10-25-2013 07:56 AM - edited 03-18-2019 02:02 AM
Hi All
We have faced the below problem in our VCS X7.2 enironment.
Since the search history on VCS Expressway display the iwf@VCS_IP_Address.Can anybody tell me why below search history entry created.our setup is VCSc & VCSe and two hundred endpoint.
Regards
Soundar
10-25-2013 09:24 AM
Hi Soundar,
this could be possible that there might be an interworking happening on the calls and that's the reason it is swhowing iwf@vcs ip-address.
however you haven't define what's your scenarion when do you see this error ?
rgds,
Alok
10-25-2013 09:45 AM
I've seen this once, someone called in our video network and it came up in the search as @vcs-ip-address instead of @domain. This was because the device doing the calling only supported IP dialing, they were dialing in the method of alias@vcs-ip-address. To get around this, I put in a transform into our VCS that will transform the @vcs-ip-address and stip the IP off of the called address, alternativly you could replace vcs-ip-address with a domain.
Option #1: Remove IP from IP URI
Pattern Type: Suffix
Pattern String: @%ip%
Pattern behavior: Strip
-OR-
Option #2: Remove IP from IP URI and replace with domain
Pattern Type: Regex
Pattern String: @%ip%
Pattern behavior: Replace
Replace string: \1@domain
Note: %ip% will match any IP address assigned to the VCS.
Patrick
10-26-2013 02:21 AM
Hi Patrick
Can you please tell me where i need to put this tranform VCSe or VCSc.
At present below transforms we applied on VCSe
Priority | State | Description | Pattern | Type | Behavior | Replace | Actions | |
---|---|---|---|---|---|---|---|---|
1 | Enabled | Remove Domains | (.*)@%localdomains%.* | Regex | Replace | \1 | View/Edit | |
3 | Enabled | Strip IP of VCS-E | (.+)@203.145.X.X.* | Regex | Replace | \1 | View/Edit |
10-26-2013 03:58 PM
There are two options, you could put the transform on just the VCS that you are seeing the alias@vcs-ip-address issue on, or you could put it on both VCSs (C and E).
10-26-2013 02:16 AM
Hi Alok
I am getting below error on everyday on my VCS Expressway.During this time we checked VCSc and no calls from internal to external
2013-10-26 12:45:06 | H323 (LRQ) | 100@1.1.1.1 | 100@tec | Found | View |
2013-10-26 12:45:06 | SIP (OPTIONS) | 100@1.1.1.1 | sip:100@ | Found | View |
2013-10-26 12:09:02 | SIP (OPTIONS) | iwf@10.10.142.130 | sip:6@tech | Loop Detected | View |
2013-10-26 12:09:02 | H323 (LRQ) | iwf@10.10.142.130 | 6@tech | Resource unavailable - Loop detected | View |
2013-10-26 12:09:02 | SIP (OPTIONS) | iwf@10.10.142.130 | sip:6@t | Unsupported URI Scheme | View |
2013-10-26 12:09:00 | SIP (OPTIONS) | iwf@10.10.142.130 | sip:6@te | Unsupported URI Scheme | View |
2013-10-26 12:08:59 | H323 (LRQ) | 02024453734 | 6@tec | Resource unavailable - Loop detected | View |
2013-10-26 12:08:59 | H323 (LRQ) | 02024453734 | 6@te | Incomplete address - Invalid alias for SIP interworking | View |
2013-10-26 08:52:07 | SIP (OPTIONS) | iwf@10.10.142.130 | sip:100@tec | Unsupported URI Scheme | View |
2013-10-26 08:52:04 | H323 (LRQ) | 100@1.1.1.1 | 100@te | Resource unavailable - Loop detected | View |
10-26-2013 04:52 AM
Hi,
do you recognize 10.10.142.130 address ?
you need to harden your security as some bad guys try to come in with typical 100@1.1.1.1 address. how? TAC
iwf@ip-address is interworked call
regards,
Ahmad
10-27-2013 05:08 PM
Hi Ahmad
It's our VCSc IP address.
Regards
Soundar
10-27-2013 08:36 PM
The transforms used to not look good as you strip away the local domains, which causes
such kind of trouble.
The basic vcs-e / c deployment guide is a good example on how to build your search rules.
In addition also check that your registrations are proper, h323 and sip shall use both
the full uri with the domain as its registration address.
Please remember to rate helpful responses and identify helpful or correct answers.
Please remember to rate helpful responses and identify
10-28-2013 06:38 AM
HI Martin
Thanks for your suggestion. We will check the transforms rules and we got a another alternative solution from your old post (https://supportforums.cisco.com/message/3401571#3401571) We enable the CPL on VCSe and now hackers get the forbidden msg.
2013-10-28 16:39:14 | SIP (OPTIONS) | 100@1.1.1.1 | sip:100@203.X.X.X | Forbidden | View |
2013-10-28 15:25:36 | SIP (OPTIONS) | 100@1.1.1.1 | sip:100@203.X.X.X | Forbidden | View |
2013-10-28 13:28:11 | SIP (OPTIONS) | 100@1.1.1.1 | sip:100@203.X.X.X | Forbidden | View |
Thanks & Regards
Soundar
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide