1-22.sbn alias cvm75sccp.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/dsp75.9-0-3TH1-22.sbn alias dsp75.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/SCCP75.9-0-3S.loads alias SCCP75.9-0-3S.loads

tftp-server flash:Phones/7975/v9.1.1SR1/jar75sccp.9-1-1TH1-16.sbn alias jar75sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/apps75.9-1-1TH1-16.sbn alias apps75.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/cnu75.9-1-1TH1-16.sbn alias cnu75.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/cvm75sccp.9-1-1TH1-16.sbn alias cvm75sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/dsp75.9-1-1TH1-16.sbn alias dsp75.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/SCCP75.9-1-1SR1S.loads alias SCCP75.9-1-1SR1S.loads

tftp-server flash:Phones/7942-7962/v8.5.2/term62.default.loads alias term62.default.loads

tftp-server flash:Phones/7936/v3.3.21/cmterm-7936-sccp.3-3-21.cop.sgn alias cmterm-7936-sccp.3-3-21.cop.sgn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/SCCP42.9-1-1SR1S.loads alias SCCP42.9-1-1SR1S.loads

tftp-server flash:Phones/7942-7962/v9.1.1SR1/apps42.9-1-1TH1-16.sbn alias apps42.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/cnu42.9-1-1TH1-16.sbn alias cnu42.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/cvm42sccp.9-1-1TH1-16.sbn alias cvm42sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/dsp42.9-1-1TH1-16.sbn alias dsp42.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/jar42sccp.9-1-1TH1-16.sbn alias jar42sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7940-7960/v8.1.1/cmterm-7940-7960-sccp.8-1-1.cop.sgn alias cmterm-7940-7960-sccp.8-1-1.cop.sgn

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.loads alias P00307020400.loads

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.sbn alias P00307020400.sbn

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.sb2 alias P00307020400.sb2

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.bin alias P00307020400.bin

tftp-server flash:Phones/7915-12/v1.0.4/cmterm-7915.1-0-4.cop.sgn alias cmterm-7915.1-0-4.cop.sgn

tftp-server flash:Phones/7942-7962/v8.5.2/term62.default.loads alias term62.default

tftp-server flash:Phones/7975/v9.0.2SR1/term75.default.loads alias term75.default

tftp-server flash:Phones/7975/v9.0.2SR1/term75.default.loads alias term75.default.loads

!

!

!

control-plane

!

!

voice-port 0/0/0

!

voice-port 0/0/1

!

ccm-manager mgcp

!

!

mgcp profile default

!

sccp local GigabitEthernet0/0.90

sccp ccm 10.10.90.1 identifier 1 version 7.0

sccp

!

sccp ccm group 123

bind interface GigabitEthernet0/0.90

associate ccm 1 priority 1

associate profile 1 register confprof1

keepalive retries 5

!

dspfarm profile 1 conference

codec g711ulaw

maximum sessions 7

conference-leave custom-cptone leavetone

associate application SCCP

!

dial-peer cor custom

name internal

name local

name domestic

name international

name 900

name 719

!

!

dial-peer cor list call-internal

member internal

!

dial-peer cor list call-local

member local

!

dial-peer cor list call-domestic

member domestic

!

dial-peer cor list call-international

member international

!

dial-peer cor list call-900

member 900

!

dial-peer cor list user-internal

member internal

!

dial-peer cor list user-local

member internal

member local

!

dial-peer cor list user-domestic

member internal

member local

member domestic

!

dial-peer cor list user-international

member internal

member local

member domestic

member international

!

dial-peer cor list user900-internal

member internal

member 900

member 719

!

dial-peer cor list user900-local

member internal

member local

member 900

member 719

!

dial-peer cor list user900-domestic

member internal

member local

member domestic

member 900

member 719

!

dial-peer cor list user900-international

member internal

member local

member domestic

member international

member 900

member 719

!

dial-peer cor list call-719

member 719

!

!

dial-peer voice 100 voip

description ** Incoming call from SIP trunk **

translation-profile incoming CUE_Incoming

session protocol sipv2

session target sip-server

incoming called-number .T

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 101 voip

corlist outgoing call-local

description ** Outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9[2-9]......

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 102 voip

corlist outgoing call-domestic

description ** Outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9[0-1][2-9]..[2-9]......

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 103 voip

corlist outgoing call-local

description ** 911 outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 911

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 104 voip

corlist outgoing call-local

description ** emergency outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9911

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 105 voip

corlist outgoing call-local

description ** 911/411 outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9[2-9]11

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 106 voip

corlist outgoing call-international

description ** International outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9011T

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 107 voip

corlist outgoing call-local

description ** star code to SIP trunk **

destination-pattern *..

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 25 voip

description ** cue voicemail pilot number **

destination-pattern 5000

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

voice-class sip outbound-proxy ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 26 voip

description ** cue auto attendant number **

translation-profile outgoing PSTN_CallForwarding

destination-pattern 5001

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

voice-class sip outbound-proxy ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 27 voip

description ** cue prompt management **

translation-profile outgoing PSTN_CallForwarding

destination-pattern 5002

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 28 voip

description ** cue direct transfer to voicemail script **

translation-profile outgoing PSTN_CallForwarding

destination-pattern 5003

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

!

presence

presence call-list

!

sip-ua

credentials username 7195340313 password 7 02363C0F393637757E realm jencotech.com

authentication username 7195340313 password 7 12293D43203B345018

no remote-party-id

retry invite 2

retry register 10

timers connect 100

registrar dns:sipconnect.den0.cbeyond.net expires 3600

sip-server dns:sipconnect.den0.cbeyond.net

host-registrar

presence enable

!

!

!

gatekeeper

shutdown

!

!

credentials

ctl-service admin jadmin secret 1 062C2F25410F07

ip source-address 10.10.90.1 port 2445

trustpoint cme_root

!

!

telephony-service

sdspfarm conference mute-on 111 mute-off 222

sdspfarm units 3

sdspfarm transcode sessions 8

sdspfarm tag 1 confprof1

conference hardware

video

  maximum bit-rate 384

authentication credential admin admin

max-ephones 58

max-dn 300

ip source-address 10.10.90.1 port 2000 secondary 66.180.111.130

max-redirect 20

system message Jenco

url services

http://10.1.10.1/voiceview/common/login.do

url authentication

http://10.1.10.1/voiceview/authentication/authenticate.do

cnf-file location flash:

cnf-file perphone

user-locale US load CME-locale-en_US-English-8.6.2.4.tar

load 7915-12 cmterm-7915.1-0-4

load 7912 cmterm-7912-8.0.1-sccp

load 7936 cmterm-7936-sccp.3-3-21

load 7960-7940 cmterm-7940-7960-sccp.8-1-1

load 7962 SCCP42.9-1-1SR1S

load 7975 SCCP75.9-0-2SR1S

time-zone 6

voicemail 5000

max-conferences 8 gain -6

call-park system application

moh music-on-hold.au

multicast moh 239.10.10.10 port 2000 route 10.10.90.1

web admin system name jadmin secret 5 $1$Z9gz$fUHQDSr.22O2zmBF5QrOV.

dn-webedit

time-webedit

transfer-system full-consult

transfer-pattern .T

transfer-pattern 9.T

transfer-pattern 5...

secondary-dialtone 9

fac standard

create cnf-files version-stamp Jan 01 2002 00:00:00

!

!

ephone-dn-template  1

hold-alert 15 originator

!

!

ephone-template  1

softkeys idle  Newcall Redial Cfwdall Pickup Gpickup Dnd

softkeys connected  Hold Trnsfer TrnsfVM Park Confrn Endcall

!

!

ephone-template  2

!

!

ephone-template  3

conference drop-mode local

conference admin

softkeys hold  Join Newcall Resume

softkeys idle  Cfwdall Newcall Redial Pickup Dnd

softkeys seized  Cfwdall Redial Pickup Endcall

softkeys connected  Hold Trnsfer TrnsfVM Park Confrn Endcall RmLstC

!

