f



Transparent Proxy on C3620

Hello

I have this situation:


Edge Router - dmz side 172.16.0.14


DMZ Network 172.16.0.0/28
I have here some servers, for example:
172.16.0.1 mail server
172.16.0.8 backup server, etc
172.16.0.7 proxy-server (planned) . listening on port 8080



C3620:
ETH1/0 - to DMZ 172.16.0.10/28 ip nat out
ETH1/1 - to LAN (aka Main LAN)192.168.1.254/24 ip nat in
ETH1/2 - detachment LAN (aka secondary LAN) 192.168.200.1/28 ip nat in


I would like that every user wich connect from the ETH1/1 or from the eth1/2 
transparently, withouth configuring anything on the pc, goes via the proxy
I have googled and I found the transparent proxy "function".
http://www.grape-info.com/doc/cisco/router/contents/example-tproxy.html
I tried to implement it, and tried to test an "smtp-redirect" - to forward 
every request from the LAN (both primary or secondary) that were directed to 
a remote smtp server (TCP 25) to the mail server that sits in the DMZ

I configured in this way (this is a summary of the config of the C3620 with 
NM-4E and a NM-1FE-TX and 12.3(24) IOS)


!
interface Ethernet1/0
 description DMZ Link
 ip address 172.16.0.10 255.255.255.240
 ip verify unicast reverse-path
 no ip redirects
 no ip proxy-arp
 ip nat outside
 ip inspect OUT-IN in
 no ip mroute-cache
 full-duplex
 no cdp enable
 hold-queue 100 in
 hold-queue 100 out
!
interface Ethernet1/1
 description LAN Ethernet Link
 ip address 192.168.1.254 255.255.255.0
 ip verify unicast reverse-path
 no ip redirects
 no ip proxy-arp
 ip nat inside
 ip inspect IN-OUT in
 no ip mroute-cache
 ip policy route-map smtp-redirect
 full-duplex
 no cdp enable
 hold-queue 100 in
 hold-queue 100 out
!
interface Ethernet1/2
 description Wireless Link Point-to-Point to Santerno (RA)
 ip address 192.168.200.1 255.255.255.240
 ip verify unicast reverse-path
 no ip redirects
 no ip proxy-arp
 ip nat inside
 ip inspect IN-OUT in
 no ip mroute-cache
 half-duplex
 no cdp enable
 hold-queue 100 in
 hold-queue 100 out
!
interface Ethernet1/3
 no ip address
 shutdown
 half-duplex
!
ip nat translation timeout 3600
ip nat translation tcp-timeout 1200
ip nat translation udp-timeout 100
ip nat translation finrst-timeout 15
ip nat translation syn-timeout 45
ip nat translation icmp-timeout 120
ip nat inside source list 102 interface Ethernet1/0 overload
no ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 172.16.0.14
!
!
logging history debugging
logging trap debugging
logging facility syslog
logging 192.168.1.2
access-list 102 deny   ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 102 permit ip 192.168.1.0 0.0.0.255 any
access-list 102 deny   ip 192.168.200.0 0.0.0.15 192.168.1.0 0.0.0.255
access-list 102 permit ip 192.168.200.0 0.0.0.15 any
access-list 110 permit ip 192.168.1.0 0.0.0.255 192.168.2.0 0.0.0.255
access-list 130 deny   tcp any any neq smtp
access-list 130 deny   tcp host 172.16.0.1 any
access-list 130 permit tcp any any
no cdp run
!
route-map smtp-redirect permit 10
 match ip address 130
 set ip next-hop 172.16.0.1





I am not able to let it work. In this "example" I tried to redirect every 
smtp request (to remote 25) to the mailserver in DMZ. I am not able to do 
that...

