Safar Safarov's Blog

Live Record is a feature supported in Cisco Unified Call Manager Express. When initiated, via a configured soft key, this feature essentially grants end users the capability to record an active call. Once the recording is complete, the end user will receive a message-waiting indicator on their phone indicating there is a new voicemail message available. This recording will then be accessible via the end user’s assigned Cisco Unity Express voicemail box.

STEP 1. Enabling Live Record

The live record feature is a global setting that is supported for two-party calls or ad-hoc conferencing. You must assign live record an ephone-dn that forwards to the designated voicemail pilot for CUE. You will then enable it within telephony-service and CUE.

CUCME(config)#ephone-dn 5
CUCME(config-ephone-dn)#number 250 no-reg
CUCME(config-ephone-dn)#call-forward all 260

CUE(config)#voicemail live-record pilot-number 250

STEP 2. Enabling the Phone for Live Record

In order to give an IP Phone access to the Live Record feature, you must create a new ephone-template assigning the Live Record soft key in the “connected” state. You should only assign the new ephone-template to the ephones that will be granted access to this feature.

CUCME(config)#ephone-template 1
CUCME(config-ephone-template)#softkeys connected LiveRcd Hold Endcall Trnsfer Confrn

CUCME(config)#ephone 5
CUCME(config-ephone)ephone-template 1

You are now ready to test and verify your configuration. During an active call, press the LiveRcd soft key. You should hear an entrance tone when your current call is joined with the live record feature. This beep will continue during the time live record is active as a reminder. You can adjust the duration (in milliseconds) and interval (in seconds) of the beep within CUE.

CUE(config)#voicemail live-record beep duration 50
CUE(config)#voicemail live-record beep interval 30

To cancel recording press the LiveRcd softkey again or EndCall. Once the recording is completed the MWI will illuminate indicating a new voicemail message. You can then log into voicemail and review and manage the recording the same as any other voicemail message.

LiveRcd behaves as a two-party ad-hoc conference call when paired up to record a call. In the event you need to record a call that is already active with two or more parties, you will need to configure CUCME for ad-hoc hardware conferencing.

Posted in Cisco tips
Tags: call recording, Cisco, CME, configuration, CUCME, CUE, live record, router

While it is possible to put two routes in place with the secondary having a higher metric, this may not always work. In the event of a failure that does not bring down the physical interface on the router the primary route is not removed. There is also the situation where the primary interface takes too long to change status. The way around these limitations is simple – IP SLA:

STEP 1. Configure an ip sla (previously known as Response Time Reporter – rtr) object pinging the next-hop router (172.16.0.1) on primary link (FastEthernet 0/0). The polling frequency you specify (in seconds) depends on the reliability requirements, but anything below a few seconds would place unnecessary burden on the next-hop router (as you might not be the only one tracking its availability). Threshold sets the rising threshold that generates a reaction event and stores history information for the Cisco IOS IP SLAs operation.

R1(config)#ip sla 1
R1(config-ip-sla)#icmp-echo 172.16.0.1 source-interface FastEthernet 0/0
R1(config-ip-sla-echo)#threshold 100
R1(config-ip-sla-echo)#timeout 200
R1(config-ip-sla-echo)#frequency 3
R1(config)#ip sla schedule 1 life forever start-time now

STEP 2. Create a track object monitoring the reachability of the SLA target. As you probably don’t want to respond to a single lost ICMP packet, you should use the delay option of the track object to specify how long the next-hop router should remain unreachable before it’s declared to be lost (the down delay should be approximately three times the SLA polling frequency and the up delay should be even longer).

R1(config)#track 1 ip sla 1 reachability
R1(config-track)#delay down 10 up 20

STEP 3. After configuring the track object, attach it to the primary static default route to ensure that the default route is removed if the next-hop router is not reachable.

R1(config)#ip route 0.0.0.0 0.0.0.0 FastEthernet 0/0 track 1
R1(config)#ip route 0.0.0.0 0.0.0.0 FastEthernet 0/1 10

Notes:
You cannot change the parameters of a SLA object once you’ve scheduled it. To change the target IP address, timeouts, threshold or polling frequency, you need to delete the SLA object and recreate it.

When calculating the up delay, remember that a router can temporarily respond to pings during the bootstrap process.

Posted in Cisco tips
Tags: Cisco, configuration, failover, IP SLA, router, routing, SLA

SSH is disabled by default for the root account on an ESX host. That is, the actual sshd service does not allow root logins. Non-root users are able to login with SSH. This is another layer of protection in addition to the host firewall.

