CISCO CALL MANAGER BEST PRACTICES....

CISCO CALL MANAGER BEST PRACTICES....

http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_tech_note09186a00807f8b31.shtml

Using PPTP for Remote Access

This section describes how to implement the Point-to-Point Tunneling Protocol (PPTP) using the PIX Firewall. It contains the following topics:

•Overview

•PPTP Configuration

•PPTP Configuration Example

Overview

The firewall provides support for Microsoft PPTP, which is an alternative to IPSec handling for VPN clients. While PPTP is less secure than IPSec, PPTP may be easier in some networks to implement and maintain.

The vpdn command implements the PPTP feature for inbound connections between the firewall and a Windows client. Point-to-Point Tunneling Protocol (PPTP) is a Layer 2 tunneling protocol, which lets a remote client use a public IP network to communicate securely with servers at a private corporate network. PPTP tunnels the IP protocol. RFC 2637 describes the PPTP protocol.

Support is provided for only inbound PPTP and only one firewall interface can have the vpdn command enabled.

Supported authentication protocols include: PAP, CHAP, and MS-CHAP using external AAA (RADIUS or TACACS+) servers or the firewall local username and password database. Through the PPP IPCP protocol negotiation, the firewall assigns a dynamic internal IP address to the PPTP client allocated from a locally defined IP address pool.

The firewall PPTP VPN supports standard PPP CCP negotiations with Microsoft Point-To-Point Encryption (MPPE) extensions using RSA/RC4 algorithm. MPPE currently supports 40-bit and 128-bit session keys. MPPE generates an initial key during user authentication and refreshes the key regularly. In this release, compression is not supported.

When you specify MPPE, use the MS-CHAP PPP authentication protocol. If you are using an external AAA server, the protocol should be RADIUS and the external RADIUS server should be able to return the Microsoft MSCHAP_MPPE_KEY attribute to the firewall in the RADIUS Authentication Accept packet. See RFC 2548, "Microsoft Vendor Specific RADIUS Attributes," for more information on the MSCHAP_MPPE_KEY attribute.

Cisco Secure ACS 2.5/2.6 and higher releases support the MS-CHAP/MPPE encryption.

The firewall PPTP VPN has been tested with the following Microsoft Windows products: Windows 95 with DUN1.3, Windows 98, Windows NT 4.0 with SP6, and Windows 2000.

Note If you configure the firewall for 128-bit encryption and if a Windows 95 or Windows 98 client does not support 128-bit or greater encryption, then the connection to the firewall is refused. When this occurs, the Windows client moves the dial-up connection menu down to the screen corner while the PPP negotiation is in progress. This gives the appearance that the connection is accepted when it is not. When the PPP negotiation completes, the tunnel terminates and the firewall ends the connection. The Windows client eventually times out and disconnects.

PPTP Configuration

Use the vpdn command with the sysopt connection permit-pptp command to allow PPTP traffic to bypass checking of access-list command statements.

The show vpdn command lists tunnel and session information.

The clear vpdn command removes all vpdn commands from the configurations and stops all the active PPTP tunnels. The clear vpdn all command lets you remove all tunnels, and the clear vpdn id tunnel_id command lets you remove tunnels associated with tunnel_id. (You can view the tunnel_id with the show vpdn command.)

The clear vpdn group command removes all the vpdn group commands from the configuration. The clear vpdn username command removes all the vpdn username commands from the configuration. The clear vpdn command removes all vpdn commands from the configuration.

You can troubleshoot PPTP traffic with the debug ppp and debug vpdn commands.

PPTP Configuration Example

Example 8-3 shows a simple configuration, which lets a Windows PPTP client dial in without any authentication (not recommended). Refer to the vpdn command page in the Cisco PIX Firewall Command Reference for more examples and descriptions of the vpdn commands and the command syntax.

Example 8-3 PPTP Configuration Example

ip local pool my-addr-pool 10.1.1.1-10.1.1.254

vpdn group 1 accept dialin pptp

vpdn group 1 client configuration address local my-addr-pool

vpdn enable outside

static (inside, outside) 209.165.201.2 192.168.0.2 netmask 255.255.255.255

access-list acl_out permit tcp any host 209.165.201.2 eq telnet

access-group acl_out in interface outside

The ip local pool command specifies the IP addresses assigned to each VPN client as they log in to the network. The Windows client can Telnet to host 192.168.0.2 through the global IP address 209.165.201.2 in the static command statement. The access-list command statement permits Telnet access to the host.

Importance Of Directed Broadcasts

Do we know what problem we will face if we enable ' ip directed-broadcast' in an Interface???

IP directed broadcasts are used in the common and popular smurf denial of service attack, and can also be used in related attacks.

An IP directed broadcast is a datagram which is sent to the broadcast address of a subnet to which the sending machine is not directly attached. The directed broadcast is routed through the network as a unicast packet until it arrives at the target subnet, where it is converted into a link-layer broadcast. Because of the nature of the IP addressing architecture, only the last router in the chain, the one that is connected directly to the target subnet, can conclusively identify a directed broadcast. Directed broadcasts are occasionally used for legitimate purposes, but such use is not common outside the financial services industry.

