class-map match-all Voice
match ip dscp ef
match protocol rtp
class-map match-any Signaling
match protocol h323
match protocol rtcp
match protocol rtsp
match protocol sip
match protocol skinny
!
policy-map QoS-Policy-1
class Voice
set dscp ef
priority percent 30
class Signaling
set dscp cs3
bandwidth percent 5
class class-default
fair-queue

interface Outside
bandwidth xxxxxx <– be sure to define bandwidth kilobits
service-policy output QoS-Policy-1

TRIAD Telecom Specific Settings

voice class sip-profiles 1
request INVITE sip-header Allow-Header modify “.UPDATE,.” “..”
request REINVITE sip-header Allow-Header modify “.UPDATE,.” “..”
response 200 sip-header Allow-Header modify “.UPDATE,.” “..”
response 180 sip-header Allow-Header modify “.UPDATE,.” “..”

WINDSTREAM Specific Settings – (where 22.33.44.55 is local sip handoff)

sip
pass-thru content sdp

voice class sip-profiles 1
request INVITE sip-header Allow-Header modify “.UPDATE,.” “..”
request REINVITE sip-header Allow-Header modify “.UPDATE,.” “..”
response 200 sip-header Allow-Header modify “.UPDATE,.” “..”
response 180 sip-header Allow-Header modify “.UPDATE,.” “..”
request ANY sdp-header Connection-Info modify “0.0.0.0” “22.33.44.55”
request ANY sdp-header Audio-Connection-Info modify “0.0.0.0” “22.33.44.55”
request ANY sdp-header Audio-Attribute modify “inactive” “active”

dial-peer voice 5000 voip
description SIP INBOUND
preference 1
destination-pattern 91022209..$
session protocol sipv2
session target ipv4:10.20.1.1
incoming called-number 91039209..$
voice-class sip profiles 1
dtmf-relay rtp-nte
codec g711ulaw
clid strip name
no vad

dial-peer voice 6000 voip
description SIP 10DIG OUTBOUND
destination-pattern [2-9]………
no modem passthrough
session protocol sipv2
session target sip-server
voice-class sip early-offer forced
voice-class sip profiles 1
dtmf-relay rtp-nte
codec g711ulaw
fax rate disable
fax protocol t38 version 0 ls-redundancy 2 hs-redundancy 0 fallback cisco
ip qos dscp cs5 media
ip qos dscp cs4 signaling
no vad

interface GigabitEthernet0/0
description Internet
ip address 24.175.29.2 255.255.255.252
crypto map VPN

interface GigabitEthernet0/1.10
description Data
ip address 10.2.0.1 255.255.0.0
ip policy route-map RM-PBR

interface GigabitEthernet0/1.20
description Voice
ip address 10.200.0.1 255.255.0.0
ip policy route-map RM-PBR

interface GigabitEthernet0/2
description Metro-E
ip address 10.120.0.2 255.255.255.0

track 1 ip sla 1 reachability
delay down 5 up 5
!
track 2 ip sla 2 reachability
delay down 5 up 5

route-map RM-PBR permit 10
description Prefer Data out VPN
match ip address ACL-Data
set ip next-hop verify-availability 24.175.29.1 10 track 1
set ip next-hop verify-availability 10.120.0.1 20 track 2

route-map RM-PBR permit 20
description Prefer Voice out Metro
match ip address ACL-Voice
set ip next-hop verify-availability 10.120.0.1 10 track 2
set ip next-hop verify-availability 24.175.29.1 20 track 1

ip sla 1
icmp-echo 8.8.8.8
frequency 10
ip sla schedule 1 life forever start-time now
ip sla 2
icmp-echo 10.120.0.1
frequency 10
ip sla schedule 2 life forever start-time now
ip sla auto discovery

ip access-list extended ACL-Data
permit ip 10.2.0.0 0.0.255.255 10.1.0.0 0.0.255.255
permit ip 10.2.0.0 0.0.255.255 10.3.0.0 0.0.255.255

