ImgBurn is a great little CD / DVD burning application and can be found via the official site at http://www.imgburn.com. It's also free, so if you use it, please support them via their PayPal link.
With that, it's really kind of difficult to download a current copy without clicking through several mirror site pop-ups and using suspicious third party installers.
If you don't need the latest version, you can find and older SetupImgBurn_2.4.4.0.exe file here: https://docs.google.com/viewer?a=v&pid=sites&srcid=ZGVmYXVsdGRvbWFpbnxyYXltYXNsYW5rYXxneDo0NDU5MzI1Y2YwZTk0OWZk
It appears to be the latest 2.4 version, where the latest release as of now is 2.5.8.
Tuesday, April 29, 2014
Sunday, April 27, 2014
Cisco MeetingPlace backup to Windows servers using rsync
The Cisco MeetingPlace Application or ExpressMedia server DOES have a backup utility built into the administration pages but unlike other Cisco UC applications, it is not the familiar DRS interface and it does not support SFTP like every other UC server you like.
Cisco MeetingPlace from approximately version 8 on only supports rsync as a protocol to move backup information to an external server. If you aren't Linux / Unix savvy, implementing an rsync server may not be trivial.
The best synopsis of how to do it I can find is here: http://www.backupsecrets.com/articles/displayarticle/id/354
For posterity and safety sake, I'll summarize here as well, but please support http://www.backupsecrets.com.
Assuming you are running a Windows machine of some type, you can get an combined installer for cwRsync Server 3.0.1 and CopSSH from this link: http://wbadmin.info/downloads/cwRsyncServer_3.0.1_Installer.exe
In the event that link breaks, here's another option: https://sites.google.com/site/raymaslanka/home/cwRsyncServer_3.0.1_Installer.zip?attredirects=0&d=1
The cwRsync Server is the piece that will provide the rsync server itself, and CopSSH sets up an SSH server to provide security over your rsync transfers.
The following is straight from the http://www.backupsecrets.com website as it relates to implementing rsync on a Windows machine:
Installing CopSSH and cwRsync
Activating a user
If you are planning to use SSH, then before you register a client with your Rsync server, you must activate a user with CopSSH. In the start menu, under All Programs > CopSSH, select "Activate a user". You will be presented with the screen below. Select a user and hit next. You will be prompted to enter a passphrase which can be any text string.
DO NOT ACTIVATE YOUR ADMINISTRATOR ACCOUNT
Doing so will cause a lock down on the account due to CopSSH's security settings. We recommend activating a newly created account.
Your user's home directory will be located at (for example) C:\Program Files\ICW\home\justin. The location of this directory can be changed by editing the file C:\Program Files\ICW\etc\passwd.
Cisco MeetingPlace from approximately version 8 on only supports rsync as a protocol to move backup information to an external server. If you aren't Linux / Unix savvy, implementing an rsync server may not be trivial.
The best synopsis of how to do it I can find is here: http://www.backupsecrets.com/articles/displayarticle/id/354
For posterity and safety sake, I'll summarize here as well, but please support http://www.backupsecrets.com.
Assuming you are running a Windows machine of some type, you can get an combined installer for cwRsync Server 3.0.1 and CopSSH from this link: http://wbadmin.info/downloads/cwRsyncServer_3.0.1_Installer.exe
In the event that link breaks, here's another option: https://sites.google.com/site/raymaslanka/home/cwRsyncServer_3.0.1_Installer.zip?attredirects=0&d=1
The cwRsync Server is the piece that will provide the rsync server itself, and CopSSH sets up an SSH server to provide security over your rsync transfers.
The following is straight from the http://www.backupsecrets.com website as it relates to implementing rsync on a Windows machine:
Installing CopSSH and cwRsync
- Run the CopSSH/cwRsync installer.
- Continue through the install wizard, installing the package to any location you choose.
- During the installation you will be presented with the following popup. We suggest leaving the SvcCWRSYNC account name as is.
- Later in the installation you will be presented with the below popup. At any time after the install you can access "Activate a user" from your start menu to give SSH access to that user. You must activate at least one user before you will be able to register an Rsync client. Click "OK" to continue your installation.
- DO NOT ACTIVATE YOUR ADMINISTRATOR ACCOUNT.
- Doing so will cause a lock down on the account due to CopSSH's security settings. We recommend activating a newly created account.
Activating a user
If you are planning to use SSH, then before you register a client with your Rsync server, you must activate a user with CopSSH. In the start menu, under All Programs > CopSSH, select "Activate a user". You will be presented with the screen below. Select a user and hit next. You will be prompted to enter a passphrase which can be any text string.
DO NOT ACTIVATE YOUR ADMINISTRATOR ACCOUNT
Doing so will cause a lock down on the account due to CopSSH's security settings. We recommend activating a newly created account.