In a smurf attack, the attacker sends ICMP echo requests from a falsified source address to a directed broadcast address. This causes all the hosts on the target subnet to send replies to the falsified source. By sending a continuous stream of such requests, the attacker can create a much larger stream of replies. This can completely inundate the host, whose address is falsified.

If a Cisco interface is configured with the no ip directed-broadcast command, directed broadcasts that are otherwise exploded into link-layer broadcasts at that interface are dropped instead. This means that the no ip directed-broadcast command must be configured on every interface of every router that is connected to a target subnet. It is not sufficient to configure only on firewall routers. The no ip directed-broadcast command is the default in Cisco IOS Software Release 12.0 and later. In earlier releases, the command should be applied to every LAN interface that is not known to forward legitimate directed broadcasts.

7940 and 7960 IP Phones Resetting to the Factory Default
------------------------------------------

-----------
PROCEDURE 1
-----------
steps:

1.Choose the main Date/Time window.

2.Press **# in order to unlock the Network Configuration on the phone.

3.Press Settings.

4.The Network Configuration lock symbol must be unlocked. If not, exit to the main window and press ** # again.

5.Press 3 on the keypad (or scroll down) for Network Configuration.

6.Press 33 on the keypad (or scroll down) to Erase Configuration.

7.Press the Yes softkey.

8.Press the Save softkey.

The phone must now be reset.
---------------------------------------------

-----------
PROCEDURE 2
-----------

STEPS :


In order to perform a factory reset of a phone if the password is set, complete these steps:

1.Unplug the power cable from the phone, and then plug in the cable again.

The phone begins its power up cycle.

2.Immediately press and hold # while the Headset, Mute, and Speaker buttons flash in sequence.

Release # after the Speaker button is no longer lit.

The Headset, Mute, and Speaker buttons flash in sequence in order to indicate that the phone waits
for you to enter the key sequence for the reset.

3.Press 123456789*0# within 60 seconds after the Headset, Mute, and Speaker buttons begin to flash.

If you repeat a key within the sequence, for example, if you press 1223456789*0#, the sequence is
still accepted and the phone resets.

If you do not complete this key sequence or do not press any keys, after 60 seconds,
the Headset, Mute, and Speaker buttons no longer flash, and the phone continues with its
normal startup process. The phone does not reset.

If you enter an invalid key sequence, the buttons no longer flash, and the phone continues
with its normal startup process. The phone does not reset.

If you enter this key sequence correctly, the phone displays this prompt:

Keep network cfg? 1 = yes 2 = no

4.In order to maintain the current network configuration settings for the phone when the phone resets,
press 1. In order to reset the network configuration settings when the phone resets, press 2.

If you press another key or do not respond to this prompt within 60 seconds,
the phone continues with its normal startup process and does not reset. Otherwise,
the phone goes through the factory reset process.

================================================

Configuring Load Balancing with VRRP
===============================
SWITCH A

CatalystA(config)# interface vlan 50
CatalystA(config-if)# ip address 192.168.1.10 255.255.255.0
CatalystA(config-if)# vrrp 1 priority 200
CatalystA(config-if)# vrrp 1 ip 192.168.1.1
CatalystA(config-if)# vrrp 2 priority 100
CatalystA(config-if)# no vrrp 2 preempt
CatalystA(config-if)# vrrp 2 ip 192.168.1.2

SWITCH B

CatalystB(config)# interface vlan 50
CatalystB(config-if)# ip address 192.168.1.11 255.255.255.0
CatalystB(config-if)# vrrp 1 priority 100
CatalystA(config-if)# no vrrp 1 preempt
CatalystB(config-if)# vrrp 1 ip 192.168.1.1
CatalystB(config-if)# vrrp 2 priority 200
CatalystB(config-if)# vrrp 2 ip 192.168.1.2

--------------------

Displaying Switch Roles for VRRP Load Balancing

-------------

CatalystA# show vrrp brief

Interface Grp Pri Time Own Pre State Master addr Group addr

Vlan50 1 200 3218 Y Master 192.168.1.10 192.168.1.1

Vlan50 2 100 3609 Backup 192.168.1.11 192.168.1.2

CatalystA#

CatalystB# show vrrp brief

Interface Grp Pri Time Own Pre State Master addr Group addr

Vlan50 1 100 3609 Backup 192.168.1.10 192.168.1.1

Vlan50 2 200 3218 Y Master 192.168.1.11 192.168.1.2

CatalystB#

-------------------

Verifying VRRP Status for Multiple VRRP Groups

-----------------------------

Catalyst A

CatalystA# show vrrp

Vlan50 - Group 1

State is Master

Virtual IP address is 192.168.1.1

Virtual MAC address is 0000.5e00.0101

Advertisement interval is 1.000 sec

Preemption is enabled

min delay is 0.000 sec

Priority is 200

Authentication is enabled

Master Router is 192.168.1.10 (local),

priority is 200

Master Advertisement interval is

1.000 sec

Master Down interval is 3.218 sec

Vlan50 - Group 2

State is Backup

Virtual IP address is 192.168.1.2

Virtual MAC address is 0000.5e00.0102

Advertisement interval is 1.000 sec

Preemption is disabled

Priority is 100

Authentication is enabled

Master Router is 192.168.1.11, priority

is 200

Master Advertisement interval is

1.000 sec

Master Down interval is 3.609 sec

(expires in 2.977 sec)

