06-16-2020 08:38 AM
Hi I would like to allow Webex cloud to dial into our on-prem endpoints but block calls from other external sources. I know I could do that by IP address on the firewall but is there a way within Expressway (12.7) that's a bit easier to maintain? E.g. is it possible to create and identify calls coming from Webex cloud as a zone?
06-16-2020 12:07 PM
06-16-2020 12:59 PM
06-17-2020 08:30 AM
In you B2B Expressway system you can define a CPL that allows calls in if they come from the appropriate domain.
Example of a CPL that you could use.
<?xml version="1.0" encoding="UTF-8"?> <cpl xmlns="urn:ietf:params:xml:ns:cpl" xmlns:taa="http://www.tandberg.net/cpl-extensions" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="urn:ietf:params:xml:ns:cpl cpl.xsd"> <taa:routed> <address-switch field="destination"> <address regex="(.*)<your domain>.com"> <address-switch field="unauthenticated-origin" subfield="host"> <address subdomain-of="webex.com"> <!-- Route the call --> <proxy/> </address> <address subdomain-of="cisco.com"> <!-- Route the call --> <proxy/> </address> <address subdomain-of="ciscotac.net"> <!-- Route the call --> <proxy/> </address> <address subdomain-of="ciscospark.com"> <!-- Route the call --> <proxy/> </address> <otherwise> <!-- Reject Calls from All Other Sources --> <reject status="403" reason="Denied by Policy"/> </otherwise> </address-switch> </address> </address-switch> </taa:routed> </cpl>
06-17-2020 04:13 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide