Sjur Usken

Views on new technologies and business opportunities from Sjur Usken

Cisco with their UC500 has not understood DNS SRV….

Just setting up a Cisco UC500 and notice how “old fashioned” the VoIP settings are. The setup still believes that the provider only has one major IP address and one backup. Of course, to have one basic IP address where all traffic is routed to, and make this redudant (through virtual IP or IP take-over), is just fine and will work OK.

The DNS SRV case

If you as a VoIP Service Provider uses DNS SRV, which is designed to give you load sharing and redundancy through DNS, then the Cisco Configuration Assistant misses the point. This assistant, which is almost necessary to get the UC500 unit up and running, does a DNS lookup on the A record and takes this IP into the Access List configuration…. not good… Next time the UC500 registers, it probably uses another server, and the incoming calls are also coming from this. Then the ACL kicks in and blocks the call…

The work-around

For CCA version 1.9 there is an access-list 2 that contains the IP of the SIP server. Expand this list to cover all IP addresses from your VoIP provider. Be careful, since opening this to everybody will open you for both SPiT and possible fraud.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: