|
0:00:11
|
So we're back and let's take a look at task 15.6
|
|
0:00:15
|
Skinny CUCME server set up
|
|
0:00:18
|
we're told to provision the branch 2 router 3
|
|
0:00:20
|
as a Skinny CME server with the following stipulations
|
|
0:00:24
|
do not allow phones to auto-register
|
|
0:00:26
|
allow on maximum of two Skinny phones
|
|
0:00:29
|
and ensure they upgrade as needed
|
|
0:00:32
|
allow on maximum of 20 DNs not 10 like in SIP
|
|
0:00:37
|
provision the Skinny server IP is the same as the
|
|
0:00:39
|
loop back. Ensure that it's the only IP address that
|
|
0:00:42
|
phones are allowed to register with
|
|
0:00:46
|
Bulge should really say something there.
|
|
0:00:49
|
Ensure that the messages at the bottom
|
|
0:00:51
|
of the phones is the same
|
|
0:00:53
|
as they're already provisioned on the
|
|
0:00:55
|
SIP CME and I can tell you from looking at the SIP CME
|
|
0:00:57
|
it looks just like a regular
|
|
0:01:01
|
phone registered to call manager where it says
|
|
0:01:03
|
Your current options. Capital Y, Your
|
|
0:01:06
|
and then space current space options
|
|
0:01:11
|
Ensure TFTP configuration
|
|
0:01:13
|
files are generated for every
|
|
0:01:14
|
phone not just every phone type
|
|
0:01:17
|
Ensure that phones display their
|
|
0:01:19
|
time and the same as basically the same
|
|
0:01:21
|
phones, 24 hours same time zone
|
|
0:01:24
|
day, month, year. And ensure that admins
|
|
0:01:26
|
can log on to the web user interface
|
|
0:01:28
|
and change things like DNs and time options
|
|
0:01:34
|
So let's skip back over to the router
|
|
0:01:37
|
or we cleared out the interface and we're gonna begin
|
|
0:01:41
|
with the configuration
|
|
0:01:43
|
for CME traditional
|
|
0:01:48
|
or what still CME for Skinny phones
|
|
0:01:51
|
and that is telephony service
|
|
0:01:53
|
And actually we're gonna go ahead and undebug
|
|
0:01:57
|
all here so we don't have to sit here and continued to be interrupted by our
|
|
0:02:02
|
TFTP authentication request
|
|
0:02:05
|
We'll look at those in a minute when we get our phone set up for CME
|
|
0:02:09
|
for Skinny rather. So the first thing
|
|
0:02:12
|
we were told was not to allow auto-registration
|
|
0:02:16
|
So, no, let's actually do show run
|
|
0:02:21
|
pipe 2 section telephony
|
|
0:02:24
|
because it's already configure some default for us, max
|
|
0:02:27
|
conference, transfer system full consult
|
|
0:02:29
|
and create CNF files, that's nice.
|
|
0:02:34
|
So let's say No, auto
|
|
0:02:39
|
now there's a no auto
|
|
0:02:41
|
question so that's auto-assign
|
|
0:02:44
|
Alright. But it's basically telling us
|
|
0:02:49
|
that we had to have something configured because
|
|
0:02:51
|
it goes through and we have that index number
|
|
0:02:54
|
It would be be waited to turn off something we already had configured
|
|
0:02:58
|
But for auto-registration
|
|
0:03:01
|
if I just had auto-reg ePhone
|
|
0:03:06
|
and I do show run pipe 2 section telephony
|
|
0:03:09
|
I don't see it. That means that it is the default that is on.
