I couldn't find a good example of how to setup SIP trunk with CUCME/CME out there. Here is some information to help. I have a SIP trunk service from VoIP.ms to my lab.



CUCME version : 8.6

DID number : 703 544 xxxx
Local IP Phone number : 1001
SIP server washington.voip.ms (
SIP username : x8xxxx
SIP authorization username : x8xxx
SIP PWD : 3edcvfr4#



voice service voip
 ip address trusted list
  ipv4         !Current IP address for washington.voip.ms at the time of this writing.
 ip address trusted call-block cause not-in-cug
 clid substitute name
 allow-connections sip to sip
 no supplementary-service sip moved-temporarily
 no supplementary-service sip refer
  transport switch udp tcp
  asserted-id ppi
  localhost dns:dns.name.of.your.device
  midcall-signaling passthru
  no call service stop

  credentials username x8xxxx0 3edcvfr4# realm washington.voip.ms
  authentication username x8xxxxpassword 0 3edcvfr4# realm washington.voip.ms
  registrar 1 ipv4: expires 300

voice translation-rule 1
 rule 1 /703544xxxx/ /1001/
voice translation-profile INBOUND
 translate called 1

!This dial peer will match all incoming calls for an specific DID
dial-peer voice 1 voip
 translation-profile incoming INBOUND
 destination-pattern 703544xxxx !Switch the # with your DID Number
 session protocol sipv2
 session target ipv4: !Your Call Manager IP Address
 incoming called-number .
 dtmf-relay cisco-rtp rtp-nte
 codec g711ulaw
 no vad

!This dial peer is for outgoing calls
dial-peer voice 2 voip
 destination-pattern [2-9]..[2-9]......
 session protocol sipv2
 session target ipv4:: !Your preferred server's IP address 
 no voice-class sip early-offer forced
 clid network-number 703544xxxx
 dtmf-relay h245-alphanumeric
 codec g711ulaw
 no vad

!Incoming Dial-Peer
dial-peer voice 4 voip
 session protocol sipv2
 session target ipv4:: !Your preferred server's IP address
 incoming called-number .
 dtmf-relay cisco-rtp rtp-nte
 codec g711ulaw





- SIP signaling : TCP or UDP 5060 (TLS 5060)
- RTP : UDP 10000 ~ 20000

As long as your CUCME IP is already configured with "overload", all traffic should be fine.

* debug ip nat sip

 Tips and troubleshooting

1. Keep loose registration link

CME#show sip register status
Line                             peer       expires(sec) registered P-Associ-URI
================================ ========== ============ ========== ============
1000                             20007      1188         no
1001                             20001      1188         no
1002                             20003      1188         no
1003                             20005      1188         no
1004                             20006      1188         no
1111                             100        1188         no
184953                           -1         0            yes
2000                             20008      1189         no

CME#show sip registration service
SIP Service is up

CME#show sip registration status
SIP User Agent Status
SIP User Agent for UDP : ENABLED
SIP User Agent for TCP : ENABLED

SIP User Agent for TLS over TCP : ENABLED
SIP User Agent bind status(signaling): ENABLED
SIP User Agent bind status(media): ENABLED
SIP early-media for 180 responses with SDP: ENABLED
SIP max-forwards : 70
SIP DNS SRV version: 2 (rfc 2782)
NAT Settings for the SIP-UA
Role in SDP: NONE
Check media source packets: DISABLED
Maximum duration for a telephone-event in NOTIFYs: 2000 ms
Redirection (3xx) message handling: ENABLED
Reason Header will override Response/Request Codes: DISABLED
Out-of-dialog Refer: DISABLED
Presence support is DISABLED
protocol mode is ipv4

SDP application configuration:
 Version line (v=) required
 Owner line (o=) required
 Timespec line (t=) required
 Media supported: audio video image
 Network types supported: IN
 Address types supported: IP4 IP6
 Transport types supported: RTP/AVP udptl

Your router handling NAT will need to support SIP inspection to properly rewrite the SIP Headers.  These are usually calles SIP Application-Level Gateways (ALGs).  This can be a CUBE or ASA or any 3rd party gateway that supports SIP inspection and rewrite.




Last Updated (Wednesday, 16 March 2016 18:20)


Cisco Unified Call Manager Express(CUCME) provides software conference as a default feature that only allows 3 calling parties on the conferencHow to setup hardware conference bridge -meetme, Ad-hoc on CUCMEe.

CUCME also provides more scalable hardware based conference bridge. Yes, it requires addition DSPs. ( PVDM module )


Software Conference

- No additional hardware(PVDM module) is required.
- Max 3 calling parties in conference.
- The participants must all be using the same codec.
- Ad-hoc only.

Hardware Conference

- Additional hardware(PVDM module) is required
- Max 16 parites for Ad-hoc conference mode
- Max 32 parites for meetme conference mode.