ip access-list extended ACL-Voice
permit ip 10.200.0.0 0.0.255.255 10.100.0.0 0.0.255.255
permit ip 10.200.0.0 0.0.255.255 10.300.0.0 0.0.255.255

interface Vlan99
description guest
ip address 10.99.99.1 255.255.255.0
ip access-group Public-Out in

ip access-list extended Public-Out
permit udp any any eq bootps
deny   ip 10.99.99.0 0.0.0.255 192.168.0.0 0.0.255.255
deny   ip 10.99.99.0 0.0.0.255 172.16.0.0 0.0.15.255
deny    ip 10.99.99.0 0.0.0.255 10.0.0.0 0.0.0.255
permit ip 10.99.99.0 0.0.0.255 any

monitor capture buffer CAPTURE_IN size 8096 max-size 9000 circular
monitor capture buffer CAPTURE_OUT size 8096 max-size 9000 circular
monitor capture point ip cef CAP_in GigabitEthernet0/0 both
monitor capture point ip cef CAP_out GigabitEthernet0/1.98 both

monitor capture point associate CAP_in CAPTURE_IN
monitor capture point associate CAP_out CAPTURE_OUT

***************************************************

monitor capture point start CAP_in
monitor capture point start CAP_out

monitor capture point stop CAP_in
monitor capture point stop CAP_out

 

to download pcap:
monitor capture buffer CAPTURE_IN export tftp://1.1.1.2//Capturein.pcap
monitor capture buffer CAPTURE_OUT export tftp://1.1.1.2//Captureout.pcap

https://supportforums.cisco.com/docs/DOC-32870

Verification Commands:

1) show monitor capture PCAP buffer dump

2) show monitor capture PCAP parameter

 

Troubleshooting Commands:

1) debug epc capture-point

2) debug epc provision

kron occurrence BACKUP in 24:00 recurring
policy-list Daily
!
kron policy-list Daily
cli show run | redirect tftp://172.16.0.1/Current_UC_Backup.conf

or…………

kron occurrence wBackup in 7:0:0 recurring
policy-list Daily
!
kron policy-list Daily
cli copy running-config flash:backupconfig.cfg

New York:

crypto isakmp key pr3sh4r3dk3y! address 2.2.2.2 no-xauth

crypto ipsec transform-set GRE esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile GRE_Tunnel
set transform-set GRE

interface Tunnel1
description GRE to Miami
ip address 192.168.1.1 255.255.255.0
delay 100
tunnel path-mtu-discovery
tunnel source GigabitEthernet0/1
tunnel destination 2.2.2.2
tunnel protection ipsec profile GRE_Tunnel

interface GigabitEthernet0/1
ip address 1.1.1.1 255.255.255.252

Miami:

crypto isakmp key pr3sh4r3dk3y! address 1.1.1.1 no-xauth

crypto ipsec transform-set GRE esp-des esp-md5-hmac
mode transport
!
crypto ipsec profile GRE_Tunnel
set transform-set GRE

interface GigabitEthernet0/1
ip address 2.2.2.2 255.255.255.252

interface Tunnel1
description GRE to New York
ip address 192.168.1.2 255.255.255.0
delay 100
tunnel path-mtu-discovery
tunnel source GigabitEthernet0/1
tunnel destination 1.1.1.1
tunnel protection ipsec profile GRE_Tunnel

image naming convention:
w7 = autonomous
w8 = lwapp

To downgrade LWAPP to autonomous
================================
1. plug a tftp server directly into AP
2. download latest c1140-k9w7.. rename to c1140-k9w7-tar.default
3. configure tftp server to 10.0.0.10/24
4. hold down mode button until red
5. AP will grab image and boot to autonomous

To upgrade autonomous to LWAPP
=================================
Pre 12.2 code – use upgrade utility

Newer APS:

1. Download latest LWAPP image from cisco website
2. Put laptop running tftp and access point on same network
3. Run the command below

AP# archive download-sw /overwrite /reload tftp://10.222.0.74/c1140-k9w8-tar.152-2.JB.tar