|
|
0:03:14
|
So I actually need to say, No auto-reg ePhone
|
|
0:03:17
|
for it to not only show up but to turn off phone auto-registration
|
|
0:03:23
|
We're told a maximum of two IP phones and ensure they upgrade
|
|
0:03:27
|
and 20 DNs, sorry for the scroll again. My mouse
|
|
0:03:32
|
is a Apple magic mouse which doesn't really have a button
|
|
0:03:35
|
just the surface
|
|
0:03:38
|
So it's really hard to keep it from scrolling in this router
|
|
0:03:42
|
Nowhere else though, I'm not sure why. So max
|
|
0:03:45
|
just like over in SIP
|
|
0:03:48
|
global, voice registered globe we've got max but instead of
|
|
0:03:52
|
pool, it's max ePhones
|
|
0:03:55
|
so max ePhones is gonna be two
|
|
0:03:59
|
and max DN is gonna be 20
|
|
0:04:03
|
and with max DN we can also say
|
|
0:04:06
|
tell the E164 numbers not to register
|
|
0:04:10
|
but globally for all the directory numbers
|
|
0:04:13
|
or we can also set preferences.
|
|
0:04:16
|
Why whould we set preference? What's that?
|
|
0:04:18
|
Preference for dial peers, Oh wait a minute, these are creating dial peers, aren't they?
|
|
0:04:24
|
DNs create the dial peers
|
|
0:04:27
|
and preference
|
|
0:04:28
|
is dealing with hunting. We'll deal with that in another lab
|
|
0:04:31
|
so we'll take a look at that later in another deep dive.
|
|
0:04:36
|
Believe it's a 20, or not 20. I believe it's a
|
|
0:04:42
|
18 for, it might actually be 17 for call coverage
|
|
0:04:47
|
and hunting, I believe it's 17. Anyhow,
|
|
0:04:51
|
Max DN number of DNs is 20
|
|
0:04:55
|
We're also told to make sure
|
|
0:04:58
|
that they can upgrade as need so they can load file
|
|
0:05:01
|
for the 7961
|
|
0:05:03
|
and there's a 7961 GE but we don't have
|
|
0:05:06
|
those. We just have the 7961s
|
|
0:05:10
|
And the file name so we again need to do do show flash
|
|
0:05:14
|
pipe 2 include 7961
|
|
0:05:18
|
bring up that load command again
|
|
0:05:20
|
we need Skinny files so if this Skinny
|
|
0:05:24
|
everything except for
|
|
0:05:26
|
the dot loads file. Again, file name without extension
|
|
0:05:32
|
As soon as we do that
|
|
0:05:34
|
it tells us that it's updating the CNF files
|
|
0:05:36
|
the configuration files, that's really nice.
|
|
0:05:39
|
Skinny is gonna be really nice about that, SIP
|
|
0:05:41
|
every time you make a change, we're going to need
|
|
0:05:45
|
to copy and paste what we have in our
|
|
0:05:48
|
notepad or text at here's what I have
|
|
0:05:51
|
good reason to be running that with that default information in the lab
|
|
0:05:56
|
Now, we need to set up the source address
|
|
0:05:59
|
but it's not called source like it is in SIP
|
|
0:06:02
|
because everything has to be different
|
|
0:06:05
|
so it's gonna be IP source
|
|
0:06:08
|
and the IP source address is 177.1.254.3 which is our loop back
|
|
0:06:14
|
Again, we can have a port
|
|
0:06:17
|
and notice there's something called any match
|
|
0:06:19
|
or strict match
|
|
0:06:21
|
there's also something secondary, we'll look at that in a little bit
|
|
0:06:24
|
but this disables strict match
|
|
0:06:26
|
Strict match requires the strict
|
|
0:06:28
|
IP address checking for registration.
|
|
0:06:30
|
We were told to only allow
|
|
0:06:32
|
phones to register with the loop back.
|
|
0:06:35
|
Now, if I just did this and enter
|
|
0:06:38
|
then what this would actually
|
|
0:06:40
|
configure is the ability for
|
|
0:06:42
|
phones to register with any IP address
|
|
0:06:44
|
that's on the router, any interface. However
|
|
0:06:49
|
the router would always speak back from this IP address
|
|
0:06:54
|
If I strict match, I'm not only saying the router will
|
|
0:06:58
|
use this as its own source address but also
|
|
0:07:02
|
any attempts to register with any
|
|
0:07:03
|
other IP address on the router like my
|
|
0:07:06
|
data VLAN, sub interface or my voice VLAN sub interface
|
|
0:07:11
|
or my serial WAN interface IP
|
|
0:07:14
|
anything other than loop back 0
|
|
0:07:16
|
will not be allowed and that's we were told to do.