1. To enable root login for SSH and SCP clients if you have physical access to the ESX host:
STEP 1. Login to the console of your ESX host as the root user.
STEP 2. Edit the configuration file for SSH with the following command:

nano /etc/ssh/sshd_config

STEP 3. Find the line that starts with ‘PermitRootLogin’ and change the ‘no’ to ‘yes’. You can find this line about 2 pages down from the top. Save the file by first pressing ‘Ctrl-O’ and then Enter. Exit with ‘Ctrl-X’.
STEP 4. Restart the sshd service with the command:

service sshd restart
OR
/etc/init.d/sshd restart

2. To enable root login for SSH and SCP clients if you have network access only to the ESX host:
STEP 1. Connect to the ESX host with VMware Infrastructure (VI) or vSphere Client.
STEP 2. Create a new temporary user by going to ‘Local Users & Groups’ tab. Make sure to check ‘Grand shell access to this user’ checkbox and add the user to the ‘root’ group.
STEP 3. Connect to the ESX host over the network using a SSH Client and login as the new temporary user.
STEP 4. Switch user to root by typing the following command:

su -

STEP 5. Type root account password.
STEP 6. Edit the configuration file for SSH with the following command:

nano /etc/ssh/sshd_config

STEP 7. Find the line that starts with ‘PermitRootLogin’ and change the ‘no’ to ‘yes’. You can find this line about 2 pages down from the top. Save the file by first pressing ‘Ctrl-O’ and then Enter. Exit with ‘Ctrl-X’.
STEP 8. Restart the sshd service with the command:

service sshd restart
OR
/etc/init.d/sshd restart

NOTE: Each SSH connection to an ESX host uses additional Service Console resources. Use caution when using scripts or third party software that create multiple SSH sessions to the ESX Service Console. Excessive use of SSH on an ESX machine may cause the service console to exhibit symptoms of memory exhaustion.

Posted in VM tips
Tags: enable SSH, enable SSH root, ESX, ESXi, root SSH access denied, root SSH login, SSH, SSH access, SSH access denied, VMware

Let’s say you want to automatically back up your router’s running configuration (in RAM) to the startup configuration (in NVRAM) every Monday night at 10 P.M. You might want to make sure that the system is preserving router changes, even if the router losses power and even if someone forgets to save his or her changes.

The new IOS command scheduler makes this a relatively easy task. Here’s how you can use kron to accomplish this.

First, create a kron policy-list. Essentially, this policy list serves as your ‘script’, which lists what you want the router to run at a scheduled time. Here’s an example:

Router(config)#kron policy-list backup
Router(config-kron-policy)#cli write
Router(config-kron-policy)#exit

Next, create a kron occurrence, in which you tell the router when and how often you want to run this policy list (i.e., group of commands). Here’s an example:

Router(config)#kron occurrence backup at 22:00 Mon recurring
Router(config-kron-occurrence)#policy-list backup

This code sets up your backup job to run every Monday night at 10 P.M. (22:00 in military time).

Finally, verify that you’ve entered everything correctly by using the show command.

Router#show kron schedule

Router#show running-configuration
(truncated)
kron occurrence backup at 22:00 Mon recurring policy-list backup
!
kron policy-list backup cli write
(truncated)

Notes:
You might be wondering why I used the write command instead of the copy running-configuration startup-configuration commands. While the copy run start command is interactive, the write command is not. In other words, write doesn’t prompt to verify what you want to do. It’s important to remember that the Cisco IOS Command Scheduler doesn’t allow any interactive commands.

You might be wondering if you could use kron to reboot the router. While it’s a good idea to use the command scheduler if you want to reboot your router on a regularly scheduled basis, you can perform a one-time delayed reboot using reload at with less complexity.

Additional uses for kron include clearing an interface on a daily schedule, clearing the internal log, and showing the routing table at set intervals and sending it to a log.

In some cases, you may want to log the failure or success of your commands. To do so, you can use the debug command. For example, to view all kron debugging, use debug kron all. (You can also use more specific kron debug commands.)

Once you’ve enabled debugging, send logging output to the router’s system buffer or to a syslog server. In that log, you’ll find the command output and whether the commands succeeded or failed.

Backup on FTP config example:
ip ftp source-interface loopback 0
ip ftp username ftp_username
ip ftp password ftp_password
file prompt quiet
!
kron policy-list backup
cli copy running-config ftp://10.20.30.40
!
kron occurrence daily-backup at 0:30 recurring
policy-list backup

Posted in Cisco tips
Tags: backup, Cisco, configuration, IOS, kron, router, scheduler, switch