!

ephone-dn  1  dual-line

number 710 secondary 7193140552 no-reg primary

pickup-group 1

label Kent

name Kent Carlson

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  2  dual-line

number 720 secondary 7195340313 no-reg primary

label Dan

name Dan McOmber

allow watch

call-forward all 752

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  3  dual-line

number 751 secondary 7194655811 no-reg primary

label Jim

name Jim Carney

allow watch

call-forward all 720

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  4  dual-line

number 752 secondary 7194655812 no-reg primary

label Louise

name Louise Erasmus

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  5  dual-line

number 753 secondary 7194655813 no-reg primary

label Spare Desk

name Spare Desk

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 10

ephone-dn-template 1

!

!

ephone-dn  9  dual-line

number 770 secondary 8015761064 no-reg primary

label Stew

name Stew Robbins

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  10

number 771 no-reg primary

label Winston

name Winston Robbins

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  11  dual-line

number 790 no-reg primary

label Britt

name Britt McGinn

allow watch

call-forward all 916267168078

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  12  octo-line

number 760

label Conference

name CONFERENCE PHONE

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  13

number 780

label Utah Lobby

name UTAH LOBBY

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  98

number 5098... no-reg primary

mwi off

!

!

ephone-dn  99

number 5099... no-reg primary

mwi on

!

!

ephone-dn  100  octo-line

number 888

label Spare Line

description OCTOLINE

!

!

ephone-dn  201  octo-line

number 2001 no-reg primary

description AD-HOC Conference Extension #1

conference ad-hoc

!

!

ephone-dn  202  octo-line

number 2002 no-reg primary

description AD-HOC Conference Extension #2

conference ad-hoc

!

!

ephone-dn  203  octo-line

number 2003 no-reg primary

description AD-HOC Conference Extension #3

conference ad-hoc

!

!

ephone-dn  204  octo-line

number 2004 no-reg primary

description AD-HOC Conference Extension #4

conference ad-hoc

!

!

ephone-dn  205  octo-line

number 2005 no-reg primary

description AD-HOC Conference Extension #5

conference ad-hoc

!

!

ephone-dn  206  octo-line

number 2006 no-reg primary

description AD-HOC Conference Extension #6

conference ad-hoc

!

!

ephone-dn  207  octo-line

number 2007 no-reg primary

description AD-HOC Conference Extension #7

conference ad-hoc

!

!

ephone-dn  208  octo-line

number 2008 no-reg primary

description AD-HOC Conference Extension #8

conference ad-hoc

!

!

ephone-dn  250

number 7194655810 no-reg primary

description VM Pilot DID

!

!

ephone-dn  251

number 7194711200

description AA Pilot DID

!

!

ephone-dn  299

number 7001

park-slot timeout 15 limit 4 recall

label Park 1

description park-slot for Jenco

!

!

ephone-dn  300

number 7000

park-slot timeout 15 limit 4 recall

label Park 2

description park-slot for Jenco

!

!

ephone  1

device-security-mode none

headset auto-answer line 1

video

mac-address E804.62EB.1A24

ephone-template 3

presence call-list

speed-dial 1 93609503 label "Jen Cell"

speed-dial 2 751 label "Jim"

paging-dn 90

type 7975

button  1:1 2:299 3:300

!

!

!

ephone  2

device-security-mode none

headset auto-answer line 1

video

mac-address 108C.CF75.CD2B

ephone-template 3

presence call-list

paging-dn 90

type 7975

button  1:2

!

!

!

ephone  3

device-security-mode none

headset auto-answer line 1

video

mac-address ACA0.166F.5C81

ephone-template 3

presence call-list

paging-dn 90

type 7962

button  1:3

!

!

!

ephone  4

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.4593.3A77

ephone-template 3

presence call-list

paging-dn 90

type 7962 addon 1 7915-12

button  1:4 7w1 8w2 9w3

button  10w5 11w9 12w10 13w11

button  15w13

!

!

!

ephone  5

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.8417.1433

ephone-template 3

username "sparedesk" password sparedesk

presence call-list

paging-dn 90

type 7962

vpn-group 1

vpn-profile 1

button  1:5

!

!

!

ephone  9

device-security-mode none

headset auto-answer line 1

video

mac-address 108C.CF75.D216

ephone-template 3

presence call-list

paging-dn 90

type 7975

button  1:9

!

!

!

ephone  10

device-security-mode none

video

mac-address 0015.F9C7.426D

ephone-template 3

presence call-list

paging-dn 90

type 7940

button  1:10

!

!

!

ephone  11

device-security-mode none

headset auto-answer line 1

video

mac-address 0018.1843.915B

ephone-template 3

presence call-list

paging-dn 90

type 7940

button  1:11

!

!

!

ephone  12

device-security-mode none

headset auto-answer line 1

mac-address 00E0.75F3.BE2A

ephone-template 3

paging-dn 90

type 7936

keep-conference endcall

button  1:12

!

!

!

ephone  13

device-security-mode none

mac-address 0016.9DC2.FA42

ephone-template 3

paging-dn 90

type 7912

button  1:13

!

!

!

ephone  50

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.4593.3A6C

ephone-template 1

presence call-list

paging-dn 90

type 7962

button  1:1 2:299 3:300

!

!

!

ephone  51

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.4593.3AB1

ephone-template 1

presence call-list

paging-dn 90

type 7962

vpn-group 1

vpn-profile 1

button  1:2

!

!

!

ephone  52

device-security-mode none

headset auto-answer line 1

video

mac-address 0017.957B.CDE8

ephone-template 1

presence call-list

paging-dn 90

type 7940

button  1:3

!

!

!

ephone  299

device-security-mode none

!

!

!

!

line con 0

exec-timeout 0 0

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line 131

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

transport input ssh

line vty 5 15

transport input ssh

!

scheduler allocate 20000 1000

!

webvpn gateway sslvpn_gw

ip interface Loopback30 port 443

ssl encryption 3des-sha1 aes-sha1

ssl trustpoint cme_cert

logging enable

inservice

!

webvpn gateway GW1

ssl trustpoint TP-SELF-SIGNED

no inservice

!

webvpn install svc flash0:/webvpn/anyconnect-dart-win-2.5.3055-k9.pkg sequence 1

!

webvpn context sslvpn_context

ssl encryption 3des-sha1 aes-sha1

ssl authenticate verify all

!

!

policy group SSLVPNphone

   functions svc-enabled

   hide-url-bar

   svc address-pool "SSLVPNphone_pool"

   svc default-domain "jencotech.com"

default-group-policy SSLVPNphone

aaa authentication list ciscocp_vpn_xauth_ml_1

gateway sslvpn_gw domain SSLVPNphone

inservice

!

end

boot-start-marker

boot system flash:c2900-universalk9-mz.SPA.151-4.M1.bin

boot-end-marker

!

!

no logging queue-limit

logging buffered 9000

no logging rate-limit

no logging console

!

aaa new-model

!

!

aaa authentication login default local

aaa authentication login ciscocp_vpn_xauth_ml_1 local

aaa authentication login sdm_vpn_xauth_ml_4 local

aaa authorization exec default local

aaa authorization network ciscocp_vpn_group_ml_1 local

aaa authorization network sdm_vpn_group_ml_4 local

!

!

!

!

!

aaa session-id common

!

clock timezone MST -7 0

clock summer-time MST recurring

!

no ipv6 cef

no ip source-route

!

ip traffic-export profile TAC mode capture

  bidirectional

ip cef

!

!