|
|
0:07:21
|
Update the CNF files.
|
|
0:07:24
|
we were also told to ensure that the message at the bottom of the phones
|
|
0:07:27
|
is exactly like the ones on the SIP phones.
|
|
0:07:32
|
in SIP, you can't change that message.
|
|
0:07:34
|
In Skinny, you can.
|
|
0:07:37
|
So in Skinny there is a system message
|
|
0:07:42
|
and by default it says
|
|
0:07:46
|
I don't remember what is it, CME. By the way the phone
|
|
0:07:49
|
we're trying to register right now and being rejected
|
|
0:07:52
|
because I have auto-registration turned off so that's what we're seeing here
|
|
0:07:55
|
I think it says CME system
|
|
0:08:01
|
is what it says, anyhow, we can make it your
|
|
0:08:05
|
current options to match what's already on the SIP phone
|
|
0:08:11
|
Alright. So we've done that. We're doing, we're
|
|
0:08:16
|
configuring this rather than just looking at
|
|
0:08:18
|
question mark because there's a lot. So far that was 2
|
|
0:08:22
|
pagination, spaces and then a little bit at the end
|
|
0:08:25
|
let's do that again. Stop that FAC
|
|
0:08:29
|
FAC is gone, FXO is all the way down the server
|
|
0:08:32
|
security mode and then from server security mode all the way down here. So we've had
|
|
0:08:36
|
two and a half pages of possibilities. We can easily get overwhelmed
|
|
0:08:40
|
over the couse of the 60 cover
|
|
0:08:44
|
most every, if not everyone but
|
|
0:08:47
|
we don't just wanna look at them like this because we'll quickly get overwhelmed
|
|
0:08:52
|
It's also the reason why things that have a lot of
|
|
0:08:55
|
options you typically don't wanna hit question mark too much in the lab
|
|
0:08:58
|
in general if possible
|
|
0:09:00
|
really your speed needs to be to the point where you only hit
|
|
0:09:03
|
maybe once or twice the whole lab, it's pass
|
|
0:09:06
|
you really need to be able to configure your entire routers
|
|
0:09:09
|
in notepad and paste it in
|
|
0:09:11
|
to be ready for the lab in terms of speed
|
|
0:09:14
|
it's more in the strategy, but
|
|
0:09:18
|
in general we don't wanna hit
|
|
0:09:20
|
question mark on things that have a lot of options
|
|
0:09:22
|
if they only have a few, that’s fine. But if they have a lot,
|
|
0:09:25
|
a lot of times, it will just overwhelm us
|
|
0:09:27
|
If we get stuck, we can but again
|
|
0:09:29
|
we don’t have a lot of time to get stuck in the lab.
|
|
0:09:32
|
Ensure TFTP
|
|
0:09:35
|
configuration files are generated for every phone
|
|
0:09:38
|
not just every phone type.
|
|
0:09:41
|
This is actually the command
|
|
0:09:45
|
create, sorry not create CNF files
|
|
0:09:50
|
rather CNF file and per phone type
|
|
0:09:54
|
is actually the default.
|
|
0:09:57
|
Again, let’s just do something before we do that, let’s do show
|
|
0:10:01
|
telephony service
|
|
0:10:05
|
and we can see a lot of these
|
|
0:10:08
|
default configuration. Certain things we’ve already changed
|
|
0:10:11
|
like no auto-reg, load files
|
|
0:10:14
|
but anything that we haven’t done
|
|
0:10:16
|
conference software, privacy, no privacy on hold
|
|
0:10:21
|
A lot of these things are default like CNF
|
|
0:10:23
|
file location. Where is it gonna create the config files
|
|
0:10:26
|
in a running memory in system. We can change that, we could make it
|
|
0:10:30
|
hard files, actual files that are created in flash
|
|
0:10:34
|
and the CNF file option is per phone type
|
|
0:10:39
|
so we are gonna change the CNF file
|
|
0:10:41
|
not just, I shouldn’t say not just, we’re not
|
|
0:10:44
|
gonna change of the flash but we could
|
|
0:10:47
|
or we could change it to an external TFTP
|
|
0:10:49
|
we’re gonna leave it to system.