My planned Idea is that every request going to remote port 80 or 443 to be 
redirected to 172.16.0.7:8080

Thank you to anyone would help me :)


-- 
Elia Spadoni
Network Administrator

Spadhausen Corporation
admin@GRUMBLEspadhausen.com 


0
admin9338 (46)
5/4/2008 4:04:38 PM
comp.dcom.sys.cisco 25313 articles. 0 followers. Post Follow

2 Replies
8958 Views

Similar Articles

[PageSpeed] 20

In article <XdKdnXGwK-YXQ4DVRVnyggA@kpnqwest.it>,
Elia Spadoni <admin@NOSPAMspadhausen.com> wrote:
[..]
>I tried to implement it, and tried to test an "smtp-redirect" - to forward 
>every request from the LAN (both primary or secondary) that were directed to 
>a remote smtp server (TCP 25) to the mail server that sits in the DMZ
[..]

	A SMTP redirect is more complicated than this...

	http://paleale.net/email/Email%20RedirectionXXX.htm

	http is much easier because of WCCP

	http://wiki.squid-cache.org/ConfigExamples/FullyTransparentWithTPROXY?highlight=%28proxy%29%7C%28traNSPARENT%29

				alan
0
paleale
5/4/2008 4:45:23 PM
Hello, I don't want to get it complicated..

I just wanted to forward any request from the lan client (from the canonic 
fast0/0 -> serial0/0 for example)
to remote ports 80 and 443 to an IP in my dmz (on the router fast0/1) to 
port 8080.

I am not able to find the right syntax 


0
Elia
5/5/2008 10:30:39 AM
Reply:

Similar Artilces:

Cisco!! Cisco!! Cisco!!
From http://groups.google.com/group/comp.dcom.sys.cisco/about Top posters This month 18 mer...@geeks.org 11 alagmy 10 bo...@hotmail.co.uk 9 galt...@hotmail.com 9 nom...@example.com 8 troffa...@hotmail.com 8 igor.mamuzicmakni_...@zg.t-com.hr 7 pfisterf...@gmail.com 7 darfun....@gmail.com 6 jfmezei.spam...@vaxination.ca All time 4799 rober...@ibd.nrc-cnrc.gc.ca 2930 aaron@cisco.com 2813 Merv 2370 t...@cisco.com 2356 vcjo...@networkingunlimited.com 1984 b...@cisco.com 1959 bar...@genuity.net 1898 hb...@_nyc.rr.com.remove_ 1745 u...@alp.ee.pbz 1670 bar...@bbnplanet.com -- Member - Liberal International This is doctor@nl2k.ab.ca Ici doctor@nl2k.ab.ca God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.myspace.com/502748630 Born 29 Jan 1969 Redhill,Surrey,England UK ...

Transparant over transparant over ...
Hya, I'm looking for a way to create the following. I want to have a few circles (lets say 4) on top of each other. The bottom circle is the biggest, the top is the smallest. I want to have the effect of them really being on top of each other, but seen from above. From aside it would be something like (the dots are just for spacing) ....xx... ...xxxx.. ..xxxxxx. xxxxxxxx But next, I want all these circles to be transparant. I'm going to use this image on a website and want to be able to use any background color as possible. What is the best way to create this? I'm using The ...

transparent proxy
hi i want to program a small transparent proxy for web content filtering. it should filter html sites that contain some configured words. but i dont want the user knows it so without configuring the browser. how can i program it with visual c++ or c? thanks oleg i think you need configure gateway. squid and iptables can do this. "oleg" <oleg2@gmx.de> ??????:68886baa.0409011350.6a565fcb@posting.google.com... > hi > i want to program a small transparent proxy for web content filtering. > it should filter html sites that contain some configured words. but ...

