Category: Cisco

Accessing Cisco 7925 Web Interface

  • Posted on
  • By

Sometimes you get so lucky to work for an organization that still have Cisco 7925 wireless phones in the environment. You’re SOL when they decommission all your Windows servers and no longer have any system with Internet Explorer 11 (Yes, yes, yes I know what you mean.)

Instead of modifying your go-to daily web browser’s security setting (Firefox, Chrome or Edge), try to get something else like Pale Moon and modify that instead.

Go to about:config

To address the TLS 1.0 concern, change the security.tls.version.min to 1

To address the SSL_ERROR_BAD_MAC_ALERT error message, change the security.tls.insecure_fallback_hosts to the IP address of the Cisco 7925 phone

Now do yourself a favor and submit a budget to replace all of your Cisco 7925’s.

Filed under: Cisco

CME Time is Correct but SIP Endpoints are on Different Timezone

  • Posted on
  • By

If your Communications Manager Express (CME) clock and timezone configuration in telephony-service and voice register global are correct but SIP endpoints are a few hours behind or ahead (on a different timezone), you will need the timezone updater.

https://www.oracle.com/java/technologies/javase-tzupdater-downloads.html

1. Upload from TFTP to Flash.
2. Add the TFTP server configuration tftp-server flash:phones/tzupdater.jar alias tzupdater.jar
3. Update SIP Configuration and reset endpoints

voice register global
 no create profile
 create profile
 reset
Filed under: Cisco, Unified Communications

Cisco 44XX ISR Show Light Levels

  • Posted on
  • By

If the command show interface [INTERFACE] transceiver status is not available, try using show hw-module subslot 0/0 transceiver [SFP SLOT] status. Here’s an example.


Cisco4451#show hw-module subslot 0/0 transceiver 3 status
The Transceiver in slot 0 subslot 0 port 3 is enabled.
  Module temperature                        = +24.316 C
  Transceiver Tx supply voltage             = 3357.2 mVolts
  Transceiver Tx bias current               = 13182 uAmps
  Transceiver Tx power                      = -7.1 dBm
  Transceiver Rx optical power              = -32.2 dBm
Cisco4451#

If it is still not working for you, check the output of show logging. Verify if the SFP that you are using is compatible with your equipment. It should not say %TRANSCEIVER-3-NOT_SUPPORTED
Example:


000046: *Jun  5 2020 09:59:28.694 CDT: %TRANSCEIVER-6-INSERTED:iomd:  transceiver module inserted in Gigabitethernet0/0/3

The output of show interface [INTERFACE] should not say media type is unknown media type. It should state the media-type if detected and compatible. In the example above, I am using GLC-LH-SMD= 1000BASE-LX/LH SFP transceiver module, MMF/SMF, 1310nm, DOM

The Transceiver Rx optical power should be between -3 to -8 dBm if interfacing within the same building or short-range optics.  Long range optics can go a lot lower depending on distance.  Anything less than -30 dBm is essentially no light received.  The sample above shows no light.

Check them here: https://www.cisco.com/c/en/us/products/routers/4000-series-integrated-services-routers-isr/relevant-interfaces-and-modules.html

Filed under: Cisco

Cisco 8851 Partial Registered in CUCM

  • Posted on
  • By

I’ve got a few Cisco 8851 phones that always come up as partial registered. I understand that partial registered usually means that one or more lines are unregistered or something to that effect. No matter how many times I reset remotely or power cycle the damn thing, it always come back as partial registered. To the users, everything is normal. Everything is normal so – meh. A few weeks later, got an aha moment.

Here’s what I forgot: our users use extension mobility and their device profiles were based on Cisco 7962 or 7965 device types and have all 6 lines associated with a directory number. Cisco 8800-series desk phones without a key expansion module (a.k.a sidecar) can only associate up to 5 lines. The user’s device profiles also have all 6 lines populated and after I disassociate that 6th line from the profile, things are back to normal. Well, it was already normal but you know what I mean.

Filed under: Call Manager, Cisco

New UCCX Team and CSQ not showing up in CUIC

A couple weeks ago, I recently added a new skill, assigned the skill to a Contact Service Queue (CSQ) and updated the assigned CSQ’s in the Team configuration and then renamed the Team name. When I logged in to Cisco Unified Intelligence Center (CUIC) to run a report, I do not see the new CSQ I created. The fix is to restart Cisco Unified Intelligence Center Reporting Service

The CUIC that we have is embedded (not standalone) in one of the UCCX nodes. Log in to both the UCCX nodes and check if Cisco Unified Intelligence Center Reporting Service is running then restart it.


admin:utils service list

Requesting service status, please wait...
~
Cisco Unified Intelligence Center Reporting Service[STARTED]
Cisco Unified Intelligence Center Serviceability Service[STARTED]
~

admin:utils service restart Cisco Unified Intelligence Center Reporting Service
 Don't press Ctrl-c while the service is getting RESTARTED.If Service has not Restarted Properly, execute the same Command Again
Service Manager is running
Cisco Unified Intelligence Center Reporting Service[STOPPED] Commanded Out of Service
Service Manager is running
Cisco Unified Intelligence Center Reporting Service[STARTING]
Cisco Unified Intelligence Center Reporting Service[STARTED]
admin:

Filed under: Cisco, Contact Center

UCCX Basic SQL Query

  • Posted on
  • By

Most of the things that matter daily in UCCX 8.x, 9.x and perhaps 10.x are mostly done in CCX Administration (appadmin) and some troubleshooting done CCX Editor. There is one thing that Report Summary and User View did not do for me: List all users, along with their login ID‘s, and IPCC extensions so I can inform the Windows server team which users belong in the call center.