!

ip dhcp excluded-address 10.10.60.1 10.10.60.49

ip dhcp excluded-address 10.10.70.1 10.10.70.49

ip dhcp excluded-address 10.10.80.1 10.10.80.49

ip dhcp excluded-address 10.10.90.1 10.10.90.49

ip dhcp excluded-address 10.10.80.150 10.10.80.254

ip dhcp excluded-address 10.10.80.0 10.10.80.15

!

ip dhcp pool WIRELESS

network 10.10.70.0 255.255.255.0

default-router 10.10.70.1

dns-server 10.10.10.200

lease 2

!

ip dhcp pool VOIP

network 10.10.90.0 255.255.255.0

default-router 10.10.90.1

option 150 ip 10.10.90.1

dns-server 10.10.10.200

lease 2

!

!

ip domain name jencotech.com

ip name-server 66.180.96.12

!

multilink bundle-name authenticated

!

!

!

!

!

ctl-client

server capf 10.10.90.1 trustpoint cme_root

server tftp 10.10.90.1 trustpoint cme_root

server cme 10.10.90.1 username jadmin password 1 0521260B2C0D40

server cme-tftp 10.10.90.1 trustpoint cme_root

sast1 trustpoint cme_root

sast2 trustpoint cme_cert

!

capf-server

auth-mode auth-string

cert-enroll-trustpoint cme_root password 1 083343411D

trustpoint-label cme_root

source-addr 10.10.90.1

!

!

crypto pki server cme_root

database level complete

grant auto

lifetime certificate 7305

lifetime ca-certificate 7305

crypto pki token default removal timeout 0

!

crypto pki trustpoint TP-self-signed-2494847547

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-2494847547

revocation-check none

rsakeypair TP-self-signed-2494847547

!

crypto pki trustpoint cme_root

enrollment url http://66.180.111.140:80

revocation-check none

rsakeypair cme_root

!

crypto pki trustpoint cme_cert

enrollment url

http://66.180.111.140:80

revocation-check none

!

!

crypto pki certificate chain TP-self-signed-2494847547

certificate self-signed 01

  3082022B 30820194 A0030201 02020101 300D0609 2A864886 F70D0101 05050030

  31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274

  69666963 6174652D 32343934 38343735 3437301E 170D3131 31303235 31393131

  32315A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649

  4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 34393438

  34373534 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281

  81009E8A 26188720 62E67E50 2F2E8102 8A13E28D 774EC9B3 680558B8 00B5A4A9

  4CFF6C75 B56C3D62 3CB594F3 3AB5BEF3 5C5783DD E5D283E5 BBF78049 72E6E115

  064451F3 85816876 FAC8A2E3 3AEBD3CA 6BC22FD8 56DBC781 06E63A58 DF6F6CEF

  FD384FD8 6296B529 C17BED4B B68F2987 5CCC09C7 AC561822 E342E2A8 F5C22177

  2CA70203 010001A3 53305130 0F060355 1D130101 FF040530 030101FF 301F0603

  551D2304 18301680 14B0A413 AB0CDA39 74CE5A65 0E26C9E0 408E877D 09301D06

  03551D0E 04160414 B0A413AB 0CDA3974 CE5A650E 26C9E040 8E877D09 300D0609

  2A864886 F70D0101 05050003 81810043 1596FBB7 73CF5DC2 ED6EF63D 1575A18F

  37C3EC9C FC6E3065 3E83DD44 50702A78 DF18893D F7F1F342 FAD234D3 9A8359DE

  90595B08 77ECEA76 25887045 6631A72E F6DEA32D 3D99F044 2B95AC89 D9082DEC

  96D2F104 C1DE7F3B 2C02277D FB8BBA46 258CF747 67F0FA7B 6A5DCE03 BD5CA886

  257A8F39 4A07964E 6A42500F 7151FB

        quit

crypto pki certificate chain cme_root

certificate ca 01

  308201FF 30820168 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  13311130 0F060355 04030C08 636D655F 726F6F74 301E170D 31313130 32373037