Your user's home directory will be located at (for example) C:\Program Files\ICW\home\justin. The location of this directory can be changed by editing the file C:\Program Files\ICW\etc\passwd.
- Note: If you need to uninstall the CWRsync server at all, please be aware the two Windows service users ‘SvcCOPSSH' and ‘SvcCWRSYNC' are not removed. So if you then re-install the cwrsync server package the Windows users cannot be recreated and then passwords to do not match. This ultimately means the COPSSH and Rsync services will not start on the server. The fix is to uninstall and remove the users manually then re-install to add the users again with known passwords.
Tuesday, April 22, 2014
CUCM outside caller still hears ringing after call is answered through H323 gateway
Call flow was SIP trunk -> CUBE -> H323 -> CUCM -> SCCP phone.
Symptom was inbound callers would call a PSTN number, the SCCP phone would ring and present caller ID, the SCCP phone user would pick up, and the outside caller would continue to hear ringing. Reviewing debugs, I found via debug voice ccapi inot that the disconnect cause code was 47.
Apr 22 18:48:13.441: //2545/76D263EE875D/CCAPI/cc_api_call_disconnected: Cause Value=47, Interface=0x22ABFFE0, Call Id=2545
This typically is a result of codec mismatches or negotiations. I threw in some easy peasy transcoding like so, with no luck.
dspfarm profile 1 transcode universal
codec g729br8
codec g729r8
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 24
associate application CUBE
My issue was because I was using the H323 trunk from the CUBE to CUCM, I needed to accommodate for what would be early offer on the SIP trunk. Although I had transcoders available, the media exchange in the SDP (Session Description Protocol) where the codecs are negotiated was happening in the initial invite. With that, the call through the H323 trunk was setting up without the carrier, CUBE and CUCM deciding on the appropriate CODEC. Hence the disconnect cause 47.
On the CUCM and H323 gateway side, you can emulate the SIP early offer negotiation settings, via Enable Inbound FastStart and / or Wait for Far End H.245 Terminal Capability Set.
Symptom was inbound callers would call a PSTN number, the SCCP phone would ring and present caller ID, the SCCP phone user would pick up, and the outside caller would continue to hear ringing. Reviewing debugs, I found via debug voice ccapi inot that the disconnect cause code was 47.
Apr 22 18:48:13.441: //2545/76D263EE875D/CCAPI/cc_api_call_disconnected: Cause Value=47, Interface=0x22ABFFE0, Call Id=2545
This typically is a result of codec mismatches or negotiations. I threw in some easy peasy transcoding like so, with no luck.
dspfarm profile 1 transcode universal
codec g729br8
codec g729r8
codec g711ulaw
codec g711alaw
codec g729ar8
codec g729abr8
maximum sessions 24
associate application CUBE
My issue was because I was using the H323 trunk from the CUBE to CUCM, I needed to accommodate for what would be early offer on the SIP trunk. Although I had transcoders available, the media exchange in the SDP (Session Description Protocol) where the codecs are negotiated was happening in the initial invite. With that, the call through the H323 trunk was setting up without the carrier, CUBE and CUCM deciding on the appropriate CODEC. Hence the disconnect cause 47.
On the CUCM and H323 gateway side, you can emulate the SIP early offer negotiation settings, via Enable Inbound FastStart and / or Wait for Far End H.245 Terminal Capability Set.
Cisco CUBE and Broadview SIP trunks
I was tasked with turning up a SIP trunk from Broadview with little information from the customer or provider. There is also no interoperability guide for Cisco CUBE and Broadview SIP trunks that I could find. The only reference on their website is to the now defunct Small Business UC500 product line. With that, I blew a bunch of time trying figure out from the tech on the phone who didn't have access to the Broadview switch nor any information himself re: registration or authentication requirements, and from hunt, peck and debug techniques how to make a poor phone call work.
Short story regarding where I was side tracked: they don't want you to register with them, but only provide the authenticating credentials when presenting a call to them. No registrar required. Also seemed I had to bind media and control to individual dial-peers.
With that, here's the critical pieces I found successful.
voice service voip
ip address trusted list
ipv4 XXX.XXX.XXX.XXX (CUCM server)
ipv4 XXX.XXX.XXX.XXX (Broadview SBC)
ipv4 XXX.XXX.XXX.XXX (CUBE LAN Interface)
ipv4 XXX.XXX.XXX.XXX 255.255.255.0 (Phone device network, probably unneeded)
mode border-element
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
sip
registrar server
early-offer forced
midcall-signaling passthru
sip-profiles 1000
voice class sip-profiles 1000
request ANY sdp-header Connection-Info remove
response ANY sdp-header Connection-Info remove
sip-ua
credentials username TheUserNameThatTookTooLongToGetFromThem password TheAssociatedPassword realm aURLtheyThoughtMightWork.broadviewnet.net
keepalive target ipv4:XXX.XXX.XXX.XXX:5060 (the Broadview SBC address)
authentication username TheUserNameThatTookTooLongToGetFromThem password TheAssociatedPassword
no remote-party-id
retry invite 2
retry response 3
retry bye 3
retry cancel 3
retry register 10
timers trying 1000
timers connect 100
timers keepalive active 100
sip-server ipv4:XXX.XXX.XXX.XXX (the Broadview SBC address)
host-registrar
Short story regarding where I was side tracked: they don't want you to register with them, but only provide the authenticating credentials when presenting a call to them. No registrar required. Also seemed I had to bind media and control to individual dial-peers.