iptables transparent proxy
Hi, I'm trying to do something very simple. I would like to forward all of my browsers requests to port 8888 on which a proxy server is listening. I have a hardware router (ADSL) on 192.168.1.1 and my linux machine (Debian/testing Kernel 2.6.5) has the ip 192.168.1.4. I have read the mini howto, set up the kernel networking options and enabled ip forwarding (echo "1">). Then I added the following rule: iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888 However, requests do not get redirected to port 8888. I have done this years before using iptables, so I'm not a complete novice. What am I doing wrong? I managed to log outgoing packages by adding a LOG target to the OUTPUT chain: Jun 11 14:00:59 debian kernel: IN= OUT=eth0 SRC=192.168.1.4 DST=216.239.51.147 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=38360 DF PROTO=TCP SPT=33079 DPT=80 WINDOW=34320 RES=0x00 ACK URGP=0 .... However, I think the iptables command above should work? What am I doing wrong, or what could be the solution? Fritz Bayer <fritz-bayer@web.de> wrote: > Hi, > > I'm trying to do something very simple. I would like to forward all of > my browsers requests to port 8888 on which a proxy server is > listening. > > I have a hardware router (ADSL) on 192.168.1.1 and my linux machine > (Debian/testing Kernel 2.6.5) has the ip 192.168.1.4. How is your network structured? For transparent proxying to work ok, your cache needs ...

transparent SOCKS proxy
How can I configure my router to route traffic from LAN to the Internet through a SOCKS5 proxy? Any link to further documentation on that would be helpful, too. Thanks, Tobi Tobias Wagner wrote: > How can I configure my router to route traffic from LAN to the Internet > through a SOCKS5 proxy? > Any link to further documentation on that would be helpful, too. You can use sockified applications to use the socks proxy, or you can use the sockify program to use applications that can't handle the protocol. > Thanks, > Tobi Regards. -- Jose Maria Lopez Hernandez Director Tecnico de bgSEC jkerouac@bgsec.com bgSEC Seguridad y Consultoria de Sistemas Informaticos http://www.bgsec.com ESPA�A The only people for me are the mad ones -- the ones who are mad to live, mad to talk, mad to be saved, desirous of everything at the same time, the ones who never yawn or say a commonplace thing, but burn, burn, burn like fabulous yellow Roman candles. -- Jack Kerouac, "On the Road" Jose Maria Lopez Hernandez schrieb: > Tobias Wagner wrote: > >> How can I configure my router to route traffic from LAN to the >> Internet through a SOCKS5 proxy? >> Any link to further documentation on that would be helpful, too. > > > You can use sockified applications to use the socks proxy, No I can't. I have no access to the clients. I only have access to the _router_. > or you can use the sockify program to u...

IPCop and transparent proxy
I have installed an IPCOP PC, and I have a couple of problems. I installed an 1.4.4 version, with advanced proxy, on a 3 nics PC. On the Orange nic (DMZ) I have installed a mail server. From the Red nic I forward port 22 and port 25 to the mail server. The first problem is that transparent proxy works *always*. I want to disable it, but my lan pcs can browse the internet, even if I don't configure their browser (IPCOP is the default gateway). There is a way to disable it manually (not following the menu, that doesn't work) ? The second problem is that pcs are very, very slow to download the mail. They are fast to send, but slow to download. I don't think this is an hardware problem, but I imagine something about configuration...but what ? Thanks for the help, Leo ...

Transparant vs Proxy
Until now we have an older FW-1 (NT) and a dedicated proxy-server in DMZ-zone with Trend VirusWall wich controll incomming http and smtp. All direct communication between LAN and Internet is blocked by FW-1-rules. The LAN is hosting an NT-domain with several locations (Dedicated WAN-lines), 3 Exchange servers and somewhere under 150 workstations. We are now about to replace FW-1 with a Fortinet-box. Fortinet have build in virusscanning for both SMTP and HTTP. I wonder, is it good id�e to retire the Proxy, and leave the virus-protection to the Fortinet-box alone or are that not recomanded? best regards Yngve In article <stkpp05n6hicop2n8ju2v22nik707q0a2d@4ax.com>,=20 y@test_oeines.com says... > We are now about to replace FW-1 with a Fortinet-box. Fortinet have > build in virusscanning for both SMTP and HTTP. I wonder, is it good > id=E9e to retire the Proxy, and leave the virus-protection to the > Fortinet-box alone or are that not recomanded? I use the SMTP and HTTP proxy services on my firewall to remove=20 ATTACHMENTS and other undesirable items. I also use a corporate edition=20 of AV software on the email server (scans the SMTP sessions and stores)=20 and each node. --=20 --=20 spamfree999@rrohio.com (Remove 999 to reply to me) Yngve �ines <y@test_oeines.com> wrote in message news:<stkpp05n6hicop2n8ju2v22nik707q0a2d@4ax.com>... > We are now about to replace FW-1 with a Fortinet-box. Fortinet have > build in virusscanning for ...