  31343432 5A170D33 31313032 37303731 3434325A 30133111 300F0603 5504030C

  08636D65 5F726F6F 7430819F 300D0609 2A864886 F70D0101 01050003 818D0030

  81890281 8100B897 182A2F69 F8D7ECB7 3F2BED75 A4EB787F 9B5BFF09 64DF87CC

  48B240B0 9DCB68BB E51D5D00 93F9E6B5 6C448F62 8137BAAF 9F332A62 8CD1AFCB

  62489E17 2BAC5889 9D193AF9 9FE49C46 4F2E5FDF 9F33ED6C BC31B4B0 C2C7BD1C

  2A2E5F80 BD6DA0D2 4C1C1E54 817F0782 29182467 E0BEDC55 D2B1CE6A 0FBA9E46

  F9A01E7C 314F0203 010001A3 63306130 0F060355 1D130101 FF040530 030101FF

  300E0603 551D0F01 01FF0404 03020186 301F0603 551D2304 18301680 1436A77A

  961AA816 148A13DF C1BFA67F 0059E0E9 FC301D06 03551D0E 04160414 36A77A96

  1AA81614 8A13DFC1 BFA67F00 59E0E9FC 300D0609 2A864886 F70D0101 04050003

  81810063 75E8F736 D60C8CE5 838E3A2B F9DD381C AA148578 69B4C36C 7B00EC86

  9803B8A0 9598B2D5 33FB1C35 E755556C 284FED91 E02F32C3 181D45DE 35C7DC2B

  47A34E1D 3ECC7DA6 E37F979D 7779079D 4116ABD3 1E6A2731 D5ADFD57 24A899BB

  143A76ED 3092BC64 6B0AD687 9EECF75E 30DB5F7F 93A64EE5 933FF65C 8DFB771E B9BCF9

        quit

crypto pki certificate chain cme_cert

certificate 02

  30820200 30820169 A0030201 02020102 300D0609 2A864886 F70D0101 05050030

  13311130 0F060355 04030C08 636D655F 726F6F74 301E170D 31313130 32373037

  31363436 5A170D33 31313032 37303731 3434325A 30283126 30240609 2A864886

  F70D0109 0216174A 656E636F 2D434D45 2E6A656E 636F7465 63682E63 6F6D3081

  9F300D06 092A8648 86F70D01 01010500 03818D00 30818902 8181009E C4C18608

  8ACC3DCF 269CD380 1AE18EF3 28F07E8F C260378C A4959623 5C296296 FB741554

  F6768C39 A125A170 623EC846 9560399B 673C5638 D1D3DC2C B7A4F330 F3528A6C

  0583F1D1 567F9438 1E54B9A4 A31A24E1 428105B5 1C2E782F 89C88EA6 A3AA0597

  2F0A89B2 4215B47F 88E12B1C B21D309D 5C71F4E9 10C83044 25C8F902 03010001

  A34F304D 300B0603 551D0F04 04030205 A0301F06 03551D23 04183016 801436A7

  7A961AA8 16148A13 DFC1BFA6 7F0059E0 E9FC301D 0603551D 0E041604 147D0E8A

  89377582 37E89CFE CB37CF50 37B00A82 15300D06 092A8648 86F70D01 01050500

  03818100 B0A6476F 5A0AF2FA 72A89C69 F5E81C9D B4FEE5C3 F7DEA18A 7D5B7F57

  D9FC7074 A02010EF 9B0588EA 098884E7 B30F3353 E251BFBD BC2E5E63 28923F8A

  8B61DCA1 F013437F 240CFF08 63FC0CCA 427DF951 BF793391 1E261CB9 56DBAE36

  BEFB685C 527BCF33 B9013F3E D7485080 3660680B 6BBA1783 3C0D9FA6 7EC4BA73 7DE2B777

        quit

certificate ca 01

  308201FF 30820168 A0030201 02020101 300D0609 2A864886 F70D0101 04050030

  13311130 0F060355 04030C08 636D655F 726F6F74 301E170D 31313130 32373037

  31343432 5A170D33 31313032 37303731 3434325A 30133111 300F0603 5504030C

  08636D65 5F726F6F 7430819F 300D0609 2A864886 F70D0101 01050003 818D0030

  81890281 8100B897 182A2F69 F8D7ECB7 3F2BED75 A4EB787F 9B5BFF09 64DF87CC

  48B240B0 9DCB68BB E51D5D00 93F9E6B5 6C448F62 8137BAAF 9F332A62 8CD1AFCB

  62489E17 2BAC5889 9D193AF9 9FE49C46 4F2E5FDF 9F33ED6C BC31B4B0 C2C7BD1C

  2A2E5F80 BD6DA0D2 4C1C1E54 817F0782 29182467 E0BEDC55 D2B1CE6A 0FBA9E46

  F9A01E7C 314F0203 010001A3 63306130 0F060355 1D130101 FF040530 030101FF

  300E0603 551D0F01 01FF0404 03020186 301F0603 551D2304 18301680 1436A77A

  961AA816 148A13DF C1BFA67F 0059E0E9 FC301D06 03551D0E 04160414 36A77A96

  1AA81614 8A13DFC1 BFA67F00 59E0E9FC 300D0609 2A864886 F70D0101 04050003

  81810063 75E8F736 D60C8CE5 838E3A2B F9DD381C AA148578 69B4C36C 7B00EC86

  9803B8A0 9598B2D5 33FB1C35 E755556C 284FED91 E02F32C3 181D45DE 35C7DC2B

  47A34E1D 3ECC7DA6 E37F979D 7779079D 4116ABD3 1E6A2731 D5ADFD57 24A899BB

  143A76ED 3092BC64 6B0AD687 9EECF75E 30DB5F7F 93A64EE5 933FF65C 8DFB771E B9BCF9

        quit

voice-card 0

dspfarm

dsp services dspfarm

!

!

voice rtp send-recv

!

voice service voip

ip address trusted list

  ipv4 0.0.0.0 0.0.0.0

allow-connections h323 to h323

allow-connections h323 to sip

allow-connections sip to h323

allow-connections sip to sip

no supplementary-service h450.2

no supplementary-service h450.3

supplementary-service h450.12

no supplementary-service sip moved-temporarily

no supplementary-service sip refer

fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback pass-through g711ulaw

vpn-group 1

  vpn-gateway 1 https://66.180.111.140/SSLVPNphone

  vpn-trustpoint 1 trustpoint cme_cert root

  vpn-hash-algorithm sha-1

vpn-profile 1

  host-id-check disable

sip

  header-passing

  error-passthru

  registrar server expires max 3600 min 3600

  localhost dns:sipconnect.den0.cbeyond.net

  outbound-proxy dns:sip-proxy.den0.cbeyond.net

  early-offer forced

  midcall-signaling passthru

!

voice class codec 1

codec preference 1 g711ulaw

!

voice class custom-cptone leavetone

dualtone conference

  frequency 600 900

  cadence 300 150 300 100 300 50

!

voice class custom-cptone jointone

dualtone conference

  frequency 600 900

  cadence 300 150 300 100 300 50

!

!

voice hunt-group 1 parallel

final 5000

list 710,720,751,753,754

timeout 16

pilot 4000

!

!

voice hunt-group 10 parallel

final 5000

list 752,7999

timeout 16

pilot 4001

!

!

!

!

voice translation-rule 1

rule 1 /7194655810/ /5000/

rule 2 /7194711200/ /5001/

rule 3 /7194655829/ /4000/

!

voice translation-rule 9

rule 1 /^911$/ /911/

rule 2 /^9\(.*\)/ /\1/

rule 3 /^719\(.*\)/ /9\1/

rule 4 /\(..........\)/ /91\1/

!

voice translation-rule 10

rule 1 /^.*/ /7195340313/

!

voice translation-rule 99

rule 2 /\(^9\)\([2-9]......\)/ /\2/

rule 3 /\(^9\)\([2-9]..[2-9]......\)/ /\2/

rule 5 /^9\(.......\)$/ /719\1/

rule 6 /\(^.......\)$/ /9\1/

rule 7 /5000/ /7194655827/

rule 9 /5001/ /7194655828/

rule 11 /^911$/ /911/

rule 12 /^9911$/ /911/

rule 14 /^9\(.*\)/ /\1/

!

voice translation-rule 410

rule 1 /^9\(.......\)$/ /719\1/

rule 2 /5000/ /7194655810/

rule 3 /5001/ /7194655820/

rule 4 /^2\(..\)$/ /71939791\1/

rule 5 /^9\(.*\)/ /\1/

!

!

voice translation-profile CUE_Incoming

translate calling 9

translate called 1

!

voice translation-profile OUTBOUND_e164

translate calling 10

translate called 9

translate redirect-target 410

translate redirect-called 410

!

voice translation-profile PSTN_CallForwarding

translate redirect-target 410

translate redirect-called 410

!

!

license udi pid CISCO2911/K9 sn FCZ150427LS

license accept end user agreement

license boot module c2900 technology-package securityk9

license agent notify

http://10.10.10.202:8081/clm/servlet/HttpListenServlet dummy dummy

hw-module ism 0

!

hw-module pvdm 0/0

!

!

!

username jadmin privilege 15 secret 5 $1$5FEp$XPj.yq39Rmnz1sLlhLkVe1

username Myra privilege 5 secret 5 $1$77V7$jl6RNSCtPxzCq4B1z4nFr0

username kcarlson privilege 15 secret 5 $1$GEst$V95.4bjl392foYqhtfPhP0

username dmcomber privilege 5 secret 5 $1$5Waj$a5/NWhzmlD/VPgQYBUZlM/

username srobbins privilege 5 secret 5 $1$r4XE$CS2YxYn8IawDnrp/XHJDt.

username bmcginn privilege 5 secret 5 $1$7piK$ukXztBQm8rKuiCqXhQ.Mq.

username jcarney privilege 5 secret 5 $1$atyL$z4AwwnBxgZbhjpZui.MSA0

username wrobbins privilege 5 secret 5 $1$xGnL$mje12Iyw2zN9cRDoEPKkx.

username kparsons privilege 15 secret 5 $1$JKVl$RBagk8FyZ5Gd6/LKKYDgt.

username dharris privilege 15 secret 5 $1$2Jp1$18qdkFkjm8uqgwZHYuzE40

!

redundancy

!

!

!

!

ip ftp username admin

ip ftp password admin

!

crypto keyring S2S

  pre-shared-key address 0.0.0.0 0.0.0.0 key jenco11

!

crypto isakmp policy 1

encr 3des

authentication pre-share

group 2

!

crypto isakmp policy 2

encr aes

hash md5

authentication pre-share

group 2

!

crypto isakmp policy 100

encr aes 192

authentication pre-share

group 5

crypto isakmp key jenco-en1 address 66.180.111.137

!

crypto isakmp client configuration group VPNusers

key jencovpn

dns 10.10.10.200

pool VPN

acl 107

include-local-lan

crypto isakmp profile VPNC

   match identity group VPNusers

   client authentication list sdm_vpn_xauth_ml_4

   isakmp authorization list sdm_vpn_group_ml_4

   client configuration address respond

   virtual-template 4

!

!

crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-3DES-SHA1 esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-3DES-SHA2 esp-3des esp-sha-hmac

crypto ipsec transform-set ESP-3DES-SHA3 esp-3des esp-sha-hmac

crypto ipsec transform-set TRANSFORM esp-aes 192 esp-sha-hmac

!

crypto ipsec profile HUBSPOKE

set transform-set ESP-3DES-SHA3

!

crypto ipsec profile VPNclients

set transform-set ESP-3DES-SHA

!

!

!

crypto dynamic-map dmap 10

set transform-set ESP-3DES-SHA

!

crypto dynamic-map vpndynamic 100

set transform-set TRANSFORM

match address MY-VPN

reverse-route

!

!

!

!

crypto map dynamic-map 10 ipsec-isakmp dynamic dmap

!

crypto map mydymap 100 ipsec-isakmp dynamic vpndynamic

!

crypto map static-map 10 ipsec-isakmp

! Incomplete

set peer 66.180.111.140

!

!

!

!