|
|
0:10:51
|
But we’re gonna say CNF file per phone
|
|
0:10:55
|
rather than per phone type.
|
|
0:11:02
|
Now, location is still system
|
|
0:11:06
|
but we’re creating per phone
|
|
0:11:09
|
When I say per phone versus per phone type
|
|
0:11:12
|
what it would’ve done in the past is it would’ve created
|
|
0:11:15
|
the alias of SEP and the
|
|
0:11:18
|
individual phone MAC address but it would point them all
|
|
0:11:22
|
to XML default and that’s particular phone type
|
|
0:11:27
|
So XML default 7961.cnf.xml
|
|
0:11:31
|
or XML default 7970.cnf.xml
|
|
0:11:38
|
So there would be only one configuration
|
|
0:11:40
|
file for every type of phone that was registered to this system
|
|
0:11:45
|
rather than one configuration
|
|
0:11:46
|
file and running memory for every phone that’s in the system.
|
|
0:11:50
|
That’s great if you’re running 200+ phones on a 3845
|
|
0:11:54
|
Of course, you probably have enough memory on a 3845 to do per phone type but it still
|
|
0:11:58
|
nice because it reduces the amount of memory needed. Instead of 250
|
|
0:12:03
|
files in running memory, you might have 10 if you have 10 different phone types or 5
|
|
0:12:08
|
f you have 5 different phone types but there are times where you might need those.
|
|
0:12:14
|
That doesn’t cause any problems even if
|
|
0:12:17
|
you have different configuration in every phone
|
|
0:12:19
|
if you’re doing it per phone type by the way.
|
|
0:12:22
|
But we do have the option and this is the lab, the CCIE lab where
|
|
0:12:27
|
we not only in deep dives that we’re gonna look at
|
|
0:12:30
|
most every, if possibly every option that we can look at,
|
|
0:12:34
|
a lot in CME but we’re gonna try
|
|
0:12:38
|
but also the CCI voice lab where you’re expected to know
|
|
0:12:41
|
detailed new ones information or at least
|
|
0:12:43
|
be resourceful enough to be able to find it very quickly
|
|
0:12:48
|
Let’s look at the display time format.
|
|
0:12:53
|
This is actually the same command, believe it or not as the SIP
|
|
0:12:57
|
and also the date format is going to be day, month, year.
|
|
0:13:02
|
Now this says day-month-year and we were told days/month/year
|
|
0:13:08
|
but we don’t see that as an option
|
|
0:13:10
|
In fact, this is the only option that begins with day.
|
|
0:13:13
|
Now will actually show up on the phone
|
|
0:13:15
|
as day/month/year.
|
|
0:13:18
|
You would have to obviously configure that
|
|
0:13:21
|
just to see that happen but this is where the lab could try to trick you up
|
|
0:13:25
|
You were told day/ and in CUCM, big server
|
|
0:13:29
|
this would actually be a big difference because you can have
|
|
0:13:32
|
any of the format and any separators
|
|
0:13:35
|
- . or / but not /.
|
|
0:13:46
|
But again, in IOS, if we only have one option, it’s the closest we have,
|
|
0:13:50
|
then either it’s the right option or
|
|
0:13:53
|
maybe there’s some other hidden command or
|
|
0:13:55
|
maybe not hidden command but something else we have to do to expose this
|
|
0:13:58
|
We noticed that mode CME in
|
|
0:14:02
|
the SIP voice register global server once we
|
|
0:14:06
|
turned that on, expose a lot of other options,
|
|
0:14:08
|
so there’s some command that expose other options
|
|
0:14:12
|
But again if we did this
|
|
0:14:13
|
had phones register and we saw that they actually registered with this format,
|
|
0:14:17
|
that’s more important than what is configured is the final result
|
|
0:14:21
|
Also in the same time zone as the router so time zone
|
|
0:14:27
|
sorry, it’s time-zone here. Again,
|
|
0:14:31
|
28 or essentially your PN is 120
|
|
0:14:34
|
that’s not gonna work so we’ll just use 23 again
|
|
0:14:40
|
Finally ensure that admins
|
|
0:14:42
|
can log in to the web user interface
|
|
0:14:45
|
and change things like DN in time. Before we go any further,
|
|
0:14:49
|
out of telephony service, there is something called DN web edit
|
|
0:14:54
|
and time web edit. By default, we can change most things
|
|
0:15:00
|
in the user interface but not DNs or time on the router.