Hardware conference feature provides Ad-hoc and Meetme conference mode.


Ad-hoc : The person controlling the conference presses the telephone conference button and adds callers one by one.

Meetme : Participants call in to a central number and are joined in a single conference.

*Participants whose end devices use different codec types are joined in a single conference; no additional transcoding resource is needed.

Last Updated (Tuesday, 08 March 2016 12:04)

Read more...


There are three ways to configure CDRs receiving from Cisco Unified Call Manager Express.

- Syslog Server
- RADIUS Server
- FTP Server

1. Syslog Server

1.-1. Pros

- Low Cost
- Quick Install
- Easy to configure
- Easy to interpriet (CSV format)

1-2. Cons

- Hard to read and parsing software needed.
- No CDR backup
- Syslog works over UDP(514)

1-3. Configuration

CUCME_Router(config)# Service timestamps log datetime msec localtime
CUCME_Router(config)# aaa new-model
CUCME_Router(config)# aaa authentication login default none / local
CUCME_Router(config)# aaa accounting connection h323 start-stop radius
CUCME_Router(config)# gw-accounting syslog
CUCME_Router(config)# logging host x.x.x.x ; syslog server IP


 1-4. Reference : Cisco CDR Logging Configuration with Syslog Servers

Last Updated (Tuesday, 23 February 2016 14:10)

Read more...


Here is collection of Cisco Troubleshooting Links



1. Troubleshooting and Debugging VoIP Call Basics



1. T1 PRI Troubleshooting

2. T1 Alarm Troubleshooting

3. Troubleshooting Serial Line Problems

4. T1 Troubleshooting


Module (FXO/FXS)

1. Troubleshooting No Dial Tone Issues




More to come

Last Updated (Thursday, 25 February 2016 12:41)


If you have a lot of devices on your network, centralized authentication server is always handy for efficient control of devices, convenient and scalable.  I don't know about you, but I cannot remember or track all the passwords that are not using all the time. You don't have to use Microsoft Windows Server, since a lot of opensource RADIUS server out there. However, If you have a Microsoft Windows client on your network, probably you already have one. This article will explain how to setup Windows Server 2012 as a RADIUS authentication server in steps. Network Policy Server(NPS) will provide RADIUS server functionality and for the RADIUS client, we will use Cisco 3750 Switch in this case. Let's start.

Microsoft Windows Server 2012 as a RADIUS Authentication Server for Cisco Router & Switch


OS : Microsoft Windows Server 2012 essential. 4G RAM
Window server is joined as domain server.
IP : 


 1. Create a user group for specific people can access desiganted device to access. In this case, user group name is "Network_Eng"


Last Updated (Tuesday, 21 April 2015 21:42)

Read more...


Here is everything you need to know about Cisco Unity Express license activate, install and transfer. It shouldn't be that hard or difficult, but if you are not dealing with this stuff in everyday, it get confuse you easily.



Router platform : Cisco 2921
CME version : Ver 9.5
CUE module : ISM-SRE-K9-300
CUE version : ver 8.6.9
CUE license : 5 user license x 5

1. License volume & cost

; Buy it online where you get cheapest cost.

L-FL-CUE-MBX-5= : About $65 ~ 75
SCUE-LIC-25CME= : About $125 ~ 135
SCUE-LIC-50CME= : About $340 ~ 350
SCUE-LIC-100CME= : About $680 ~ 700
SCUE-LIC-100CME= : About $ xxx


2. Product Authorization Key(PAK) and registeration

- You will receive a paper with "Product Authorization Key(PAK)"


- Go to www.cisco.com/go/license and login with your CCO account
- And click "Continue Product License Registration"





- Put the PAK or Token ID and click "Fulfill " Buttom (See below picture)




- Check box for terms & condition and review your owner's info.

- Put a Unique Device Identifier(UDI) for CUE module(in this case ISM-SRE-K9-300)

* Do not put router's UDI#

- To find UDI of SRE module where is CUE installed, you must login SRE module


CUE_License# show license udi

Device# PID                     SN                      UDI
*0      ISM-SRE-300-K9          FOCX8313XBXX             ISM-SRE-300-K9:FOCX8313XBXX










- Generate a license file, *.llc (download or email to you)



- Downlaod and put it on FTP server (in this case, using Filezilla Server edition)


Last Updated (Tuesday, 10 November 2015 10:58)

Read more...

Content View Hits : 1607511
Highly recommended firewall vendor?
Google Translation
English Arabic Chinese (Simplified) Czech Dutch French German Italian Korean Portuguese Russian Spanish Filipino Vietnamese Thai Turkish
BGP routing issue?
World Route Servers
Who's Online
We have 9 guests online
network monitoring tool