!

interface Loopback0

ip address 10.1.10.2 255.255.255.0

!

interface Loopback10

ip address 66.180.111.139 255.255.255.255

no ip redirects

no ip unreachables

!

interface Loopback20

ip address 66.180.111.138 255.255.255.255

ip virtual-reassembly in

!

interface Loopback30

ip address 66.180.111.140 255.255.255.255

!

interface Loopback37

ip address 66.180.111.137 255.255.255.255

crypto map mydymap

!

interface Tunnel100

bandwidth 1440

ip address 10.20.100.1 255.255.255.0

no ip redirects

ip mtu 1400

ip nhrp authentication jencovpn

ip nhrp map multicast dynamic

ip nhrp network-id 999

ip nhrp holdtime 450

ip tcp adjust-mss 1360

tunnel source 66.180.111.138

tunnel mode gre multipoint

tunnel protection ipsec profile HUBSPOKE

!

interface Embedded-Service-Engine0/0

no ip address

shutdown

!

interface GigabitEthernet0/0

description $ETH-LAN$$ETH-SW-LAUNCH$$INTF-INFO-GE 0/0$

no ip address

ip nbar protocol-discovery

ip flow ingress

ip flow egress

duplex full

speed 1000

vlan-id dot1q 999

  exit-vlan-config

!

!

interface GigabitEthernet0/0.10

description === Servers ===

encapsulation dot1Q 1

ip address 10.10.10.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

ip tcp adjust-mss 1412

!

interface GigabitEthernet0/0.60

description === Workstations ===

encapsulation dot1Q 60 native

ip address 10.10.60.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.70

description === Wireless ===

encapsulation dot1Q 70

ip address 10.10.70.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.80

description === VPN Clients ===

encapsulation dot1Q 80

ip address 10.10.80.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface GigabitEthernet0/0.90

description === VoIP ===

encapsulation dot1Q 90

ip address 10.10.90.1 255.255.255.0

ip nat inside

ip virtual-reassembly in

!

interface ISM0/0

ip unnumbered Loopback0

service-module ip address 10.1.10.1 255.255.255.0

!Application: CUE Running on ISM

service-module ip default-gateway 10.1.10.2

no keepalive

!

interface GigabitEthernet0/1

no ip address

shutdown

duplex auto

speed auto

!

interface GigabitEthernet0/2

description $ES_LAN$

ip address 64.207.43.92 255.255.255.248 secondary

ip address 64.207.43.91 255.255.255.248 secondary

ip address 64.207.43.90 255.255.255.248 secondary

ip address 66.180.111.130 255.255.255.252

no ip redirects

no ip unreachables

ip nbar protocol-discovery

ip flow ingress

ip nat outside

ip virtual-reassembly in

ip verify unicast reverse-path

duplex auto

speed auto

no cdp enable

!

interface ISM0/1

description Internal switch interface connected to Internal Service Module

no ip address

shutdown

!

interface Virtual-Template2

no ip address

!

interface Virtual-Template4 type tunnel

ip unnumbered GigabitEthernet0/2

tunnel mode ipsec ipv4

tunnel protection ipsec profile VPNclients

!

interface Vlan1

no ip address

!

ip local pool VPN 10.10.80.64 10.10.80.127

ip local pool REMOTE 10.10.70.64 10.10.70.127

ip local pool SSLVPNphone_pool 10.10.90.100 10.10.90.150

ip forward-protocol nd

!

ip http server

ip http authentication local

ip http secure-server

ip http timeout-policy idle 60 life 86400 requests 10000

ip http path flash0:

ip flow-top-talkers

top 10

sort-by bytes

!

ip nat inside source static tcp 10.10.10.200 110 interface GigabitEthernet0/2 110

ip nat inside source static tcp 10.10.10.200 80 interface GigabitEthernet0/2 80

ip nat inside source static tcp 10.10.10.200 25 interface GigabitEthernet0/2 25

ip nat inside source static tcp 10.10.10.200 443 interface GigabitEthernet0/2 443

ip nat inside source route-map SDM_RMAP_3 interface GigabitEthernet0/2 overload

ip route 0.0.0.0 0.0.0.0 66.180.111.129

ip route 10.1.10.1 255.255.255.255 ISM0/0

ip route 10.20.10.0 255.255.255.0 10.20.100.20 name UTAH_DATA

ip route 10.20.90.0 255.255.255.0 10.20.100.20 name UTAH_VOIP

!

ip access-list extended DMVPN_ROUTING

permit ip any any

ip access-list extended MY-VPN

permit ip 10.10.0.0 0.0.255.255 192.168.0.0 0.0.255.255

ip access-list extended S2S_ROUTING

permit ip any any

!

access-list 23 permit 10.10.10.0 0.0.0.7

access-list 69 permit any

access-list 100 remark CCP_ACL Category=4

access-list 100 permit ip 10.0.0.0 0.255.255.255 any

access-list 101 deny   ip 77.0.0.0 0.0.0.255 any

access-list 101 deny   ip 123.0.0.0 0.0.0.255 any

access-list 101 deny   ip 213.0.0.0 0.0.0.255 any

access-list 101 deny   ip 87.0.0.0 0.0.0.255 any

access-list 101 deny   ip 218.0.0.0 0.0.0.255 any

access-list 101 deny   ip 84.0.0.0 0.0.0.255 any

access-list 101 deny   ip 95.0.0.0 0.0.0.255 any

access-list 101 permit tcp any any established

access-list 101 permit icmp any host 64.207.43.90

access-list 101 permit tcp any host 64.207.43.90 eq 443

access-list 101 permit tcp any host 64.207.43.90 eq pop3

access-list 101 permit tcp any host 64.207.43.90 eq www

access-list 101 permit tcp any host 64.207.43.90 eq smtp

access-list 101 permit udp any host 64.207.43.90 eq non500-isakmp

access-list 101 permit udp any host 64.207.43.90 eq isakmp

access-list 101 permit esp any host 64.207.43.90

access-list 101 permit ahp any host 64.207.43.90

access-list 101 permit udp host 66.180.96.12 eq domain any

access-list 101 permit udp host 64.238.96.12 eq domain any

access-list 101 deny   ip any any log

access-list 103 permit ip 10.10.90.0 0.0.0.255 any

access-list 103 remark SDM_ACL Category=2

access-list 103 deny   ip any 10.10.30.128 0.0.0.127

access-list 103 deny   ip 10.10.20.0 0.0.0.255 10.10.30.128 0.0.0.127

access-list 103 deny   ip 10.10.10.0 0.0.0.255 10.10.30.128 0.0.0.127

access-list 103 deny   ip any 10.10.80.0 0.0.0.255

access-list 103 permit ip 10.10.10.0 0.0.0.255 any

access-list 103 deny   ip any 10.10.10.0 0.0.0.255

access-list 103 permit ip 10.10.70.0 0.0.0.255 any

access-list 103 deny   ip any 10.10.60.0 0.0.0.255

access-list 107 permit ip 10.10.10.0 0.0.0.255 any

access-list 107 permit ip 10.10.20.0 0.0.0.255 any

access-list 107 permit ip 10.10.30.0 0.0.0.255 any

access-list 107 permit ip 10.10.80.0 0.0.0.255 any

access-list 107 permit ip 10.10.90.0 0.0.0.255 any

access-list 107 permit ip 10.10.60.0 0.0.0.255 any

access-list 112 deny   ip 10.10.0.0 0.0.255.255 192.168.0.0 0.0.255.255

access-list 112 permit ip 10.10.0.0 0.0.255.255 any

!

!

!

!

route-map SDM-RMAP_2 permit 10

!

route-map S2S_ROUTE permit 5

match ip address S2S_ROUTING

set ip next-hop 64.207.43.92

!

route-map 107 permit 1

match ip address 107

!

route-map DMVPN_ROUTE permit 10

match ip address DMVPN_ROUTING

set ip next-hop 64.207.43.92

!

route-map SDM_RMAP_1 permit 1

match ip address 103

!

route-map SDM_RMAP_2 permit 1

match ip address 104

!

route-map SDM_RMAP_3 permit 1

match ip address 103

!

route-map MY-VPN permit 15

match ip address MY-VPN

set ip next-hop 64.207.43.92

!

route-map nonat permit 15

match ip address 112

!