|
|
0:15:06
|
Once we enable those two provisions
|
|
0:15:11
|
or configurations then we can edit those
|
|
0:15:13
|
in the web user interface as well
|
|
0:15:16
|
as things such as phones and
|
|
0:15:21
|
other system parameters that we’ll take a look at
|
|
0:15:26
|
Now, we gonna jump out
|
|
0:15:31
|
and let’s do show run pipe
|
|
0:15:33
|
to anything that includes HTTP
|
|
0:15:37
|
and we see that there is an HTTP server but it’s
|
|
0:15:39
|
disabled as well as an SSL
|
|
0:15:42
|
HTTPS server.
|
|
0:15:44
|
There’s also something called IXI transport which is
|
|
0:15:47
|
essentially AXL or
|
|
0:15:51
|
the administrative XML
|
|
0:15:53
|
ability to configure the router through AXL
|
|
0:15:55
|
which is how we will actually connect our
|
|
0:15:58
|
remote control phone software so we will provision that
|
|
0:16:01
|
in just a little bit. So
|
|
0:16:09
|
First of all, we need to enable the HTTP server.
|
|
0:16:14
|
We’re not gonna the secure server, we’ll just do the regular web server
|
|
0:16:18
|
and there is also something called IP HTP
|
|
0:16:21
|
half. There’s a lot of other things, security and a lot of other things but
|
|
0:16:26
|
the path where does the router look for the files.
|
|
0:16:30
|
By default, it looks to the root.
|
|
0:16:33
|
So if bring up the web browser here
|
|
0:16:40
|
and resize it and point it to 177
|
|
0:16:46
|
well HTP not S
|
|
0:16:48
|
177.1.254.3
|
|
0:16:52
|
the loop back, I’m asked for a username and password.
|
|
0:16:55
|
I actually haven’t set up yet
|
|
0:16:59
|
so let’s go back into
|
|
0:17:01
|
telephony service and set up my web
|
|
0:17:08
|
admin and I want this system
|
|
0:17:12
|
administrator not the customer on site,
|
|
0:17:15
|
administrator. The name is going to be,
|
|
0:17:19
|
let’s say admin and the password or secret
|
|
0:17:23
|
password just a lesser
|
|
0:17:26
|
protected version of the
|
|
0:17:29
|
secret rehashed value.
|
|
0:17:31
|
Password is going to be CCIECISCO and keeping with our other.
|
|
0:17:36
|
Now I go back and I refresh and I say admin
|
|
0:17:41
|
and CCIECISCO
|
|
0:17:46
|
and asked me for it again because it’s looking for a
|
|
0:17:50
|
username and password on the router
|
|
0:17:52
|
that has level 15 or enable full access and
|
|
0:17:58
|
and this user doesn’t have that plus I’m actually pointed to the wrong place
|
|
0:18:03
|
Now, I need to do show flash
|
|
0:18:07
|
and I wanna pipe this to include .HTML
|
|
0:18:13
|
and I see that I have a number of HTML files
|
|
0:18:17
|
such as telephony service HTML.
|
|
0:18:20
|
That’s the file I want
|
|
0:18:24
|
so can I say telephony service .html?
|
|
0:18:29
|
See admin and CCIECISCO
|
|
0:18:38
|
and it actually looks like it wanted to do something but it’s not going anywhere else.
|
|
0:18:43
|
This is because it’s in a sub directory gooey.
|
|
0:18:46
|
I could say /gooey
|
|
0:18:52
|
/telephony service but it said it’s not found
|
|
0:18:57
|
Let’s do show IP HTTP
|
|
0:19:04
|
and out so we can do a question mark. Show IP HTTP
|
|
0:19:10
|
server information.