With that, here's the critical pieces I found successful.
voice service voip
ip address trusted list
ipv4 XXX.XXX.XXX.XXX (CUCM server)
ipv4 XXX.XXX.XXX.XXX (Broadview SBC)
ipv4 XXX.XXX.XXX.XXX (CUBE LAN Interface)
ipv4 XXX.XXX.XXX.XXX 255.255.255.0 (Phone device network, probably unneeded)
mode border-element
allow-connections h323 to h323
allow-connections h323 to sip
allow-connections sip to h323
allow-connections sip to sip
no supplementary-service sip moved-temporarily
no supplementary-service sip refer
fax protocol t38 version 0 ls-redundancy 0 hs-redundancy 0 fallback none
sip
registrar server
early-offer forced
midcall-signaling passthru
sip-profiles 1000
voice class sip-profiles 1000
request ANY sdp-header Connection-Info remove
response ANY sdp-header Connection-Info remove
sip-ua
credentials username TheUserNameThatTookTooLongToGetFromThem password TheAssociatedPassword realm aURLtheyThoughtMightWork.broadviewnet.net
keepalive target ipv4:XXX.XXX.XXX.XXX:5060 (the Broadview SBC address)
authentication username TheUserNameThatTookTooLongToGetFromThem password TheAssociatedPassword
no remote-party-id
retry invite 2
retry response 3
retry bye 3
retry cancel 3
retry register 10
timers trying 1000
timers connect 100
timers keepalive active 100
sip-server ipv4:XXX.XXX.XXX.XXX (the Broadview SBC address)
host-registrar
Monday, April 14, 2014
Basic Cisco 1252 AP Express Setup WPA2 Personal AES CCMP Sample
ap_1252#sh run
Building configuration...
Current configuration : 1337 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap_1252
!
enable secret 5 $1$EjY.$FdGuuTgTAYrQMNt8hlXSQ.
!
no aaa new-model
!
dot11 ssid LauraAndRay
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii 7 0212015F00091528
!
power inline negotiation prestandard source
!
username rmaslanka privilege 15 password 7 105A0C1D0E1808020217
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid LauraAndRay
!
channel 2412
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.168.10.3 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.10.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
line con 0
line vty 0 4
login local
!
end
Building configuration...
Current configuration : 1337 bytes
!
version 12.4
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
service password-encryption
!
hostname ap_1252
!
enable secret 5 $1$EjY.$FdGuuTgTAYrQMNt8hlXSQ.
!
no aaa new-model
!
dot11 ssid LauraAndRay
authentication open
authentication key-management wpa version 2
guest-mode
wpa-psk ascii 7 0212015F00091528
!
power inline negotiation prestandard source
!
username rmaslanka privilege 15 password 7 105A0C1D0E1808020217
!
bridge irb
!
!
interface Dot11Radio0
no ip address
no ip route-cache
!
encryption mode ciphers aes-ccm
!
ssid LauraAndRay
!
channel 2412
station-role root
bridge-group 1
bridge-group 1 subscriber-loop-control
bridge-group 1 block-unknown-source
no bridge-group 1 source-learning
no bridge-group 1 unicast-flooding
bridge-group 1 spanning-disabled
!
interface GigabitEthernet0
no ip address
no ip route-cache
duplex auto
speed auto
bridge-group 1
no bridge-group 1 source-learning
bridge-group 1 spanning-disabled
!
interface BVI1
ip address 192.168.10.3 255.255.255.0
no ip route-cache
!
ip default-gateway 192.168.10.1
ip http server
no ip http secure-server
ip http help-path http://www.cisco.com/warp/public/779/smbiz/prodconfig/help/eag
bridge 1 route ip
!
line con 0
line vty 0 4
login local
!
end
Friday, April 11, 2014
Enable SSH on a Cisco router
No secrets here. Just a succinct how to on enabling SSH on a router. You can find this anywhere.
! set a hostname and domain name to use for encryption key
!
yourname (config)#hostname MyRouter
MyRouter(config)#ip domain-name MyDomain.local
!
! generate key
!
MyRouter(config)#crypto key generate rsa
(choosing 1024 will work)
!