CatalystA#

-------------

Catalyst B

CatalystB# show vrrp

Vlan50 - Group 1

State is Backup

Virtual IP address is 192.168.1.1

Virtual MAC address is 0000.5e00.0101

Advertisement interval is 1.000 sec

Preemption is disabled

Priority is 100

Authentication is enabled

Master Router is 192.168.1.10, priority

is 200

Master Advertisement interval is

1.000 sec

Master Down interval is 3.609 sec

(expires in 2.833 sec)

Vlan50 - Group 2

State is Master

Virtual IP address is 192.168.1.2

Virtual MAC address is 0000.5e00.0102

Advertisement interval is 1.000 sec

Preemption is enabled

min delay is 0.000 sec

Priority is 200

Authentication is enabled

Master Router is 192.168.1.11 (local),

priority is 200

Master Advertisement interval is

1.000 sec

Master Down interval is 3.218 sec

CatalystB#

=================

CONFIGURING PORTFAST AND BPDUGUARD IN SWITCH INTERFACES
-----------------------------------------------------------------

Try the below commands only to access ports (not for trunk ports)
Portfast should be configured to only those ports which connects to server/pc/workstation
not to the ports which connected to switches/routers
-------------------------------------------------------------------

Switch(config) # interface range GigabitEthernet 3/1 – 24

Switch (config-if)# Spanning-tree portfast

Switch (config-if)# Spanning-tree bpduguard enable



Switch(config) # interface range GigabitEthernet 4/1 – 24

Switch (config-if)# Spanning-tree portfast

Switch (config-if)# Spanning-tree bpduguard enable

Mistakes......

A man goes into a pet shop to buy a parrot. The shop owner points to three identical looking parrots on a perch and says:

"The parrot on the left costs 500 dollars".

"Why, does the parrot cost so much" asks the first man.

The owner says, "Well the parrot knows how to use a computer".

The man then asks about the next parrot to be told that this one cost 1,000 dollars because it can do everything the other parrot can do plus it knows how to use the UNIX operating system.

Naturally, the increasingly startled man asks about the third parrot to be told that it costs 2,000 dollars. Needless to say this begs the question

"What can it do?"

To which the owner replies "To be honest, I have never seen it do a thing but the other two call him boss!"

Once 3 Sardars decided to go on a picnic.
When they got there, they realized that they had forgot the soda.
The youngest Sardar said he would go home & get it if they wouldn't
eat the snacks until he got back.

The other two agreed to wait patiently.

An hour went by,
Then a Day,
followed by a week
finally a month,

the 2 Sardars said
'oh, come on, let's eat the snacks'
..
.
.
.
.
..

..
..



Suddenly the Young Sardar popped up from behind a rock and said

'If you do like this, I won't go.'

Host_flapping console message troubleshooting commands

bghsg501#show spanning-tree vlan 463 detail
--------------------------------
sh ip arp 192.168.10.1
protocol add age h/w add type int
-----------------------------
bghsg701#show mac-addre dyn vlan 22
-------------------------
bghsg701#show mac-address dyn
Unicast Entries
vlan mac address type protocols port
-------+---------------+--------+---------------------+--------------------
1 0015.62ad.317f dynamic ip GigabitEthernet1/1
2 000d.564f.8fb8 dynamic ip GigabitEthernet1/1
2 000d.88ff.6971 dynamic ip GigabitEthernet1/1
2 0013.211b.a913 dynamic ip GigabitEthernet1/1
2 0014.38ee.578e dynamic ip GigabitEthernet1/1
5 0000.5e00.0101 dynamic ip GigabitEthernet1/1
-----------------------------------


bghsg701#show mac-addre dyn inc 78f1
-----------------------------------
bghsg701# show mac-add dyn inc 78f1
----------------------------------
bghsg701#show arp 00:03:47:0B:78:F1
------------------------------
bghsg701#show mac-add dyn int G6/43
No entries present.
------------------------
bghsg701# show spann vlan 22 summ
--------------------
bghsg701#show mac-add dyna int f4/16
-------------------------------
bghsg701#show mac-add stat inc e651
-------------------------
bghsg701#show mac-add address 0015.62ad.317f
--------------------------

Vlan,Trunk,VTP sample configuration

switch(config)# int vlan 1
switch(config-vlan)# name marketing
switch(config-vlan)#description ####management vlan######
switch(config)# int fa 0/1
switch(config)# switch-port mode access
switch(config)# switch-port access vlan1
===================
switch# show vlan1
switch# show vlan brief
==============================
switch# show int fa 0/1 switchport
=========================
switch(config)# int fa 0/1
switch(config-if)# shutdown
switch(config-if)# switchport trunk encapsulation dot1q
switch(config-if)# switchport trunk allowed vlan 1,5,11,1002-1005
switch(config-if)# switchport mode trunk
switch(config-if)# switchport trunk native vlan 99
switch(config-if)# switchport nonegotiate
switch(config-if)# no shut
=============================
switch(config)# show run int fa 0/1 switchport
=============================
switch# show vtp status
switch# show vtp counters
============================
no vtp mode
==============
switch(config)# vtp v2-mode
switch(config)# vtp v1-mode
=================
while adding new switch into existing vtp domain ensure new switch has a vtp
revision 0 before adding it to network.
==============
vtp configuration no is used to determine if the switch should keep its existing
vlan database or overwrite it with vtp update sent by another switch in the same domain
with same password.
=====================
This overwrite occure whether a switch is in client or server mode.
A vtp client can erase vlan info on a vtp server.
======================

7206 router IOS upgrade procedure (command reference)

rouer#sh run <-

check the boot system flash and boot loader image

router# sh ver <-

1. check the flash image name
2. check the memory size
3. check the flash size


========================================================
Router# copy tftp disk2:c7200-ik9s-mz.123-16.bin
Router# copy tftp slavedisk2:c7200-ik9s-mz.123-16.bin

Router# copy tftp bootflash:c7200-kboot-mz.122-15.B.bin
Router# copy tftp slavebootflash:c7200-kboot-mz.122-15.B.bin

Router# configure terminal


Router(config)# no boot system flash disk2:old image.bin
Router(config)# boot system flash disk2:c7200-ik9s-mz.123-16.bin

Router(config)# no boot bootldr bootflash:old boot loader.bin
Router(config)# boot bootldr bootflash:c7200-kboot-mz.122-15.B.bin



Router# write mem
Router# copy running-config startup-config
Router# reload

Steps To Upgrade CATOS In Cisco 4003 Switch

First Verify the Below Command outputs.........

TFINDPNCL2FSW02> (enable)
TFINDPNCL2FSW02> (enable) sh flash
-#- ED --type-- --crc--- -seek-- nlen -length- -----date/time------ name
1 .. ffffffff 548c8f9c 39cf70 17 3526384 Feb 26 2001 22:52:50 cat4000.5-4-2.bin
2 .. ffffffff 8ca7620 39d2d8 12 741 Oct 01 2002 11:25:09 myswitch.cfg
3 .. ffffffff 2d351fca 7cfd34 20 4401628 Apr 13 2006 23:38:42 cat4000-k9.7-1-2.bin

3605196 bytes available (7929140 bytes used)
TFINDPNCL2FSW02> (enable)
=======================
cat4000-k9.7-6-17.bin 4.71 MB
=====================
FINDPNCL2FSW02> (enable) sh boot
BOOT variable = bootflash:cat4000-k9.7-1-2.bin,1;bootflash:cat4000.5-4-2.bin,1;
CONFIG_FILE variable =

Configuration register is 0x2
ignore-config: disabled
auto-config: non-recurring
console baud: 9600
boot: image specified by the boot system commands
========================================

==============================


Details

Release 7.6(17)
Description Catalyst 4000 Supervisor with SSH support. Requires ROMMON version 5.4(1) or later.
Size 4941544
BSD Checksum -
Router Checksum 0x9796
MD5 2c389aea3d3084539feac4a576a89de2
Date Published: 15-MAR-2006

(4,941,544 bytes)
========================================================

----------------------------STEPS TO UPGRADE CATOS IN 4003 SWITCH---------
--------------------------------------------------------------------------------

1> take the backpu first

copy flash:bootflash:cat4000-k9.7-6-17.bin tftp:
copy config tftp
2>check if there is no enough space in bootflash , format it

squeeze flash
format bootflash;
it will take around 2 minutes
3> copy tftp flash:

address of remote host[]?172.16.1.5 (ip addd of pc where tftp is running)
file name[]? newimage.bin
flash device name[bootflash]? y
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
copied successfully

4>clear the existing boot flash and set the new one

clear boot system flash bootflash:cat4000-k9.7-1-2.bin(old flash image) OR

clear boot system flash all

set boot system flash bootflash:cat4000-k9.7-6-17.bin(new flash image)

5> check by
show boot
show flash
show run

6>reset/reload

7> sh ver
=================================

DHCP Pool Configuration In A Cisco Switch

DHCP Pool Sample Configuration In A Cisco Switch

switch(config)#ip cef
!
!
switch(config)#no ip dhcp use vrf connected
switch(config)#ip dhcp excluded-address 192.168.1.1 192.168.1.19
!
switch(config)#ip dhcp pool juri
switch(config)#network 192.168.1.0 255.255.255.0
switch(config)# dns-server 202.138.103.100
switch(config)# lease 10
!
!
switch(config)#ip name-server 202.128.96.2
switch(config)#ip dhcp-server 192.168.1.1
!
!
!
!
!
!
!
!

switch(config)#interface FastEthernet0/0
switch(config)# ip address 192.168.1.1 255.255.255.0
switch(config)# ip nat inside
switch(config)# ip virtual-reassembly
switch(config)# duplex auto
switch(config)# speed auto
switch(config)#ip nat inside source list 101 interface FastEthernet0/1 overload! access-list 101 switch(config)#permit ip 192.168.1.0 0.0.0.255 any

7500 Router IOS upgrade Procedure

Procedure : We will do the IOS upgradation via Fast software upgrade procedure to minimise the downtime


