I agree with Leigh about the typo. But I don´t agree with RTP to the CME not being needed. If there is MOH the CME streams RTP to the phone on hold, either multicast or unicast wise. But Leigh is right the phones speak directly RTP streams between phones when the CME has setup the call so that needs to be taken care of. But in your question you don´t specify which other VLAN´s have phones so Leigh's critisism is unjustified :D
But If I was a proctor (And I would love if I could think like one...) I would expect you to add in the other call controll protocols aswell since your question doesn't state which call control method to use (skinny,sip?). And I would throw in secure skinny and secure SIP aswell. Secure RTP seems to be running on same ports as RTP according to the link below and other links I have seen from Cisco. This is how I would configure the access lists on both ends: I have the habbit of having a line with source and destination port in case there is a incoming traffic that wasn´t tagged from some other networks/VLANs. But In your case the remote network does it´s own marking so It should be ok to do with out those "redundant lines" but I have them in here anyways. Head Quarters: ! ip access-list extended ACL-SCCP permit tcp 10.20.20.0 0.0.0.255 host 10.10.10.10 eq 2000 permit tcp 10.20.20.0 0.0.0.255 eq 2000 host 10.10.10.10 permit tcp 10.20.20.0 0.0.0.255 host 10.10.10.10 eq 2443 permit tcp 10.20.20.0 0.0.0.255 eq 2443 host 10.10.10.10 permit tcp 10.20.20.0 0.0.0.255 host 10.10.10.10 eq 5060 permit tcp 10.20.20.0 0.0.0.255 eq 5060 host 10.10.10.10 permit tcp 10.20.20.0 0.0.0.255 host 10.10.10.10 eq 5061 permit tcp 10.20.20.0 0.0.0.255 eq 5061 host 10.10.10.10 ! ip access-list extended ACL-RTP permit udp 10.20.20.0 0.0.0.255 host 10.10.10.10 range 16384 32767 permit udp 10.20.20.0 0.0.0.255 range 16384 32767 host 10.10.10.10 ! ! class-map MAP-SCCP match access-group name ACL-SCCP ! class-map MAP-RTP match access-group name ACL-RTP ! policy-map Voice class MAP-SCCP set dscp cs3 class MAP-RTP set dscp ef ! int fa0/0 !to Medium Office service-policy input Voice ! Medium Office: ! ip access-list extended ACL-SCCP permit tcp host 10.10.10.10 eq 2000 10.20.20.0 0.0.0.255 permit tcp host 10.10.10.10 10.20.20.0 0.0.0.255 eq 2000 permit tcp host 10.10.10.10 eq 2443 10.20.20.0 0.0.0.255 permit tcp host 10.10.10.10 10.20.20.0 0.0.0.255 eq 2443 permit tcp host 10.10.10.10 eq 5060 10.20.20.0 0.0.0.255 permit tcp host 10.10.10.10 10.20.20.0 0.0.0.255 eq 5060 permit tcp host 10.10.10.10 eq 5061 10.20.20.0 0.0.0.255 permit tcp host 10.10.10.10 10.20.20.0 0.0.0.255 eq 5061 ! ip access-list extended ACL-RTP permit udp host 10.10.10.10 range 16384 32767 10.20.20.0 0.0.0.255 permit udp host 10.10.10.10 10.20.20.0 0.0.0.255 range 16384 32767 ! class-map MAP-SCCP match access-group name ACL-RTP ! class-map MAP-RTP match access-group name ACL-RTP ! policy-map Voice class MAP-SCCP set dscp cs3 class MAP-RTP set dscp ef ! int fa0/0 !to Head Quarter service-policy input Voice ! Some more info: ! skinny tcp 2000 secure skinny 2443 SIP 5060 Secure SIP 5061 A good link below on the port numbers: http://www.i-1.nl/blog/wp-content/uploads/CUCM-TCP-UDP-Port-Usage-1.0.pdf regards. Kristjan -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of [email protected] Sent: 10. ágúst 2011 16:00 To: [email protected] Subject: CCIE_Wireless Digest, Vol 29, Issue 6 Send CCIE_Wireless mailing list submissions to [email protected] To subscribe or unsubscribe via the World Wide Web, visit http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless or, via email, send a message with subject or body 'help' to [email protected] You can reach the person managing the list at [email protected] When replying, please edit your Subject line so it is more specific