My solution was to do a SQL query. For those of you who are familiar with MySQL syntax, you will like this or roll your eyes on how easy it is and how unnecessary this post would be. My problem was that I did not know the name of the database and tables the agent info are stored.

See that * in the query below? Don’t do that if you have a lot of agents.


run uccx sql db_cra select * from resource

Or do it anyway to find out the names of the table columns so you can narrow down your search; but do it for one user. 


run uccx sql db_cra select * from resource where resourceloginid like 'elton'

Be specific with the table columns instead.


run uccx sql db_cra select resourceloginid,extension,resourcename from resource where active!='f'

I use PuTTY and automatically log all session output so I don’t have to selectively highlight text to copy. Open the directory where you store the logs, open in Notepad++, copy, paste in Excel or Calc.

This is based on the UCCX 9.0 CLI Reference Guide:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/crs/express_9_0/configuration/guide/UCCX_BK_C940F879_00_cli-reference-guide-for-uccx/UCCX_BK_C940F879_00_cli-reference-guide-for-uccx_chapter_00.html#UCCX_TP_CFB67B78_00

http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cust_contact/contact_center/crs/express_9_02/configuration/guide/UCCX_BK_C007B99C_00_cli-reference-guide-release-902/UCCX_BK_C54B77AG_00_cli-reference-guide-902_chapter_0100.html#UCCX_TP_R1EEC0AE_00

As for SQL queries in Call Manager, check these out:
http://www.cisco.com/c/en/us/support/docs/unified-communications/unified-communications-manager-callmanager/117726-technote-cucm-00.html

Here’s a SQL user lookup example equivalent to viewing info in User Management > End Users


run sql select* from enduser where userid='elton'

William Bell has excellent CUCM SQL query tutorials as well. Don’t forget to check out the comment threads.
http://www.ucguerrilla.com/search/label/Query_Series

Basically, still using standard SQL syntax (yeah, that sounds redundant) prepended by “run sql” but it is just a matter of finding out the table and column names.

Here’s a SQL query to view them.


run sql select x.tabname, y.colname from systables x, syscolumns y where x.tabid=y.tabid order by x.tabname

Filed under: Call Manager, Cisco, Contact Center

Cisco Supervisor Desktop “No Service”

  • Posted on
  • By

Symptoms:
CUCM 9.1
UCCX 9.0.2

A user called in to report that after logging in to Cisco Supervisor Desktop, selected a Team from the Team dropdown selection, it took a long time to load. It continues to state “No Service” in the bottom of the window after nothing has loaded and Team dropdown selection is greyed out.

If you download the Cisco Desktop Call/Chat Service trace logs, you will notice messages like:


2015-07-24 03:30:36:440 INFO STD0005 Client  disconnected from service at <10.0.11.39>.
2015-07-24 03:30:36:443 WARN LC0001 Error occurred while performing an LDAP operation.
2015-07-24 03:30:36:444 WARN LC0001 Error occurred while performing an LDAP operation.
2015-07-25 12:47:19:520 WARN FCCS3008 Network communication error  sending message to application .  The application will be logged out.
2015-07-27 08:44:34:074 INFO LC0007 Invalid Value.
2015-07-27 08:44:34:082 INFO LC0007 Invalid Value.

Solution:

  • Restart Cisco Desktop Call/Chat Service. This does not drop calls because once a call is answered, the CCX port is no longer used in that call. RTP media is now between endpoints. This does disrupt and refresh screens on agents who are exchanging chat messages but that shouldn’t be an issue, in my opinion.

  • Log out and back in.

  • If restarting the Cisco Desktop Call/Chat Service, did not work for you, restart Cisco Desktop Sync Service and Cisco Desktop Browser and IP Phone Agent Service.

    • Issue confirmed fixed. Notice, after selecting a team and while it is loading, the first thing that populates are the team’s agents and supervisors.

    What you want to see in the logs will be something like this

    
2015-07-27 08:44:52:057 INFO FCCS0027 Service going into active mode.  Incoming requests will be accepted.
2015-07-27 08:44:52:074 INFO LRMS0004 LRMClient is connected to the service at <10.0.11.39>.

