2 Replies Latest reply on May 17, 2013 12:26 PM by geo

    PRI and FXS on same TA908 but using independent trunks for inbound/outbound calls

    vnet New Member

      Here is a copy of my generic configuration file. Can you tell me what I am missing? It would appear that my FXS lines are still registering under the primary trunk T01 instead of under trunk T03...

       

       

      !

      !

      hostname "TA908_Lab_Test_PRI"

      enable password encrypted 3b31a5e9d474533016e98c03c44aac98bda6

      !

      clock timezone -6-Central-Time

      !

      ip subnet-zero

      ip classless

      ip default-gateway xxx.xxx.xxx.xxx

      ip routing

      !

      !

      ip host "insert.domain.net" xxx.xxx.xxx.xxx

      ip name-server xxx.xxx.xxx.xxx xxx.xxx.xxx.xxx

      !

      !

      no auto-config

      !

      event-history on

      no logging forwarding

      no logging email

      !

      service password-encryption

      !

      username "admin" password encrypted "3b334593645202213b4261202185124bef3f"

      username "hidden_user" password encrypted "161f77f22f3d9e6178d3749f9d434ab7057c"

      !

      banner login #

      *******************************************************************************

      *                                                                              *

      *                              WARNING NOTICE                                  *

      *                                                                              *

      * This system is restricted solely to XYZ Co. authorized users for legitimate  *

      * business purposes only.  The actual or attempted unauthorized access,        *

      * use, or modification of this system is strictly prohibited by XYZ Co.        *

      * Unauthorized users are subject to Company disciplinary proceedings and/or    *

      * criminal and civil penalties under state, federal, or other applicable       *

      * domestic and foreign laws.  The use of this system may be monitored and      *

      * recorded for administrative and security reasons.  Anyone accessing this     *

      * system expressly consents to such monitoring and is advised that if          *

      * monitoring reveals possible evidence of criminal activity, XYZ Co. may       *

      * provide the evidence of such activity to law enforcement officials.  All     *

      * users must comply with XYZ Co. Information Security policy regarding the     *

      * protection of XYZ Co. information assets.                                    *

      *                                                                              *

      *******************************************************************************

      #

      !

      !

      no ip firewall alg ftp

      no ip firewall alg msn

      no ip firewall alg mszone

      no ip firewall alg pptp

      no ip firewall alg h323

      !

      aaa on

      aaa authentication banner #

      *******************************************************************************

      *                                                                              *

      *                              WARNING NOTICE                                  *

      *                                                                              *

      * This system is restricted solely to XYZ Co. authorized users for legitimate  *

      * business purposes only.  The actual or attempted unauthorized access,        *

      * use, or modification of this system is strictly prohibited by XYZ Co.        *

      * Unauthorized users are subject to Company disciplinary proceedings and/or    *

      * criminal and civil penalties under state, federal, or other applicable       *

      * domestic and foreign laws.  The use of this system may be monitored and      *

      * recorded for administrative and security reasons.  Anyone accessing this     *

      * system expressly consents to such monitoring and is advised that if          *

      * monitoring reveals possible evidence of criminal activity, XYZ Co. may       *

      * provide the evidence of such activity to law enforcement officials.  All     *

      * users must comply with XYZ Co. Information Security policy regarding the     *

      * protection of XYZ Co. information assets.                                    *

      *                                                                              *

      *******************************************************************************

      #

      ftp authentication LoginUseLocalUsers

      !

      !

      aaa authentication login default local

      aaa authentication login LoginUseTacacs group tacacs+

      aaa authentication login LoginUseRadius group radius

      aaa authentication login LoginUseLocalUsers local

      aaa authentication login LoginUseLinePass line

      !

      aaa authentication enable default enable

      !

      !

      no dot11ap access-point-control

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      qos map XYZ Co_Qos 10

        match dscp 46

        match ip rtp 16384 32767 all

        priority 2200

        set dscp 46

      qos map XYZ Co_Qos 15

        match dscp 24

        match list allow-sip

        priority 384

        set dscp 24

      !

      !

      !

      !

      interface eth 0/1

        description to TA908 PRI/POT's

        ip address  xxx.xxx.xxx.xxx  255.255.255.0

        media-gateway ip primary

        max-reserved-bandwidth 95

        qos-policy out XYZ Co_Qos

        no awcp

        no shutdown

        no lldp send-and-receive

      !