than "Re: Contents of CCIE_Wireless digest..." Today's Topics: 1. QoS on WLAN Link (Stalder Dominic) 2. Re: CCIE wireless WB2 (Ralph Olsen) 3. Re: CCIE wireless WB2 (Leigh Jewell) 4. Re: QoS on WLAN Link (Leigh Jewell) 5. Re: CCIE wireless WB2 (Ralph Olsen) ---------------------------------------------------------------------- Message: 1 Date: Tue, 9 Aug 2011 18:23:30 +0000 From: Stalder Dominic <[email protected]> To: "[email protected]" <[email protected]> Subject: [OSL | CCIE_Wireless] QoS on WLAN Link Message-ID: <ca6747bd.44a8%[email protected]> Content-Type: text/plain; charset="windows-1252" Hi group, it?s me again :-) This time I have a question about QoS preservation on WAN link. Let?s say I have my medium office with a subnet of 10.20.20.0 /24 and my CME is at head quarter with 10.10.10.10 /24. I would like to set DSCP ef for RTP and DSCP cs3 for SCCP, would this configuration be OK or do I miss something or are maybe the src / dst ports wrong? HQ: ip access-list extended ACL-SCCP permit tcp 10.10.20.0 0.0.0.255 host 10.10.10.10 eq 2000 ! ip access-list extended ACL-RTP permit udp 10.10.20.0 0.0.0.255 host 10.10.10.10 range 16384 32767 ! class-map MAP-SCCP match access-group name ACL-SCCP ! class-map MAP-RTP match access-group name ACL-RTP ! policy-map Voice class MAP-SCCP set dscp cs3 class MAP-RTP set dscp ef ! int fa0/0 !to Medium Office service-policy input Voice ! MO: ip access-list extended ACL-SCCP permit tcp host 10.10.10.10 eq 2000 10.20.20.0 0.0.0.255 ! ip access-list extended ACL-RTP permit udp host 10.10.10.10 range 16384 32767 10.20.20.0 0.0.0.255 ! class-map MAP-SCCP match access-group name ACL-SCCP ! class-map MAP-RTP match access-group name ACL-RTP ! policy-map Voice class MAP-SCCP set dscp cs3 class MAP-RTP set dscp ef ! int fa0/0 !to Head Quarter service-policy input Voice ! Thanks a lot and best regards Dominic -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_wireless/attachments/20110809/a4a0b3b8/attachment-0001.html> ------------------------------ Message: 2 Date: Tue, 9 Aug 2011 20:55:53 +0200 From: Ralph Olsen <[email protected]> To: Leigh Jewell <[email protected]> Cc: Talal Fraij <[email protected]>, "[email protected]" <[email protected]> Subject: Re: [OSL | CCIE_Wireless] CCIE wireless WB2 Message-ID: <calhzut832xjpkxgmgtuyipjcizbiewedn4cnhqorrafnuxc...@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Hi Leigh, I have it located right next to the Wireless WB1. So if you bought WB2 they shoud be there. /Ralph 2011/8/8 Leigh Jewell <[email protected]>: > Great info Ralph. Where on the website do we fine the labs to download ? > > Cheers, > Leigh > > On 6 August 2011 22:11, Ralph Olsen <[email protected]> wrote: >> >> An electronic version with 3 Mock Labs is available on the website. The 3 >> labs has 2 fully done labs and one still under review. Hope thats answers >> the questions. >> As I understand it the material will be updated to reflect version 2 >> blueprint later this Fall. >> /Ralph >> >> Sendt fra min iPhone >> Den 06/08/2011 kl. 01.35 skrev Talal Fraij <[email protected]>: >> >> Hello All, >> i just wanted to check about CCIE wireless WB2. (LAB version 1) >> >> as i understood from my training advisor, it won't be available till >> September. >> but as i see some people already have it. >> >> http://onlinestudylist.com/archives/ccie_wireless/2011-August/002325.html >> my LAB is 28-9 , can i purchase this book?? or it is not available? >> Kind regards >> >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> > > ------------------------------ Message: 3 Date: Wed, 10 Aug 2011 16:52:21 +1000 From: Leigh Jewell <[email protected]> To: Ralph Olsen <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: [OSL | CCIE_Wireless] CCIE wireless WB2 Message-ID: <cakqywd_3oclfxtjpzunka+ap77s47tugm+9hh0vxxuccaov...