Squid
I am running FreeBSD 4.9 I386 Recently installed squid 2.5 Stable6. Working like a champ. I want to set up the FreeBSD box as my default gateway, so there is no possibility of anybody by-passing the proxy. Currently I have set up an automatic configuration script and grayed out the Proxy settings in IE. This works, but I would prefer to have the FreeBSD box as my default gateway. If anybody can point me to a document which tells me how to set this up, it would be appreciated. Additional Info: Cisco Pix 506E Firewall is the Default Gateway and is also responsible for NAT and PAT. Thanks in advance, Gianni Gianni wrote: > I am running FreeBSD 4.9 I386 > > Recently installed squid 2.5 Stable6. Working like a champ. > > I want to set up the FreeBSD box as my default gateway, so there is no > possibility of anybody by-passing the proxy. Currently I have set up an > automatic configuration script and grayed out the Proxy settings in IE. > This works, but I would prefer to have the FreeBSD box as my default > gateway. > > If anybody can point me to a document which tells me how to set this up, > it would be appreciated. > > Additional Info: > > Cisco Pix 506E Firewall is the Default Gateway and is also responsible for > NAT and PAT. Easy (apart from the need to learn Cisco commands!). Just tweak the PIX config to redirect all requests to your FreeBSD box (unless the request...

Proxy, Tunneling & Proxy Within Proxy
Hello: Our organization recently made it necessary for web browsers to use a proxy to access the web. The .pac file reads as such: function FindProxyForURL(url, host) { var proxyOn = "PROXY 10.2.2.254:8080"; var proxyOff = "DIRECT"; if(isInNet(myIpAddress(), "10.0.0.0", "255.0.0.0")) { if(isInNet(host, "10.0.0.0", "255.0.0.0")) return proxyOff; else return proxyOn; } else return proxyOff; } So with the .pac file, the browser has Internet access. Other programs do not function, and I'm looking for a software recommendation to port all programs that seek web service to pass through the proxy. I am also looking for a way, if possible, to proxy within a proxy. Meaning that while it is necessary for web browsers to use this .pac file to access the Internet, that another proxy can be set to be able to access Internet sites through an external server. Any ideas? Thanks. ...

Transparent HTTP proxy through NAT
Hi, I've got a remote system connected to the internet that I'm trying to connect to. The remote system runs a web server, on port 80. The remote system is behind NAT, so connections cannot be directly made to it, and the NAT system cannot be configured (it's connected via a GPRS card, and the service provider cannot allow port forwarding. But I can make connections out from the remote system. So what I have devised is a couple of applications: One sits on a server machine on the internet which I can make connections to. This application listens for connections from my web browser, and connections from the remote application. The other (the remote application) sits on the remote system, and establishes a socket connection to the web server, and a connection to the server application. Each of these programs transfers data transparently between it's two connections, effectively creating a "tunnel" between the web browser and the web server. I've tested the application with telnet (to a telnet server), and it works correctly. However, when I connect to a web server through it, I get corrupted web pages. I've checked the data being sent through the system, and it appears that the web browser is getting confused with the responses from the web server, causing images in the wrong place, and images not to appear. From my analysis, I can only surmise that the web browser is being confused because the TCP connection essentially ends at the s...