      !

      !

      !

      interface t1 0/1

        snmp trap threshold-reached

        shutdown

      !

      interface t1 0/2

        description T1 0/2 to PRI to PBX

        fdl att

        snmp trap threshold-reached

        tdm-group 1 timeslots 1-24 speed 64

        no shutdown

      !

      !

      interface pri 1

        description PRI to PBX

        isdn name-delivery setup

        calling-party number 620xxxxxx0

        connect t1 0/2 tdm-group 1

        role network b-channel-restarts enable

        no shutdown

      !

      !

      interface fxs 0/1

        description "620xxxxxx1"

        no shutdown

      !

      interface fxs 0/2

        no shutdown

      !

      interface fxs 0/3

        no shutdown

      !

      interface fxs 0/4

        no shutdown

      !

      interface fxs 0/5

        no shutdown

      !

      interface fxs 0/6

        no shutdown

      !

      interface fxs 0/7

        no shutdown

      !

      interface fxs 0/8

        no shutdown

      !

      !

      isdn-group 1

        connect pri 1

      !

      !

      !

      !

      !

      !

      !

      !

      ip access-list standard nat-all

        permit any

      !

      !

      ip access-list extended allow-sip

        permit udp any eq 5060 any   

      !

      ip access-list extended debug_pri

        permit udp any eq 5060 any eq 5060  

      !

      ip access-list extended ValuNet-standard

        deny   udp any eq 1433 any     log

        deny   udp any eq 1434 any     log

        deny   udp any eq netbios-dgm any     log

        deny   udp any eq netbios-ns any     log

        deny   udp any eq netbios-ss any     log

      !

      !

      !

      !

      ip route 0.0.0.0 0.0.0.0 xxx.xxx.xxx.xxx

      !

      no ip tftp server

      no ip tftp server overwrite

      ip http authentication LoginUseLocalUsers

      ip http server

      ip http secure-server 123456

      ip snmp agent

      no ip ftp server

      no ip scp server

      no ip sntp server

      !

      !

      snmp-server enable traps snmp

      snmp-server community public RO

      snmp-server host xxx.xxx.xxx.xxx traps version 1 public snmp

      !

      !

      !

      !

      ip sip

      ip sip udp 5060

      no ip sip tcp

      !

      !

      !

      voice feature-mode network

      voice forward-mode network

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      voice codec-list g729

        codec g729

        codec g711ulaw

      !

      voice codec-list g711

        codec g711ulaw

      !

      !

      !

      voice trunk T01 type sip

        description "XYZ Co_sip-trunk to META/PRI"

        sip-server primary insert.domain.net

        registrar primary insert.domain.net

        outbound-proxy primary xxx.xxx.xxx.xxx

        authentication username "B620xxxxxx0" password encrypted "2c2ade02811798582fc8b57565b9b766ed74"

        domain "xxx.xxx.xxx.xxx"

        sip-keep-alive options 30

        max-number-calls 23

        register 620xxxxxx0

        codec-group g711

      !

      voice trunk T02 type isdn

        description "T02"

        resource-selection linear ascending

        connect isdn-group 1

        rtp delay-mode adaptive

        codec-group g711

      !

      voice trunk T03 type sip

        description "XYZ Co_sip-trunk to META/POT's"

        sip-server primary insert.domain.net

        registrar threshold percentage 1

        outbound-proxy primary xxx.xxx.xxx.xxx

        domain "xxx.xxx.xxx.xxx"

        codec-group g711

      !

      !