|
|
0:19:19
|
The help path, what we’re actually looking for is the path in general
|
|
0:19:27
|
Let’s do that, pipe that to include path
|
|
0:19:31
|
and the based path is nothing so it’s not pointed anywhere
|
|
0:19:35
|
So I do IP HTTP path
|
|
0:19:39
|
and I could say flash:
|
|
0:19:43
|
Now, this should work
|
|
0:19:49
|
after I put an admin and CCIECISCO
|
|
0:19:57
|
But what if I just wanted to say telephony service.
|
|
0:20:02
|
Well, I can also do flash:gooey/
|
|
0:20:07
|
but even if I do that, do show run pipe 2 include http
|
|
0:20:11
|
is still just gonna show up as flash:gooey
|
|
0:20:15
|
the / for the next directory is automatically assumed
|
|
0:20:19
|
So now
|
|
0:20:23
|
admin and CCIECISCO
|
|
0:20:28
|
should work to get me in.
|
|
0:20:35
|
The important thing is we needed to find where the
|
|
0:20:38
|
gooey files were in flashed do show
|
|
0:20:41
|
flash now we know the name of the directory pipe 2 include
|
|
0:20:46
|
GUI and there’s all of our files that are used for the gooey.
|
|
0:20:52
|
We need to pull up the telephony service and now we’re in it.
|
|
0:20:57
|
We can look at extension, there’s none
|
|
0:20:59
|
found. We can add some because we did DN web edit
|
|
0:21:03
|
We got a lot of options of here, obviously. We’re not gonna be using
|
|
0:21:06
|
the web interface. We might check back and see what it’s set to
|
|
0:21:09
|
but we’re not gonna be using it too much
|
|
0:21:12
|
We will look at it again like I said a little bit later
|
|
0:21:15
|
as we get on the deep dive modules but
|
|
0:21:18
|
we’re not be using it to add things because this is after all
|
|
0:21:21
|
expert level exam and even if you
|
|
0:21:24
|
had all the information that you could use
|
|
0:21:26
|
which should probably will be able to, we still, we can add phones,
|
|
0:21:34
|
no new phone to add, that’s interesting but
|
|
0:21:38
|
we still want to be able to know how to do everything
|
|
0:21:41
|
from the command line this being CCIE
|
|
0:21:44
|
exam that we’re primarily focusing on after all.
|
|
0:21:49
|
So we met the criteria to allow
|
|
0:21:52
|
users to access the web user interface
|
|
0:21:55
|
and access and change things like
|
|
0:21:58
|
DNs, we saw that and then also time, system time.
|
|
0:22:02
|
Here, we can change the time but again we’ve already set to NTP
|
|
0:22:06
|
so we probably don’t want to change to this system time because if we did,
|
|
0:22:10
|
do show NTP associations,
|
|
0:22:14
|
we see that we are associated.
|
|
0:22:16
|
We could change the system time, let’s say we change it to the
|
|
0:22:22
|
let’s say we change it to the 14th, the day before, set,
|
|
0:22:26
|
save it, watch the router changes it time,
|
|
0:22:29
|
clock has been updated from October 15th to
|
|
0:22:34
|
the same time October 14th, administered by admin on consul
|
|
0:22:40
|
And now if we look at NTP associations,
|
|
0:22:43
|
we’re synchronized to our local clock
|
|
0:22:46
|
but not synchronized to the PSTN.
|
|
0:22:50
|
It’s gonna take a little time for that to
|
|
0:22:52
|
reinitialize and resynchronized up
|
|
0:22:54
|
We will eventually synchronized back up and when we do so,
|
|
0:22:58
|
we'll get this sys log message that the system clock has been updated.
|
|
0:23:01
|
It’s not necessarily advisable to
|
|
0:23:05
|
allow the users to change the system time.
|
|
0:23:08
|
We’re just showing that you can do it because
|
|
0:23:10
|
that’s what the instructions told us to be able to do
|
|
0:23:15
|
So that pretty much takes care of the tasks for
|
|
0:23:20
|
this particular task or the subtest for this task.
|
|
0:23:24
|
|