Cisco ACNS Proxy + TCP_MISS
Hi All, In regards to the ACNS Proxy hardware appliance, I have recently installed a unit and although it is performing well enough, we are not seeing anything for savings about 18% for total cache bytes. For total sites I am seeing above %30 but this does not help. As the byte count miss is so high. One entry I am seeing a lot of in relation to a TCP_MISS is a URL with a "?" within the URL. And any site that contains this is being classified a a TCP_MISS. This is causing issues with the total byte counts and not allowing amy more than 18% for cache hits. I have a call logged wit...

making a classic proxy transparent
Our department sets up new computers for clients. We open the box, install software, apply updates, update virus software, etc. Our department lan uses a proxy server, which is off-limits to us, so we are not allowed to change it at all. Our problem is that we much manually enter the proxy into each XP machine, and sometimes we forget to take it out. Many of these computers are going to other networks, or homes, and we are taking a lot of calls from angry clients about removing the proxy. On our network, these new machines are assigned an IP address by the DHCP server. We have a switch in our department to which we attach all these new computers. Aside from manually entering the proxy url and port into each new machine, we don't change the out of box configurations in any permanent way. The problem is when we forget to remove the proxy, we are changing it in a way that is problematic for our customers. Is there a way to put a windows 2000 server machine or a linux machine between our switch and the lan connecton that will allow us to skip the step of entering the proxy url? To put it another way, can we make the proxy server transparent? I've heard of transparent -Jeff proxying, could it be used? Would a machine forwarding port 80 to the port on the proxy server work? Can a machine be made to autoconfigure the clients via wpad? Any help would be appreciated. -Jeff Jeff wrote: ...... > Is there a way to put a windows 2000 server machine or a linux machin...

Transparent proxy configuration problem.
I have the following: 1. A router with IP ROUTER_IP connected to my DSL ISP whose proxy is ISP_PROXY_IP:8080 2. A SuSE Linux server with two Ethernet card : eth0: connected to my local network 129.2.0.0/16 and has a static IP INT_SERVER_IP eth1: dhcp with ISP router 3. FC4,SuSE Linux and windows XP clients on my local network 129.2.0.0/16 which have static IPs and gateway set to INT_SERVER_IP. To help my network clinets to work with transparent proxy; I run on my Linux server the following commands: * iptables -t nat -A PREROUTING -i eth0 -s ! ISP_PROXY_IP -p tcp --dport 80 -j DNAT --to-destination ISP_PROXY_IP:8080 * iptables -t nat -A POSTROUTING -o eth1 -s 129.2.0.0/16 -d ISP_PROXY_IP -j SNAT --to INT_SERVER_IP * iptables -A FORWARD -s 129.2.0.0/16 -d ISP_PROXY_IP -i eth0 -o eth1 -p tcp --dport 8080 -j ACCEPT My problem is that my clients can't access internet till now. Is there any debug way to show me the route my packets pass through in my server firewall??? Eng. Fawzy Ibrahim wrote: > I have the following: > > 1. A router with IP ROUTER_IP connected to my DSL ISP whose proxy is > ISP_PROXY_IP:8080 > 2. A SuSE Linux server with two Ethernet card : > eth0: connected to my local network 129.2.0.0/16 and has a static > IP INT_SERVER_IP You shouldn't use public addresses 129.2.0.0/16 in a local network. Change them to 192.168.0.0./16 for example. > eth1: dhcp with ISP router >...

Cisco SIP Proxy Server
Hello: Does anyone have experience on working with Cisco SIP Proxy Server in a VOIP project? I have some questions, such as can you use a Cisco AS5300 with it? does the CSPS generate CDR's? and if so, in what format are these CDR's? Any help is appreciated. J. ...