! allow SSH on lines
!
MyRouter(config)#line vty 0 4
MyRouter(config-line)#login local
MyRouter(config-line)#transport input ssh
!
! setup a local user for access
!
MyRouter(config)#username MYUSERNAME privilege 15 secret MYPASSWORD
MyRouter(config)#line vty 0 4
!
! set SSH version as 2
!
MyRouter(config)#ip ssh version 2
! set a hostname and domain name to use for encryption key
!
yourname (config)#hostname MyRouter
MyRouter(config)#ip domain-name MyDomain.local
!
! generate key
!
MyRouter(config)#crypto key generate rsa
(choosing 1024 will work)
!
! allow SSH on lines
!
MyRouter(config)#line vty 0 4
MyRouter(config-line)#login local
MyRouter(config-line)#transport input ssh
!
! setup a local user for access
!
MyRouter(config)#username MYUSERNAME privilege 15 secret MYPASSWORD
MyRouter(config)#line vty 0 4
!
! set SSH version as 2
!
MyRouter(config)#ip ssh version 2
Friday, April 04, 2014
Cisco CUCM BIB / Built In Bridge and WFO QM / Quality Manager recording administration
Note: This document
describes high level components and techniques to configure Built In Bridge
recording where those techniques are different that those used by desktop recording. This document is not intended to
replace or override official Cisco documentation, or a working knowledge of the
information provided.
More information related to Cisco QM can be found here:
http://portal.calabrio.com/tiki/CRQM%20eLearning
CUCM server
CUCM configuration
A SIP trunk on CUCM is used by phones to signal / connect to the QM recording server.
More information related
to Cisco CUCM can be found here:
http://www.cisco.com/c/en/us/td/docs/voice_ip_comm/cucm/admin/6_0_1/ccmfeat/cmfsgd601/fsmr.html#wp1054230More information related to Cisco QM can be found here:
http://portal.calabrio.com/tiki/CRQM%20eLearning
CUCM server
CUCM configuration
A SIP trunk on CUCM is used by phones to signal / connect to the QM recording server.
The trunk at this site is named QualityManagerRecordingTrunk1 and points to the Quality Manager
recording server at 10.182.1.9
When recording is appropriate, a route pattern is dialed by the
phone to reach the trunk.
The route pattern at this site is 4221. where Discard Digits
is PreDot.
A Recording Profile points to the appropriate route pattern.
The Recording Profile at this site is named QualityManagerBIB and the destination address is 4221
Device Configuration
To configure the phone device for BIB recording:
- Set Built In Bridge to On
- Set Span to PC Port to Disabled
- Add the device to the Controlled Devices of the RMCMUser application user.
BIB on
Span to PC disabled
RMCMUser control
DN Configuration
To configure the DN for recording, assign the appropriate
recording profile and options to every DN to be recorded:
- Set Recording Option to Automatic Call Recording Enabled
- Set Recording Profile to QualtiyManagerBIB
- Set Monitoring Calling Search Space to a CSS that has access to the DNs that may be monitored.
Sample DN recording configuration
Calabrio Server
Enable devices for recording.
From VoIP Devices menu, choose Enable
Devices for Recording. You need to enable both physical devices, as well as
Extension Mobility profiles.
Enabling a device:
Enabling an Extension Mobility
profile
Assigning Server / Type
Assign a Recording Server and Recording
Type to physical devices to be recorded.
You do not need to assign these settings to the Extension Mobility
devices.
Choose your recording server IP as the record server and Network Recording as the type.
The recording
server in this example is at 10.182.1.9. The Built In Bridge recording method
referenced in CUCM documentation equates to Network Recording in Calabrio documentation.
Assign record server:
Assign record type:
Agent / Device association
Where an ACD agent is always associated with a physical
device, find the device and select the associated agent from the agent column
drop down.
Agent / EM association
Where ACD agents are only
identified by EM profiles and not physical devices, assign the agent to the EM
profile, then leave device to "user login required ".
EM and Agent association
User Login Required
Non ACD Agent recording note
When a line to be recorded is NOT associated with an ACD
agent, you need to create a Knowledge Worker.
In User Administration, create a user.
License the user.
Then follow the Enable
device for recording and Agent /
Device association steps as usual (see steps above).
Note: because an Agent or Knowledge worker cannot be
associated with multiple physical devices, if you are attempting to record a
shared line, a separate user needs to be created and associated with each
device where the shared line is configured.
Monitoring calls note
The line to be called when a supervisor selects a call to be
monitored can be configured in the QM web GUI.
- The line must be unique / not be shared on multiple devices.
- The line must have the Monitoring Calling Search Space defined.
- The device where the line is configured must be controlled by the RMCM user.
Users wishing to monitor calls remotely can use IP
Communicator or a similar device, configured in the same fashion, to have calls
monitored directed off premise.