!

snmp-server community BUCKeyes RO

snmp-server community Ge7C&hw RO

snmp-server ifindex persist

snmp-server enable traps snmp authentication linkdown linkup coldstart warmstart

snmp-server enable traps envmon fan shutdown supply temperature

snmp-server enable traps config

snmp-server enable traps syslog

snmp-server host 10.10.10.202 version 2c BUCKeyes

snmp-server host 10.10.10.204 version 2c BUCKeyes

tftp-server flash:DistinctiveRingList.xml

tftp-server flash:RingList.xml

tftp-server flash:Vibe.raw

tftp-server flash:Classic2.raw

tftp-server flash:ClockShop.raw

tftp-server flash:Drums1.raw

tftp-server flash:Drums2.raw

tftp-server flash:FilmScore.raw

tftp-server flash:HarpSynth.raw

tftp-server flash:Jamaica.raw

tftp-server flash:KotoEffect.raw

tftp-server flash:MusicBox.raw

tftp-server flash:Piano1.raw

tftp-server flash:Piano2.raw

tftp-server flash:Pop.raw

tftp-server flash:Pulse1.raw

tftp-server flash:Ring1.raw

tftp-server flash:Ring2.raw

tftp-server flash:Ring3.raw

tftp-server flash:Ring4.raw

tftp-server flash:Ring5.raw

tftp-server flash:Ring6.raw

tftp-server flash:Ring7.raw

tftp-server flash:Sax1.raw

tftp-server flash:Sax2.raw

tftp-server flash:Analog1.raw

tftp-server flash:Analog2.raw

tftp-server flash:AreYouThere.raw

tftp-server flash:AreYouThereF.raw

tftp-server flash:Bass.raw

tftp-server flash:CallBack.raw

tftp-server flash:Chime.raw

tftp-server flash:Classic1.raw

tftp-server flash:/Phones/7940-7960/v6.0.4/P00306000400.bin alias P00306000400.bin

tftp-server flash:/Phones/7940-7960/v6.0.4/P00306000400.sb2 alias P00306000400.sb2

tftp-server flash:/Phones/7940-7960/v6.0.4/P00306000400.sbn alias P00306000400.sbn

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.bin alias P00308010100.bin

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.loads alias P00308010100.loads

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.sb2 alias P00308010100.sb2

tftp-server flash:/Phones/7940-7960/v8.1.1/P00308010100.sbn alias P00308010100.sbn

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.bin alias P00308010200.bin

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.loads alias P00308010200.loads

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.sb2 alias P00308010200.sb2

tftp-server flash:/Phones/7940-7960/v8.1.2/P00308010200.sbn alias P00308010200.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/apps42.8-5-2TH1-9.sbn alias apps42.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/cnu42.8-5-2TH1-9.sbn alias cnu42.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/cvm42sccp.8-5-2TH1-9.sbn alias cvm42sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/dsp42.8-5-2TH1-9.sbn alias dsp42.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/jar42sccp.8-5-2TH1-9.sbn alias jar42sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7942-7962/v8.5.2/SCCP42.8-5-2S.loads alias SCCP42.8-5-2S.loads

tftp-server flash:Phones/7975/v8.5.2/apps75.8-5-2TH1-9.sbn alias apps75.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/cnu75.8-5-2TH1-9.sbn alias cnu75.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/cvm75sccp.8-5-2TH1-9.sbn alias cvm75sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/dsp75.8-5-2TH1-9.sbn alias dsp75.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/jar75sccp.8-5-2TH1-9.sbn alias jar75sccp.8-5-2TH1-9.sbn

tftp-server flash:Phones/7975/v8.5.2/SCCP75.8-5-2S.loads alias SCCP75.8-5-2S.loads

tftp-server flash:Phones/7975/v8.5.2SR1/apps75.8-5-2CA1-6.sbn alias apps75.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/cnu75.8-5-2CA1-6.sbn alias cnu75.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/cvm75sccp.8-5-2CA1-6.sbn alias cvm75sccp.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/dsp75.8-5-2CA1-6.sbn alias dsp75.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/jar75sccp.8-5-2CA1-6.sbn alias jar75sccp.8-5-2CA1-6.sbn

tftp-server flash:Phones/7975/v8.5.2SR1/SCCP75.8-5-2SR1S.loads alias SCCP75.8-5-2SR1S.loads

tftp-server flash:Phones/7975/v8.5.3/apps75.8-5-3TH1-6.sbn alias apps75.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/cnu75.8-5-3TH1-6.sbn alias cnu75.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/cvm75sccp.8-5-3TH1-6.sbn alias cvm75sccp.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/dsp75.8-5-3TH1-6.sbn alias dsp75.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/jar75sccp.8-5-3TH1-6.sbn alias jar75sccp.8-5-3TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.3/SCCP75.8-5-3S.loads alias SCCP75.8-5-3S.loads

tftp-server flash:Phones/7975/v8.5.3SR1/apps75.8-5-3ES4.sbn alias apps75.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/cnu75.8-5-3ES4.sbn alias cnu75.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/cvm75sccp.8-5-3ES4.sbn alias cvm75sccp.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/dsp75.8-5-3ES4.sbn alias dsp75.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/jar75sccp.8-5-3ES4.sbn alias jar75sccp.8-5-3ES4.sbn

tftp-server flash:Phones/7975/v8.5.3SR1/SCCP75.8-5-3SR1S.loads alias SCCP75.8-5-3SR1S.loads

tftp-server flash:Phones/7975/v8.5.4/apps75.8-5-4TH1-6.sbn alias apps75.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/cnu75.8-5-4TH1-6.sbn alias cnu75.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/cvm75sccp.8-5-4TH1-6.sbn alias cvm75sccp.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/dsp75.8-5-4TH1-6.sbn alias dsp75.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/jar75sccp.8-5-4TH1-6.sbn alias jar75sccp.8-5-4TH1-6.sbn

tftp-server flash:Phones/7975/v8.5.4/SCCP75.8-5-4S.loads alias SCCP75.8-5-4S.loads

tftp-server flash:Phones/7975/v9.0.2SR1/apps75.9-0-2ES2.sbn alias apps75.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/cnu75.9-0-2ES2.sbn alias cnu75.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/cvm75sccp.9-0-2ES2.sbn alias cvm75sccp.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/dsp75.9-0-2ES2.sbn alias dsp75.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/jar75sccp.9-0-2ES2.sbn alias jar75sccp.9-0-2ES2.sbn

tftp-server flash:Phones/7975/v9.0.2SR1/SCCP75.9-0-2SR1S.loads alias SCCP75.9-0-2SR1S.loads

tftp-server flash:Phones/7975/v9.0.2SR2/apps75.9-0-2ES3.sbn alias apps75.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/cnu75.9-0-2ES3.sbn alias cnu75.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/cvm75sccp.9-0-2ES3.sbn alias cvm75sccp.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/dsp75.9-0-2ES3.sbn alias dsp75.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/jar75sccp.9-0-2ES3.sbn alias jar75sccp.9-0-2ES3.sbn

tftp-server flash:Phones/7975/v9.0.2SR2/SCCP75.9-0-2SR2S.loads alias SCCP75.9-0-2SR2S.loads

tftp-server flash:Phones/7975/v9.0.3/apps75.9-0-3TH1-22.sbn alias apps75.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/cnu75.9-0-3TH1-22.sbn alias cnu75.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/cvm75sccp.9-0-3TH1-22.sbn alias cvm75sccp.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/dsp75.9-0-3TH1-22.sbn alias dsp75.9-0-3TH1-22.sbn