Here are the steps :



1 ) copy the image to disk0:

copy tftp disk0:

2) copy the image from disk0: to slavedisk0:

copy disk0:s72033-adventerprise9_wan-mz.122-18.SXE6.bin slavedisk0:

3) set the boot statement

boot system flash disk0:s72033-adventerprisek9_wan-mz.122-18.SXE6.bin

4 ) Reset the standby supervisor module (slot 6 )

hw-module module 6 reset

it will reload standby supervisor and standby will come up with new image(SXE6)

Note : it wil ltake around 8-9 mins


5) write mem

6 ) Force Switchover to secondry supervisror

redundancy force-switchover

7 ) It will make slot 6 Active , Slot 5 will automatically reboot and come up with new image

Note : during switchover to slot 6 all the line card will reboot and downtime of around 90 Seconds will be reported


8 ) write mem

Dialer-list sample configuration in Routers

R1(config)#Interface dialer 0

R1(config-if)#ip address 10.1.1.2 255.255.255.0

R1(config-if)#dialer pool 1

R1(config-if)#encapsulation ppp

R1(config-if)#ppp authentication chap

R1(config-if)#dialer remote-name RTA

R1(config-if)#dial-group 5

R1(config-if)#dialer string 9900235354

R1(config-if)#dialer string 9900235455

------------------------------------------
R1(config)#interface dialer 1

R1(config-if)#ip adddress 172.16.0.2 255.255.255.0

R1(config-if)#dialer pool 1

R1(config-if)#encapsulation ppp

R1(config-if)#ppp authentication chap

R1(config-if)#dialer remote-name JULIET

R1(config-if)#dialer-group 5

R1(config-if)#dialer string 22334455

R1(config-if)#dialer string 33445566

-----------------------------------------
R1(config)#dialer-list 1 protocol ip permit

------------------------------------
CONFIGURING STATIC ROUTES

RouterA(config)#ip route 172.16.50.0 255.255.255.0 172.16.60.2

RouterA(config)#ip route 172.16.60.2 255.255.255.0 dialer 1
----------------------------------------------------------------
!
username RTA password 0 ecgc

username JULIET password 0 Chennai
!
------------------------------------------
!
isdn switch-type basic-net3
!
-----------------------------------------

what is ip communicator:-
Cisco IP Communicator—a software-based application that delivers enhanced telephony support through the PC—is designed to meet diverse customer needs by serving as a supplemental telephone when traveling, a telecommuting device, or as a primary desktop telephone. With Cisco IP Communicator, remote users don't just take their office extension with them; they also enjoy access to the same familiar phone services that they have in the office.
Install and Configure IP Communicator with CallManager
This document outlines the basic steps required to install and configure Cisco IP Communicator with Cisco CallManager through manual setup
Note: Cisco IP Communicator is supported in Cisco CallManager 3.3(4). However, this document focuses on Cisco CallManager 4.x
CHECKLIST::
1>Verify Cisco CallManager Version
In order to set up Cisco IP Communicator in Cisco CallManager 4.x, you must make sure that your CallManager version is no earlier than 4.0(1)sr2.
Go to the main menu window, choose Help > About Cisco CallManager, and then click Details to check your Cisco CallManager version
steps in order to configure Cisco IP Communicator
1.. Go to the main menu window, choose Device > Phone > Add a New Phone, and then select Cisco IP Communicator from the Phone type pull-down menu.
2.. Click Next to get to the Phone Configuration window. Fill out the required details, such as the MAC address of the phone. This address should typically be a fixed network interface card (NIC) where Cisco IP Communicator is installed.
3.. Click Insert. This message appears.
4.. Click OK to get to the Directory Number Configuration window. Fill out the required fields.
5.. Click Add. This message appears.
6.. Click OK.
You have now completed the configuration for Cisco CallManager.

Install Cisco IP Communicator
steps:
A.. Double-click the CiscoIPCommunicatorSetup.exe icon to run the Install Wizard.
B.. Click Next and follow the instructions.
C.. Once the installation is complete, one window appears.
D.. Check the Launch the program check box and click Finish. The Audio Tuning Wizard window appears.
E.. Click Next. The Select Audio Devices window appears..
F.. Choose the appropriate devices from the pull-down lists and click Next. Now you must adjust the listening volume.
G.. Follow the instructions to adjust the listening volume, and then click Next. The Adjust the Microphone Volume window appears.
H.. Follow the instructions to adjust the Microphone Volume, and then click Next. The last window appears.
I.. Click Finish. If your TFTP setup in incorrect, you get this error:
“Unable to reach TFTP server”
J.. Click OK. This window appears automatically
K.. Click Use these TFTP servers and type in the IP address of the Cisco CallManager if you use a TFTP server on the Cisco CallManager. You must also choose the correct Network Adaptor and Device Name, or this error appears.
“please select a network interface to register with cisco call manager”
L.. The next window asks for your username and password.
M.. Enter your username and password and click OK. After a few seconds, the Cisco IP Communicator Launch window appears:
Note: If Cisco IP Communicator is behind a firewall, make sure that the firewall is configured to pass TFTP and RTP traffic using the appropriate port range
Apply sr2 Patch to Cisco CallManager 4.x
If your Cisco CallManager version is not at least 4.0(1)sr2, make sure you download the ciscocm.4-0-1-sr2.exepatch from the Cisco CallManager Version 4.0 Software Download Center ( registered customers only) and apply it to Cisco CallManager. The Apply sr2 Patch to CallManager 4.x section describes this process.