      voice grouped-trunk SIPMAP

        trunk T03

        accept 9NXX-NXX-XXXX cost 200

        accept 91-NXX-NXX-XXXX cost 200

        accept 91-800-NXX-XXXX cost 200

        accept 91-888-NXX-XXXX cost 200

        accept 91-877-NXX-XXXX cost 200

        accept 91-866-NXX-XXXX cost 200

        accept 91-855-NXX-XXXX cost 200

        accept 91-900-NXX-XXXX cost 200

        accept 91-976-NXX-XXXX cost 200

        accept 9011-$ cost 200

        accept 9411 cost 200

        accept 9611 cost 200

        accept 9911 cost 200

        accept 90-NXX-NXX-XXXX cost 200

        accept 910-10-XXX-$ cost 200

        accept 9NXX-XXXX cost 200

        accept *XX cost 200

        accept *XXX cost 200

        accept NXX cost 200

        accept NXX-NXX-XXXX cost 200

        accept 1-NXX-NXX-XXXX cost 200

        accept 1-800-NXX-XXXX cost 200

        accept 1-888-NXX-XXXX cost 200

        accept 1-877-NXX-XXXX cost 200

        accept 1-866-NXX-XXXX cost 200

        accept 1-855-NXX-XXXX cost 200

        accept 1-900-NXX-XXXX cost 200

        accept 1-976-NXX-XXXX cost 200

        accept 011-$ cost 200

        accept 411 cost 200

        accept 611 cost 200

        accept 911 cost 200

        accept 0-NXX-NXX-XXXX cost 200

        accept 10-10-XXX-$ cost 200

        accept NXX-XXXX cost 200

        accept *XX$ cost 200

        accept NXX-XXX-XXXX cost 200

      !

      !

      voice grouped-trunk T01

        description "SIP to Meta/PRI"

        trunk T01

        accept $ cost 0

      !

      !

      voice grouped-trunk T02

        description "To PBX"

        trunk T02

        accept $ cost 1

      !

      !

      voice grouped-trunk T03

        description "SIP to Meta/POT's"

        trunk T03

        accept $ cost 2

      !

      !

      voice user 620xxxxxx1

        connect fxs 0/1

        first-name "620xxxxxx1"

        last-name "xxxxxx1"

        password encrypted "3f3b802c6899a4539120d2dbd1042cd80022"

        sip-identity 620xxxxxx1 T03 register auth-name "620xxxxxx1" password encrypted "25239f40687eff191a68834f6a8f51cf3304"

        sip-authentication password encrypted "23276f427bfc89780d7b16d61c9b89691d63"

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      !

      ip sip qos dscp 24

      !

      !

      ip rtp udp 16384

      !

      !

      !

      line con 0

        login authentication LoginUseLocalUsers

      !

      line telnet 0 4

        login authentication LoginUseLocalUsers

        password encrypted 262e62f350fac67818df30ef9ce2abebb767

        no shutdown

      line ssh 0 4

        login authentication LoginUseLocalUsers

        no shutdown

      !

      sntp server xxx.xxx.xxx.xxx version 3

      !

      !

      !

      !

      end

        • Re: PRI and FXS on same TA908 but using independent trunks for inbound/outbound calls
          Employee

          vnet,

           

          This was accidentally made a private post.  I moved this to the Total Access 900/900e Series area so someone from the community can help.

           

          Thanks,

          Matt

          • Re: PRI and FXS on same TA908 but using independent trunks for inbound/outbound calls
            geo Employee

            Per our conversation over Technical Support email, I will post the solution below:

             

               1. Had to build 3 voice trunks (1 toward the network = T01), (1 to the PRI or customer PBX = T02), (1 for the FXS = T03)

               2. Then built 3: voice trunk lists for trunks T01 and T02 to use

               3. A single: voice ani-list   (for any: ani $)

               4. Three voice grouped trunks were also built with permit and deny statements telling each trunk what it is allowed to manage as far as inbound vs. outbound call traffic:

                            a. voice grouped-trunk T01 = permits traffic from the PRI to the network outbound and denies all other trunks and ani's

                            b. voice grouped-trunk T02 = permits traffic from the network inbound to the PRI and denies all other trunks and ani's

                            c. voice grouped-trunk T03 = this is specifically a dialing plan outbound for all FXS lines ONLY

               5. Each voice user xxxxxxxxxx then has its: sip-identity <insert 10-digit TN> and then pointed to T03 trunk for registration, SIP authentication and SIP password towards the switch (network) which is applied per subscriber built in the Metaswitch

              

               This allows each call hitting the Adtran (any TA900 series: TA908,TA912,TA916 or TA924, etc) to act independently whereas prior to this, each outbound call on an FXS line was trying to use the PRI trunk for its outbound call completion instead of originating from its physical identity from a 66-block and out the amphenol pinout.

             

            Thanks,

            Geoff