tftp-server flash:Phones/7975/v9.0.3/SCCP75.9-0-3S.loads alias SCCP75.9-0-3S.loads

tftp-server flash:Phones/7975/v9.1.1SR1/jar75sccp.9-1-1TH1-16.sbn alias jar75sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/apps75.9-1-1TH1-16.sbn alias apps75.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/cnu75.9-1-1TH1-16.sbn alias cnu75.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/cvm75sccp.9-1-1TH1-16.sbn alias cvm75sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/dsp75.9-1-1TH1-16.sbn alias dsp75.9-1-1TH1-16.sbn

tftp-server flash:Phones/7975/v9.1.1SR1/SCCP75.9-1-1SR1S.loads alias SCCP75.9-1-1SR1S.loads

tftp-server flash:Phones/7942-7962/v8.5.2/term62.default.loads alias term62.default.loads

tftp-server flash:Phones/7936/v3.3.21/cmterm-7936-sccp.3-3-21.cop.sgn alias cmterm-7936-sccp.3-3-21.cop.sgn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/SCCP42.9-1-1SR1S.loads alias SCCP42.9-1-1SR1S.loads

tftp-server flash:Phones/7942-7962/v9.1.1SR1/apps42.9-1-1TH1-16.sbn alias apps42.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/cnu42.9-1-1TH1-16.sbn alias cnu42.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/cvm42sccp.9-1-1TH1-16.sbn alias cvm42sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/dsp42.9-1-1TH1-16.sbn alias dsp42.9-1-1TH1-16.sbn

tftp-server flash:Phones/7942-7962/v9.1.1SR1/jar42sccp.9-1-1TH1-16.sbn alias jar42sccp.9-1-1TH1-16.sbn

tftp-server flash:Phones/7940-7960/v8.1.1/cmterm-7940-7960-sccp.8-1-1.cop.sgn alias cmterm-7940-7960-sccp.8-1-1.cop.sgn

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.loads alias P00307020400.loads

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.sbn alias P00307020400.sbn

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.sb2 alias P00307020400.sb2

tftp-server flash:Phones/7940-7960/v7.2.4/P00307020400.bin alias P00307020400.bin

tftp-server flash:Phones/7915-12/v1.0.4/cmterm-7915.1-0-4.cop.sgn alias cmterm-7915.1-0-4.cop.sgn

tftp-server flash:Phones/7942-7962/v8.5.2/term62.default.loads alias term62.default

tftp-server flash:Phones/7975/v9.0.2SR1/term75.default.loads alias term75.default

tftp-server flash:Phones/7975/v9.0.2SR1/term75.default.loads alias term75.default.loads

!

!

!

control-plane

!

!

voice-port 0/0/0

!

voice-port 0/0/1

!

ccm-manager mgcp

!

!

mgcp profile default

!

sccp local GigabitEthernet0/0.90

sccp ccm 10.10.90.1 identifier 1 version 7.0

sccp

!

sccp ccm group 123

bind interface GigabitEthernet0/0.90

associate ccm 1 priority 1

associate profile 1 register confprof1

keepalive retries 5

!

dspfarm profile 1 conference

codec g711ulaw

maximum sessions 7

conference-leave custom-cptone leavetone

associate application SCCP

!

dial-peer cor custom

name internal

name local

name domestic

name international

name 900

name 719

!

!

dial-peer cor list call-internal

member internal

!

dial-peer cor list call-local

member local

!

dial-peer cor list call-domestic

member domestic

!

dial-peer cor list call-international

member international

!

dial-peer cor list call-900

member 900

!

dial-peer cor list user-internal

member internal

!

dial-peer cor list user-local

member internal

member local

!

dial-peer cor list user-domestic

member internal

member local

member domestic

!

dial-peer cor list user-international

member internal

member local

member domestic

member international

!

dial-peer cor list user900-internal

member internal

member 900

member 719

!

dial-peer cor list user900-local

member internal

member local

member 900

member 719

!

dial-peer cor list user900-domestic

member internal

member local

member domestic

member 900

member 719

!

dial-peer cor list user900-international

member internal

member local

member domestic

member international

member 900

member 719

!

dial-peer cor list call-719

member 719

!

!

dial-peer voice 100 voip

description ** Incoming call from SIP trunk **

translation-profile incoming CUE_Incoming

session protocol sipv2

session target sip-server

incoming called-number .T

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 101 voip

corlist outgoing call-local

description ** Outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9[2-9]......

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 102 voip

corlist outgoing call-domestic

description ** Outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9[0-1][2-9]..[2-9]......

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 103 voip

corlist outgoing call-local

description ** 911 outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 911

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 104 voip

corlist outgoing call-local

description ** emergency outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9911

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 105 voip

corlist outgoing call-local

description ** 911/411 outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9[2-9]11

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 106 voip

corlist outgoing call-international

description ** International outgoinging call to SIP trunk **

translation-profile outgoing OUTBOUND_e164

destination-pattern 9011T

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 107 voip

corlist outgoing call-local

description ** star code to SIP trunk **

destination-pattern *..

session protocol sipv2

session target sip-server

voice-class codec 1

voice-class sip dtmf-relay force rtp-nte

dtmf-relay rtp-nte

ip qos dscp cs5 media

ip qos dscp cs4 signaling

no vad

!

dial-peer voice 25 voip

description ** cue voicemail pilot number **

destination-pattern 5000

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

voice-class sip outbound-proxy ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 26 voip

description ** cue auto attendant number **

translation-profile outgoing PSTN_CallForwarding

destination-pattern 5001

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

voice-class sip outbound-proxy ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 27 voip

description ** cue prompt management **

translation-profile outgoing PSTN_CallForwarding

destination-pattern 5002

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

dial-peer voice 28 voip

description ** cue direct transfer to voicemail script **

translation-profile outgoing PSTN_CallForwarding

destination-pattern 5003

b2bua

session protocol sipv2

session target ipv4:10.1.10.1

dtmf-relay sip-notify

codec g711ulaw

no vad

!

!

presence

presence call-list

!

sip-ua

credentials username 7195340313 password 7 02363C0F393637757E realm jencotech.com

authentication username 7195340313 password 7 12293D43203B345018

no remote-party-id

retry invite 2

retry register 10

timers connect 100

registrar dns:sipconnect.den0.cbeyond.net expires 3600

sip-server dns:sipconnect.den0.cbeyond.net

host-registrar

presence enable

!

!

!

gatekeeper

shutdown

!

!

credentials

ctl-service admin jadmin secret 1 062C2F25410F07

ip source-address 10.10.90.1 port 2445

trustpoint cme_root

!

!

telephony-service

sdspfarm conference mute-on 111 mute-off 222

sdspfarm units 3

sdspfarm transcode sessions 8

sdspfarm tag 1 confprof1

conference hardware

video

  maximum bit-rate 384

authentication credential admin admin

max-ephones 58

max-dn 300

ip source-address 10.10.90.1 port 2000 secondary 66.180.111.130

max-redirect 20

system message Jenco

url services

http://10.1.10.1/voiceview/common/login.do

url authentication http://10.1.10.1/voiceview/authentication/authenticate.do

cnf-file location flash:

cnf-file perphone

user-locale US load CME-locale-en_US-English-8.6.2.4.tar

load 7915-12 cmterm-7915.1-0-4

load 7912 cmterm-7912-8.0.1-sccp

load 7936 cmterm-7936-sccp.3-3-21

load 7960-7940 cmterm-7940-7960-sccp.8-1-1

load 7962 SCCP42.9-1-1SR1S

load 7975 SCCP75.9-0-2SR1S

time-zone 6

voicemail 5000

max-conferences 8 gain -6

call-park system application

moh music-on-hold.au

multicast moh 239.10.10.10 port 2000 route 10.10.90.1

web admin system name jadmin secret 5 $1$Z9gz$fUHQDSr.22O2zmBF5QrOV.

dn-webedit

time-webedit

transfer-system full-consult

transfer-pattern .T

transfer-pattern 9.T

transfer-pattern 5...

secondary-dialtone 9

fac standard

create cnf-files version-stamp Jan 01 2002 00:00:00

!

!

ephone-dn-template  1

hold-alert 15 originator

!

!

ephone-template  1

softkeys idle  Newcall Redial Cfwdall Pickup Gpickup Dnd

softkeys connected  Hold Trnsfer TrnsfVM Park Confrn Endcall

!

!

ephone-template  2

!

!

ephone-template  3

conference drop-mode local

conference admin

softkeys hold  Join Newcall Resume

softkeys idle  Cfwdall Newcall Redial Pickup Dnd

softkeys seized  Cfwdall Redial Pickup Endcall

softkeys connected  Hold Trnsfer TrnsfVM Park Confrn Endcall RmLstC

!

!

ephone-dn  1  dual-line

number 710 secondary 7193140552 no-reg primary

pickup-group 1

label Kent

name Kent Carlson

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  2  dual-line

number 720 secondary 7195340313 no-reg primary

label Dan

name Dan McOmber

allow watch

call-forward all 752

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  3  dual-line

number 751 secondary 7194655811 no-reg primary

label Jim

name Jim Carney

allow watch

call-forward all 720

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  4  dual-line

number 752 secondary 7194655812 no-reg primary

label Louise

name Louise Erasmus

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  5  dual-line

number 753 secondary 7194655813 no-reg primary

label Spare Desk

name Spare Desk

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 10

ephone-dn-template 1

!

!

ephone-dn  9  dual-line

number 770 secondary 8015761064 no-reg primary

label Stew

name Stew Robbins

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  10

number 771 no-reg primary

label Winston

name Winston Robbins

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  11  dual-line

number 790 no-reg primary

label Britt

name Britt McGinn

allow watch

call-forward all 916267168078

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  12  octo-line

number 760

label Conference

name CONFERENCE PHONE

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  13

number 780

label Utah Lobby

name UTAH LOBBY

allow watch

call-forward busy 5000

call-forward noan 5000 timeout 20

ephone-dn-template 1

!

!

ephone-dn  98

number 5098... no-reg primary

mwi off

!

!

ephone-dn  99

number 5099... no-reg primary

mwi on

!

!

ephone-dn  100  octo-line

number 888

label Spare Line

description OCTOLINE

!

!

ephone-dn  201  octo-line

number 2001 no-reg primary

description AD-HOC Conference Extension #1

conference ad-hoc

!

!

ephone-dn  202  octo-line

number 2002 no-reg primary

description AD-HOC Conference Extension #2

conference ad-hoc

!

!

ephone-dn  203  octo-line

number 2003 no-reg primary

description AD-HOC Conference Extension #3

conference ad-hoc

!

!

ephone-dn  204  octo-line

number 2004 no-reg primary

description AD-HOC Conference Extension #4

conference ad-hoc

!

!

ephone-dn  205  octo-line

number 2005 no-reg primary

description AD-HOC Conference Extension #5

conference ad-hoc

!

!

ephone-dn  206  octo-line

number 2006 no-reg primary

description AD-HOC Conference Extension #6

conference ad-hoc

!

!

ephone-dn  207  octo-line

number 2007 no-reg primary

description AD-HOC Conference Extension #7

conference ad-hoc

!

!

ephone-dn  208  octo-line

number 2008 no-reg primary

description AD-HOC Conference Extension #8

conference ad-hoc

!

!

ephone-dn  250

number 7194655810 no-reg primary

description VM Pilot DID

!

!

ephone-dn  251

number 7194711200

description AA Pilot DID

!

!

ephone-dn  299

number 7001

park-slot timeout 15 limit 4 recall

label Park 1

description park-slot for Jenco

!

!

ephone-dn  300

number 7000

park-slot timeout 15 limit 4 recall

label Park 2

description park-slot for Jenco

!

!

ephone  1

device-security-mode none

headset auto-answer line 1

video

mac-address E804.62EB.1A24

ephone-template 3

presence call-list

speed-dial 1 93609503 label "Jen Cell"

speed-dial 2 751 label "Jim"

paging-dn 90

type 7975

button  1:1 2:299 3:300

!

!

!

ephone  2

device-security-mode none

headset auto-answer line 1

video

mac-address 108C.CF75.CD2B

ephone-template 3

presence call-list

paging-dn 90

type 7975

button  1:2

!

!

!

ephone  3

device-security-mode none

headset auto-answer line 1

video

mac-address ACA0.166F.5C81

ephone-template 3

presence call-list

paging-dn 90

type 7962

button  1:3

!

!

!

ephone  4

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.4593.3A77

ephone-template 3

presence call-list

paging-dn 90

type 7962 addon 1 7915-12

button  1:4 7w1 8w2 9w3

button  10w5 11w9 12w10 13w11

button  15w13

!

!

!

ephone  5

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.8417.1433

ephone-template 3

username "sparedesk" password sparedesk

presence call-list

paging-dn 90

type 7962

vpn-group 1

vpn-profile 1

button  1:5

!

!

!

ephone  9

device-security-mode none

headset auto-answer line 1

video

mac-address 108C.CF75.D216

ephone-template 3

presence call-list

paging-dn 90

type 7975

button  1:9

!

!

!

ephone  10

device-security-mode none

video

mac-address 0015.F9C7.426D

ephone-template 3

presence call-list

paging-dn 90

type 7940

button  1:10

!

!

!

ephone  11

device-security-mode none

headset auto-answer line 1

video

mac-address 0018.1843.915B

ephone-template 3

presence call-list

paging-dn 90

type 7940

button  1:11

!

!

!

ephone  12

device-security-mode none

headset auto-answer line 1

mac-address 00E0.75F3.BE2A

ephone-template 3

paging-dn 90

type 7936

keep-conference endcall

button  1:12

!

!

!

ephone  13

device-security-mode none

mac-address 0016.9DC2.FA42

ephone-template 3

paging-dn 90

type 7912

button  1:13

!

!

!

ephone  50

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.4593.3A6C

ephone-template 1

presence call-list

paging-dn 90

type 7962

button  1:1 2:299 3:300

!

!

!

ephone  51

device-security-mode none

headset auto-answer line 1

video

mac-address 0025.4593.3AB1

ephone-template 1

presence call-list

paging-dn 90

type 7962

vpn-group 1

vpn-profile 1

button  1:2

!

!

!

ephone  52

device-security-mode none

headset auto-answer line 1

video

mac-address 0017.957B.CDE8

ephone-template 1

presence call-list

paging-dn 90

type 7940

button  1:3

!

!

!

ephone  299

device-security-mode none

!

!

!

!

line con 0

exec-timeout 0 0

line aux 0

line 2

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line 131

no activation-character

no exec

transport preferred none

transport input all

transport output pad telnet rlogin lapb-ta mop udptn v120 ssh

stopbits 1

line vty 0 4

transport input ssh

line vty 5 15

transport input ssh

!

scheduler allocate 20000 1000

!

webvpn gateway sslvpn_gw

ip interface Loopback30 port 443

ssl encryption 3des-sha1 aes-sha1

ssl trustpoint cme_cert

logging enable

inservice

!

webvpn gateway GW1

ssl trustpoint TP-SELF-SIGNED

no inservice

!

webvpn install svc flash0:/webvpn/anyconnect-dart-win-2.5.3055-k9.pkg sequence 1

!

webvpn context sslvpn_context

ssl encryption 3des-sha1 aes-sha1

ssl authenticate verify all

!

!

policy group SSLVPNphone

   functions svc-enabled

   hide-url-bar

   svc address-pool "SSLVPNphone_pool"

   svc default-domain "jencotech.com"

default-group-policy SSLVPNphone

aaa authentication list ciscocp_vpn_xauth_ml_1

gateway sslvpn_gw domain SSLVPNphone

inservice

!

end