Caution: Application of the sr2 patch to Cisco CallManager should be performed during non-business hours, because this process results in interruption of all CallManager services and a server reboot.
In order to add Cisco IP Communicator as a phone from the device list, you must have Cisco CallManager 4.0(1)sr2. You can apply the sr2 patch directly to 4.0(1) or 4.0(1)sr1 to take you to 4.0(1)sr2.
1. After you download the sr2 patch, copy the file to a temporary directory on your Cisco CallManager server. If you do not have direct access to Cisco CallManager, use Virtual Network Computing (VNC) to connect to CallManager from a client PC that runs VNC Viewer.
2. From the directory to which you copied sr2, double-click the executable file. This window appears
3. Click Next and follow the instructions on the window to complete the steps to update Cisco CallManager to 4.0(1)sr2. After the server is rebooted, verify that the Cisco CallManager version is 4.0(1)sr2. See the Verify Cisco CallManager Version section.
-------------------------------------------------------------------------------

what is ip communicator ? configuration and patch upgradation

what is ip communicator:
Cisco IP Communicator—a software-based application that delivers enhanced telephony support through the PC—is designed to meet diverse customer needs by serving as a supplemental telephone when traveling, a telecommuting device, or as a primary desktop telephone. With Cisco IP Communicator, remote users don't just take their office extension with them; they also enjoy access to the same familiar phone services that they have in the office.
Install and Configure IP Communicator with CallManager
This document outlines the basic steps required to install and configure Cisco IP Communicator with Cisco CallManager through manual setup
Note: Cisco IP Communicator is supported in Cisco CallManager 3.3(4). However, this document focuses on Cisco CallManager 4.x
CHECKLIST::
1>Verify Cisco CallManager Version
In order to set up Cisco IP Communicator in Cisco CallManager 4.x, you must make sure that your CallManager version is no earlier than 4.0(1)sr2.
Go to the main menu window, choose Help > About Cisco CallManager, and then click Details to check your Cisco CallManager version
steps in order to configure Cisco IP Communicator
1.. Go to the main menu window, choose Device > Phone > Add a New Phone, and then select Cisco IP Communicator from the Phone type pull-down menu.
2.. Click Next to get to the Phone Configuration window. Fill out the required details, such as the MAC address of the phone. This address should typically be a fixed network interface card (NIC) where Cisco IP Communicator is installed.
3.. Click Insert. This message appears.
4.. Click OK to get to the Directory Number Configuration window. Fill out the required fields.
5.. Click Add. This message appears.
6.. Click OK.
You have now completed the configuration for Cisco CallManager.

Install Cisco IP Communicator
steps:
A.. Double-click the CiscoIPCommunicatorSetup.exe icon to run the Install Wizard.
B.. Click Next and follow the instructions.
C.. Once the installation is complete, one window appears.
D.. Check the Launch the program check box and click Finish. The Audio Tuning Wizard window appears.
E.. Click Next. The Select Audio Devices window appears..
F.. Choose the appropriate devices from the pull-down lists and click Next. Now you must adjust the listening volume.
G.. Follow the instructions to adjust the listening volume, and then click Next. The Adjust the Microphone Volume window appears.
H.. Follow the instructions to adjust the Microphone Volume, and then click Next. The last window appears.
I.. Click Finish. If your TFTP setup in incorrect, you get this error:
“Unable to reach TFTP server”
J.. Click OK. This window appears automatically
K.. Click Use these TFTP servers and type in the IP address of the Cisco CallManager if you use a TFTP server on the Cisco CallManager. You must also choose the correct Network Adaptor and Device Name, or this error appears.
“please select a network interface to register with cisco call manager”
L.. The next window asks for your username and password.
M.. Enter your username and password and click OK. After a few seconds, the Cisco IP Communicator Launch window appears:
Note: If Cisco IP Communicator is behind a firewall, make sure that the firewall is configured to pass TFTP and RTP traffic using the appropriate port range
Apply sr2 Patch to Cisco CallManager 4.x
If your Cisco CallManager version is not at least 4.0(1)sr2, make sure you download the ciscocm.4-0-1-sr2.exepatch from the Cisco CallManager Version 4.0 Software Download Center ( registered customers only) and apply it to Cisco CallManager. The Apply sr2 Patch to CallManager 4.x section describes this process.