    Filed under: Cisco, Contact Center, Unified Communications

    Cisco IOS Configuration Change Logging

    • Posted on
    • By

    Someone or something caused your router to reboot. You want to log configuration changes to rule that out without using TACACS. Here’s what it looks like.

    
router(config)# archive
router(config-archive)# log config
router(config-archive-log-cfg)# logging enable
router(config-archive-log-cfg)# logging size 1000
router(config-archive-log-cfg)# notify syslog
router(config-archive-log-cfg)#

    To display configuration log entries by record numbers starting with the first recorded command
    show archive log config 1

    To display all configuration log files as they would appear in a configuration file rather than in a tabular format
    show archive log config all provisioning

    To view statistics
    show archive log config statistics

    
router# show archive log config statistics
Config Log Session Info:
        Number of sessions being tracked: 1
        Memory being held: 3909 bytes
        Total memory allocated for session tracking: 187657 bytes
        Total memory freed from session tracking: 183748 bytes

Config Log log-queue Info:
        Number of entries in the log-queue: 63
        Memory being held by the log-queue: 16356 bytes
        Total memory allocated for log entries: 16356 bytes
        Total memory freed from log entries: 0 bytes

    For more information: http://www.cisco.com/c/en/us/td/docs/ios/fundamentals/configuration/guide/15_1s/cf_15_1s_book/cf_config-logger.html

    Filed under: Cisco, IOS

    Configure SSH v2 in Cisco IOS

    • Posted on
    • By

    Set the device’s hostname
    hostname hercules

    Set the device’s membership to a domain. Generating an RSA key requires a domain name.
    ip domain-name routers.eltonoverip.com

    Check to see if SSH is already running
    show ip ssh

    Generate an RSA key
    crypto key generate rsa

    You will get something like the following:

    
hercules(config)#crypto key generate rsa
The name for the keys will be hercules.routers.eltonoverip.com
Choose the size of key modules in the range of 360 to 4096 for your
General Purpose Keys.  Choosing a key modulus greater than 512 may take a few minutes

How many bits in the modulus [512]: 2048
%Generating 2048 bit RSA keys, keys will be non-exportable...
[OK] (elapsed time was 0 seconds)

hercules(config)#

    If you skipped the ip domain-name whateverdomain.com, you will get the following:
    % Please define a domain-name first.

    Or you could do a more specific command
    crypto key generate rsa general-keys modulus 2048

    
hercules(config)#crypto key generate rsa general-keys modulus 2048
The name for the keys will be: hercules.eltonoverip.com

% The key modulus size is 2048 bits
% Generating 2048 bit RSA keys, keys will be non-exportable...[OK]

*Apr 12 05:12:36.775: %SSH-5-ENABLED: SSH 2.0 has been enabled

    At this point, when you check the output of show ip ssh and it shows version 1.99, that means that it is supports or run both versions 1 and 2. Note that 1.99 is not an actual version but a method to identify backwards compatibility.

    http://en.wikipedia.org/wiki/Secure_Shell#Version_1.99

    To run only version 2
    ip ssh version 2

    Set up a local user
    username elton privilege 15 secret cisco

    Few more commands

    
line vty 0 4
  login local

    Allow only SSH
    transport input ssh

    Allow both SSH and telnet
    transport input ssh telnet

    Few ways to verify

    Check if the SSH service is running on the device
    show ip ssh

    Check who are logged in
    who

    Check the SSH port
    show control-plane host open-ports

    
hercules#show control-plane host open-ports
Active internet connections (servers and established)
Prot               Local Address             Foreign Address                  Service    State
 tcp                        *:22                         *:0               SSH-Server   LISTEN
 tcp                        *:23                         *:0                   Telnet   LISTEN

    Check active TCP sessions. These are not TCP traffic through the router but those terminated at this router.
    show tcp

    
hercules#show tcp

tty194, virtual tty from host Achilles
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled, Mininum incoming TTL 0, Outgoing TTL 255
Local host: 10.42.21.109, Local port: 22
Foreign host: 10.42.21.81, Foreign port: 2326
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x1838E4):
Timer          Starts    Wakeups            Next
Retrans            13          0             0x0
TimeWait            0          0             0x0
AckHold             9          0             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger            0          0             0x0
DeadWait            0          0             0x0
Linger              0          0             0x0
ProcessQ            0          0             0x0

iss: 1184651233  snduna: 1184653125  sndnxt: 1184653125     sndwnd:  17104
irs: 3330383746  rcvnxt: 3330385707  rcvwnd:       3800  delrcvwnd:    328

SRTT: 247 ms, RTTO: 663 ms, RTV: 416 ms, KRTT: 0 ms
minRTT: 4 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: passive open, active open
Option Flags: 0x1000000
IP Precedence value : 6

TCB is waiting for TCP Process (55)

Datagrams (max data segment is 1460 bytes):
Rcvd: 20 (out of order: 0), with data: 12, total data bytes: 1960
Sent: 17 (retransmit: 0, fastretransmit: 0, partialack: 0, Second Congestion: 0), with data: 14, total data bytes: 1891
 Packets received in fast path: 0, fast processed: 0, slow path: 0
 fast lock acquisition failures: 0, slow path: 0
hercules#
    Filed under: Cisco, IOS