@mail.gmail.com> Content-Type: text/plain; charset="iso-8859-1" I got an email back saying WB2 hadn't been released yet. Can you buy it early and get a pre-release version ? Cheers, Leigh On 10 August 2011 04:55, Ralph Olsen <[email protected]> wrote: > Hi Leigh, > > I have it located right next to the Wireless WB1. So if you bought WB2 > they shoud be there. > > /Ralph > > 2011/8/8 Leigh Jewell <[email protected]>: > > Great info Ralph. Where on the website do we fine the labs to download ? > > > > Cheers, > > Leigh > > > > On 6 August 2011 22:11, Ralph Olsen <[email protected]> wrote: > >> > >> An electronic version with 3 Mock Labs is available on the website. The > 3 > >> labs has 2 fully done labs and one still under review. Hope thats > answers > >> the questions. > >> As I understand it the material will be updated to reflect version 2 > >> blueprint later this Fall. > >> /Ralph > >> > >> Sendt fra min iPhone > >> Den 06/08/2011 kl. 01.35 skrev Talal Fraij <[email protected]>: > >> > >> Hello All, > >> i just wanted to check about CCIE wireless WB2. (LAB version 1) > >> > >> as i understood from my training advisor, it won't be available till > >> September. > >> but as i see some people already have it. > >> > >> > http://onlinestudylist.com/archives/ccie_wireless/2011-August/002325.html > >> my LAB is 28-9 , can i purchase this book?? or it is not available? > >> Kind regards > >> > >> > >> _______________________________________________ > >> For more information regarding industry leading CCIE Lab training, > please > >> visit www.ipexpert.com > >> > >> Are you a CCNP or CCIE and looking for a job? Check out > >> www.PlatinumPlacement.com <http://www.platinumplacement.com/> > >> > >> _______________________________________________ > >> For more information regarding industry leading CCIE Lab training, > please > >> visit www.ipexpert.com > >> > >> Are you a CCNP or CCIE and looking for a job? Check out > >> www.PlatinumPlacement.com <http://www.platinumplacement.com/> > >> > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_wireless/attachments/20110810/075aeda7/attachment-0001.html> ------------------------------ Message: 4 Date: Wed, 10 Aug 2011 16:55:42 +1000 From: Leigh Jewell <[email protected]> To: Stalder Dominic <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: [OSL | CCIE_Wireless] QoS on WLAN Link Message-ID: <CAKQyWd_9Z9-+dvWcT8QjZjQrMN_iZpwwb2DA=zd94ozoq3m...@mail.gmail.com> Content-Type: text/plain; charset="windows-1252" I don't believe you will be RTP from the medium office subnet to the CME. I would expect medium office subnet to have RTP to the HQ voice subnet where they are phones. You also have a typo in the medium office ACL defined on the HQ. You have 10.10.20.0/24 where you said it was 10.20.20.0/24 Hope that helps. Leigh On 10 August 2011 04:23, Stalder Dominic <[email protected]> wrote: > Hi group, it?s me again :-) > > This time I have a question about QoS preservation on WAN link. Let?s say I > have my medium office with a subnet of 10.20.20.0 /24 and my CME is at head > quarter with 10.10.10.10 /24. I would like to set DSCP ef for RTP and DSCP > cs3 for SCCP, would this configuration be OK or do I miss something or are > maybe the src / dst ports wrong? > > HQ: > > ip access-list extended ACL-SCCP > permit tcp 10.10.20.0 0.0.0.255 host *10.10.10.10 eq 2000 > *! > ip access-list extended ACL-RTP > permit udp 10.10.20.0 0.0.0.255 host *10.10.10.10 range 16384 32767 > *! > class-map MAP-SCCP > match access-group name ACL-SCCP > ! > class-map MAP-RTP > match access-group name ACL-RTP > ! > policy-map Voice > class MAP-SCCP > set dscp cs3 > class MAP-RTP > set dscp ef > ! > int fa0/0 > !to Medium Office > service-policy input Voice > ! > > MO: > > ip