Iptables Transparent Proxy and Browser on localhost
Hello, I have written a java http proxy, which accepts http connections on the localhost at port 8080 and forwards them to the authority in the internet. I would like the proxy to be transparent so that my browser's requests to port 80 are redirected to port 8080 on the localhost. The proxy then opens a new tcp connection and forwards the result to the connection originally established by the browser. The important thing to notice is that I only have one linux pc, and so ALL requests are originating from localhost, and that all connection request are having the destination port 80. I'm looking for a set of iptable rules, that redirect the requests from the browser to the proxy BUT that do not redirect any requests of the proxy to itself. So I really need some rules, which can differentiate between HTTP connections originating from the browser and the proxy. Those connections originating from the browser should be forwarded to the proxy. Those of the proxy should leave my box and go to the internet. I have googled a lot and read the howtos and the manpages, but I can't figure out how to distinguish connections of the browser from the proxy's connection requests, since they are all leaving the same interface. Any ideas? Fritz Bayer wrote: > Hello, > > I have written a java http proxy, which accepts http connections on > the localhost at port 8080 and forwards them to the authority in the > internet. > > I would like the proxy to...

Problem while loggin transparent proxy setup.
I have setup a transparent proxy with the help of squid and iptables. The problem is that while the system works and http conecctions are transparently managed by the squid proxy the /var/log/squid/access.log I_S N_O_T updated. On the opposite, if I just configure clients to manually use the proxy the /var/log/squid/access.log is updated (client connections are logged). Thanks in advance for any help, hint or link! Enrique Arizon OK problem solved. For anyone else interest it all reduced to a wrong setup in the Squid trusted networks. 10.0.0.0 was allowed (client access) but 127.0.0.0 was not (transparent proxy with iptables). That produced "random bugs". e_arizon_benito@yahoo.com (Enrique Ariz?n Benito) wrote in message news:<4eb64fb0.0504040312.1dc1313f@posting.google.com>... > I have setup a transparent proxy with the help of squid and iptables. > The problem is that while the system works and http conecctions are > transparently managed by the squid proxy the /var/log/squid/access.log > I_S N_O_T updated. On the opposite, if I just configure clients to > manually use the proxy the /var/log/squid/access.log is updated > (client connections are logged). > > Thanks in advance for any help, hint or link! > > Enrique Arizon ...

Apache Transparent Proxy and Firewall configuration
Hello again everybody, I have an apache transparent proxy server running and was trying to disable all LAN access except for the proxy server. I thought that this is what I need to do in order to only allow the clients to use the proxy server (Apache) to access the internet. Here's what I did... - I disabled all LAN access on the firewall (a sonicwall in this case) and created a rule to allow all traffic from only the proxy server to go out. The proxy is located on the LAN as well. This seems to work but browsing *really* slow. The web browser is configured to use the proxy server at ...

Transparent Print Server jetdirect proxy
Hi, I've been having a lot of problems with an hp laser printer. It has a jet direct card in it (uses port 9100). People send it strange print jobs that crash it or cause it to require user input. Is there a way (I know there must be) to intercept port 9100 and form a print que of the jobs logging where the job is from. Only send properly formatted jobs to the printer (if it's possible and/or easy to inspect jobs for A4 not letter sized paper etc etc) and then send them on to the printer? When there is a problem at the moment I end up sitting in my office arpspoofi...

Cisco VPN Client through http proxy
Hi, I am in a campus where all the outgoing internet connection is thorough a http proxy. I want to use Cisco VPN client to make a VPN connection to a server outside my campus, can someone please tell me how to configure the VPN client to use the proxy server to make the outgoing connection(on Linux and Windows). I could not find this option anywhere and also could not find any relevant resource in the net. I dont know if this is the right forum, if not, I will be grateful if someone points me to the proper place to post this question. Thanks! Vishwas. vishwas.bhari@gmail.com wrote: > ...