Caution: Application of the sr2 patch to Cisco CallManager should be performed during non-business hours, because this process results in interruption of all CallManager services and a server reboot.
In order to add Cisco IP Communicator as a phone from the device list, you must have Cisco CallManager 4.0(1)sr2. You can apply the sr2 patch directly to 4.0(1) or 4.0(1)sr1 to take you to 4.0(1)sr2.
1. After you download the sr2 patch, copy the file to a temporary directory on your Cisco CallManager server. If you do not have direct access to Cisco CallManager, use Virtual Network Computing (VNC) to connect to CallManager from a client PC that runs VNC Viewer.
2. From the directory to which you copied sr2, double-click the executable file. This window appears
3. Click Next and follow the instructions on the window to complete the steps to update Cisco CallManager to 4.0(1)sr2. After the server is rebooted, verify that the Cisco CallManager version is 4.0(1)sr2. See the Verify Cisco CallManager Version section.
-------------------------------------------------------------------------------

All About Bollywood

We always want to know about Bollywood. No website gives us the perfect picture. Try this one, I am sure this will satisfy you.Exclusive Hot wallpapers and screensavers of Hottest Bollywood Actors and Actresses. Great Entertainment..............All these in one website: http://www.totalbollywood.bravehost.com/
Hope you liked the site. Please pass it on.Sunita

Famous Oriya Songs Website

For the first time in Orissa, online songs.............
purionline.com

Online Orissa

For the first time in Orissa,a portal has been introduced that will live upto the growing standards and online demands of the people of Orissa.
A website that has to offer more than anyone else in the race.so please checkout the following link and dont 4get 2 register!!
http://www.onlineorissa.com/

Get GOOGLE EARTH - 3D EARTH BROWSER (worth 400$) FREE !!

Hi,Get GOOGLE EARTH - 3D EARTH BROWSER (worth 400$) FREE !!

www.chulbul.com/earth.htm
Google Earth is a program developed by Google. It uses satellite images allow you to see the entire world, from the country level down to the city level... right from your computer desk!

[Hits_Happen] Earn $3,500 Weekly With Google!

[Hits_Happen] Earn $3,500 Weekly With Google! I Will Show You Proof!
Work At Home Only 1hr A Day and earn $3.500 weekly!Limited Time Offer! Act Now!http://strave.123secrets.hop.clickbank.net/
Yahoo! Groups Links
<*> To visit your group on the web, go to:
http://groups.yahoo.com/group/Hits_Happen/
<*> Your email settings:Individual Email Traditional
<*> To change settings online go to:
http://groups.yahoo.com/group/Hits_Happen/join
(Yahoo! ID required)
<*> To change settings via email:mailto:Hits_Happen-digest@yahoogroups.com mailto:Hits_Happen-fullfeatured@yahoogroups.com<*> To unsubscribe from this group, send an email to:Hits_Happen-unsubscribe@yahoogroups.com
<*> Your use of Yahoo! Groups is subject to:
http://docs.yahoo.com/info/terms/

DOSA & Pani Puri Engagement Card..........

Never let yesterday's disappointments overshadow tomorrow's dreams

~ Shree Khaa Naa Ya Namaha~
Mrs. and Mr. Sambhar Chatni
Request the pleasure of the company of
Mrs. & Mr. Idli
On the occasion of the Marriage of their grandson,
SADA DOSA
(Son of Mrs. & Mr. Masala Dosa )
to
PANI PURI
( Daughter of Mrs. & Mr. Bhel Puri)
on 32th MAR 2007 , 12.00 a.m. at

Dahi Wada Hall, Samosa Building,
Cham Cham Road , Opposite Papad Theatre,
Haldiram, Mumbai Rasgulla 400 000.

Res. : "Nariyal ka Chatni", Paneer Rd.
Chola Battura Avenue , Mumbai Dhokla 400 111.
Tel. 91-22-25618241

email id: http://www.blogger.com/
NO GIFTS PLEASE, ONLY PRESENTS.
Best wishes from : Mr. Ghee roast dosa and Mrs. Dahi puri

Baapu Ne Bola Hai.......

"Agar koi tumhe Email na kare,
Good Morning/Good Evening na bole,
!
Call/SMS bhi na kare... to koi baat nahi, tum Email karte raho....
Good Morning/Good Evening bolate raho......
Call/SMS bhi karate raho.......

Dekhna, Uski aatma ek din jaroor jaagegi.
Aur vo tumhe E-Mail/Call/SMS jaroor Karega/Karegi"


Aur agar fir bhi koi E-Mail/Call/SMS nahi aaye,
to uske paas jana,
use ek Guldasta dena....

"GET WELL SOON MAAMU"
aur kahna.......

Funniest Poems...............

Dont feel bad ................... No intenstion to hurt any one.....

Roses are red, violets are blue
Monkeys like you should be kept in the zoo.
Don't feel so angry, you will find me there too
Not in a cage but laughing at you...

Twinkle Twinkle little star
You should know what you are
And once you know what you are
Mental hospital is not so far


The rain makes all things beautiful.
The grass and flowers too.
If rain makes all things beautiful
Why doesn't it rain on you ?


I wrote your name on sand it got washed.
I wrote your name in air, it was blown away.
then ~ I wrote your name on my heart And….
I got a heart attack straight away

God saw me hungry, HE created pizza.
HE saw me thirsty, HE created Pepsi
HE saw me in dark, HE created light
HE saw me without problems, HE created YOU

Dont feel bad ................... No intenstion to hurt any one.....


Roses are red, violets are blue Monkeys like you should be kept in the zoo. Don't feel so angry, you will find me there too

Not in a cage but laughing at you...