access-list extended ACL-SCCP > permit tcp host *10.10.10.10 eq 2000* 10.20.20.0 0.0.0.255 > ! > ip access-list extended ACL-RTP > permit udp host *10.10.10.10 range 16384 32767* 10.20.20.0 0.0.0.255 > ! > class-map MAP-SCCP > match access-group name ACL-SCCP > ! > class-map MAP-RTP > match access-group name ACL-RTP > ! > policy-map Voice > class MAP-SCCP > set dscp cs3 > class MAP-RTP > set dscp ef > ! > int fa0/0 > !to Head Quarter > service-policy input Voice > ! > > Thanks a lot and best regards > Dominic > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com <http://www.platinumplacement.com/> > > -------------- next part -------------- An HTML attachment was scrubbed... URL: </archives/ccie_wireless/attachments/20110810/70c283c8/attachment-0001.html> ------------------------------ Message: 5 Date: Wed, 10 Aug 2011 11:12:32 +0200 From: Ralph Olsen <[email protected]> To: Leigh Jewell <[email protected]> Cc: "[email protected]" <[email protected]> Subject: Re: [OSL | CCIE_Wireless] CCIE wireless WB2 Message-ID: <CALHzUt9ayeXyQxq=P4JqTodQt=cD_p4DJ=hewrnw4djorik...@mail.gmail.com> Content-Type: text/plain; charset=ISO-8859-1 Hi Leigh, WB2 in its final version will reflect the version 2 blueprint. For us who paid for WB2 long long time ago chapter 1 and 5 should be available for download in the download section. They are both version 1 Mock Labs. Chapter 2 and 4 are still undergoing review. /Ralph 2011/8/10 Leigh Jewell <[email protected]>: > I got an email back saying WB2 hadn't been released yet. Can you buy it > early and get a pre-release version ? > > Cheers, > Leigh > > > On 10 August 2011 04:55, Ralph Olsen <[email protected]> wrote: >> >> Hi Leigh, >> >> I have it located right next to the Wireless WB1. So if you bought WB2 >> they shoud be there. >> >> /Ralph >> >> 2011/8/8 Leigh Jewell <[email protected]>: >> > Great info Ralph. Where on the website do we fine the labs to download ? >> > >> > Cheers, >> > Leigh >> > >> > On 6 August 2011 22:11, Ralph Olsen <[email protected]> wrote: >> >> >> >> An electronic version with 3 Mock Labs is available on the website. The >> >> 3 >> >> labs has 2 fully done labs and one still under review. Hope thats >> >> answers >> >> the questions. >> >> As I understand it the material will be updated to reflect version 2 >> >> blueprint later this Fall. >> >> /Ralph >> >> >> >> Sendt fra min iPhone >> >> Den 06/08/2011 kl. 01.35 skrev Talal Fraij <[email protected]>: >> >> >> >> Hello All, >> >> i just wanted to check about CCIE wireless WB2. (LAB version 1) >> >> >> >> as i understood from my training advisor, it won't be available till >> >> September. >> >> but as i see some people already have it. >> >> >> >> >> >> http://onlinestudylist.com/archives/ccie_wireless/2011-August/002325.html >> >> my LAB is 28-9 , can i purchase this book?? or it is not available? >> >> Kind regards >> >> >> >> >> >> _______________________________________________ >> >> For more information regarding industry leading CCIE Lab training, >> >> please >> >> visit www.ipexpert.com >> >> >> >> Are you a CCNP or CCIE and looking for a job? Check out >> >> www.PlatinumPlacement.com >> >> >> >> _______________________________________________ >> >> For more information regarding industry leading CCIE Lab training, >> >> please >> >> visit www.ipexpert.com >> >> >> >> Are you a CCNP or CCIE and looking for a job? Check out >> >> www.PlatinumPlacement.com >> >> >> > >> > > > ------------------------------ _______________________________________________ CCIE_Wireless mailing list [email protected] http://onlinestudylist.com/cgi-bin/mailman/listinfo/ccie_wireless End of CCIE_Wireless Digest, Vol 29, Issue 6 ******************************************** _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com