Transparent proxy with Squid and Apache problem
Hi all, I have a problem getting squid and apache to work together. Basically I have Squid set up (and working) as a transparent proxy. But when I start Apache, neither it nor squid works. If I stop squid I can run Apache just fine. I am using RH 7.1 (2.4.2-2) and I have 2 NICs in the server, one with public ip and one with 192.168.10.x I told Apache to use port 81 and I have told Squid the following: httpd_accel_host virtual httpd_accel_port 81 httpd_accel_with_proxy on But it doesn't work. when I don't run apache and instead tell squid this: httpd_port 80 Then squid works fine as a transparent cache. the problem as I can understand it is that in order for squid to work as transparent cache then it must have the http accellerator on (and it *must* use the: httpd_accel_host virtual option), but if I put the FQDN of the server instead of the 'virtual' then it doesnt work. So how to overcome that? I should mention I am using IPCHAINS, and it is set up as follows: ipchains -A input -J REDIRECT 3128 -p tcp -s 0.0.0.0/0 -d 0.0.0.0/0 80 I also have MASQUERADING turned on for the 'forward' chain in order for the internal LAN to access the public internet. The policy is 'ACCEPT' for both input and output chains. And as you can see squid runs on port 3128. Any ideas, things to try etc. would be much appreciated. Thanks. Pls. reply also to tobias @ itservices . co . mz Tobias Skytte ...

cisco 1721 with proxy arp and vpn
Hi, I bought a cisco 1721 that I was using just for site to site vpn. Now I want to take advantage of all the features of the equipment and use it in the following configuration: internet | | <cisco1721-public address>----[vpn]------<remote site> || || || <firewall-public address> | | | [internal net - private address] So, I need to be able to do the following: 1. Proxyarp a public address to my second firewall (i have some ip addresses...

Cisco 796xs SIP Backup proxy
Hi all, I have question about how the SIP backup proxy function works in Cisco handsets. Im using both 7960 and 7961G. Im connecting them to 2 Asterisk servers (dont shoot me!!) and they work, very well, Asterisk1 is primary proxy and ASterisk 2 is backup proxy. I know that they are B2BUA not true SIP proxies, but Im not sure thatshould make any difference. All handsets register to both Asterisk servers, they register to Asterisk1 first and a telnet or ssh to the phone and a "#show config" on the phones show that they are registered to the backup. Problem is that when i drop ...

HTTP proxy on Cisco 7940 phones?
Hi all, We are looking at developing in support for Cisco 7940/60 phones for our product. I was wondering if there anyone out there that knew if you need to have a Cisco Callmanager running in order to browse XML websites from the phone (services)? Our application can output many forms of XML, however our test phone just seem to return a 'Parser Error' for each type. We are using the phone in standalone mode with SIP. So, can we use any old HTTP proxy, or do you need to run Call Manager...? Kind regards, Jeff On 15 Jul 2003 11:56:53 -0700, jeff@emojo.com (Jeff Rhys-Jones) wrote: >Hi all, > >We are looking at developing in support for Cisco 7940/60 phones for >our product. I was wondering if there anyone out there that knew if >you need to have a Cisco Callmanager running in order to browse XML >websites from the phone (services)? > >Our application can output many forms of XML, however our test phone >just seem to return a 'Parser Error' for each type. > >We are using the phone in standalone mode with SIP. > >So, can we use any old HTTP proxy, or do you need to run Call >Manager...? > >Kind regards, > >Jeff The Call Manager isn't involved once the phone is pointed to a webpage. Have you looked at the Cisco IP Phone Service Dev Kit? It explains all of the acceptable xml tags and format. The phones are pretty picky and will throw an error if the syntax...

Cisco SIP Proxy Server question
Hi, I'm using a Cisco SIP Proxy server with a number of Cisco SIP Phones. THE PROBLEM: - Let's say a user A is making a call. - At ANY point, we would like to be able to temporarily deliver a voice message on that same conversation. If impossible, we'd like the present conversation to go on hold, while we're delivering a voice message to this user. Could you please suggest a possible solution that you have seen working? Thank you very much in advance. Keywords: SIP call notification, alert, interruption, on hold. ...