I wrote your name on sand it got washed.

I wrote your name in air, it was blown away.

then ~ I wrote your name on my heart And….

I got a heart attack straight away…





God saw me hungry, HE created pizza.

HE saw me thirsty, HE created Pepsi

HE saw me in dark, HE created light

HE saw me without problems, HE created YOU.



Twinkle Twinkle little star

You should know what you are

And once you know what you are

Mental hospital is not so far.

MAST HAI......... (Modern Sayari...)

mere... Company
kee ladkiyaan sunder
hain Aur lonely hain...
Problem ye hai ki bus voh
READ-ONLY hain...

Shayad mere pyar ko
taste Karna bhool
gaye...
Dil sey aisa CUT
kiya ke PASTE
karna bhool gaye..

Tumhare samne hain
itney items Kabhi
hame bhi pick karo...
!
Hamare pyar ke
ICON pe Kabhi to
tum DOUBLE-CLICK karo...

Roz subha hum
karte hai Itne pyar se
unhe good morning...
Woh humhe ghoor
kar dekhte hain Jaise
0 ERRORS but 5
WARNINGS...

Tumse mila main kal
to, Mere dil mein
hua ek sound,
Lekin aaj tum mili
To kehti ho:
Your file not found!

Aysa bhi nahin hai ke,
I don't likeyour face Par
dil ke computer mein,
Nahin hai enough disk space

Joh sadiyaon se hota
aaya hai Woh repeat
kar doonga...
Tu naa mili to
tujhko dil sey
Ctrl+Alt+Delete
kar doonga...

teri yaad me sanam
raat bhar humne to wine piya
teri yaad me sanam
raat bhar humne to wine piya
kabhi offline to kabhi online piya

Pyar ke sitaare
jab gardish mein hote hai
Pyar ke sitaare
jab gardish mein hote hai
Laila ghar mein aur
majnoo project testing
kar rahe hote hai....

Love your job …. But …

An interesting speech delivered by a CEO of a premier IT company of
India during an employee session with another IT company in India.


He is incidentally, one of the top 50 influential people of Asia according the latest Asia week publication and also the new IT Advisor to the Thailand Prime Minister


Extract of Mr. Narayan Murthy’s speech during Mentor Session:


•LOVE YOUR JOB, BUT NEVER FALL IN LOVE WITH YOUR COMPANY BECAUSE YOU NEVER KNOW WHEN COMPANY STOPS LOVING YOU?

1. I know people who work 12 hours a day, 6 days a week, or more.

2. Some people do so because of a work emergency where the long hours are only temporary.

•Other people I know have put in these hours for years.

•I don’t know if they are working all these hours, but I do know they are in the office this long.

•Others put in long office hours because they are addicted to the work-place.

•Whatever the reason for putting in overtime, working long hours over the long term is harmful to the person and to the organization.

•There are things Managers can do to change this for everyone’s benefit.

•Being in the office long hours, over long periods of time, makes way for POTENTIAL ERRORS.

•My colleagues who are in the office long hours frequently MAKE MISTAKES caused by FATIGUE.

•Correcting these mistakes requires THEIR TIME as well as the TIME and ENERGY of OTHERS.

•I have seen people work Tuesday thro’ Friday TO CORRECT mistakes made AFTER 5:00 p.m. on Monday.

•Another problem is that people who are in the office long hours are not a PLEASANT COMPANY.

•They often COMPLAIN about other people (who aren’t working as hard); they are IRRITABLE, OR CRANKY, OR EVEN ANGRY.

•Other people avoid them.

•Such behavior poses problems, where work goes much better when people work together instead of avoiding one another.

•As Managers, there are things we can do to help people leave the office.

•First and foremost, is to set the example and go home ourselves.

•I work with a Manager who chides people for working long hours.

•His words quickly lose their meaning when he sends these chiding group e-mails with a time-stamp of 2:00 a.m., Sunday.

•Second, is to encourage people to put some BALANCE in their lives.

•For instance, here is a guideline I find helpful:-

1)Wake up, eat a good breakfast and go to work.

1)Work hard and smart for eight or nine hours.

1)Go home.

1)Read the books/comics, watch a funny movie, dig in the dirt, play with your kids etc.

1)Eat well and sleep well

•This is called re-creating. Doing steps 1,3,4 and 5 enables step 2.
•Working regular hours and re-creating daily are simple concepts.
•They are hard for some of us because that requires ‘PERSONAL CHANGE’.
•In considering the issue of overtime, I am reminded of my oldest son.

•They are possible since we all have the power to choose to do them.
•When he was a toddler, if people were visiting the apartment, he’d not fall asleep no matter how long the visit, and no matter what time of day it was.

•He would fight off sleep until the visitors left.

•It was as if he was afraid that he would miss something.

•Once our visitors’ left, he would go to sleep.

•By this time, however, he was OVER TIRED and would scream thro’ half the night with nightmares.

•He, my wife and I, all paid the price for his fear of missing out.

•Perhaps some people put in such long hours because they don’t want to miss anything when they leave the office.

•The trouble with this is that events will NEVER STOP HAPPENING. That’s life.

•Thing happen 24 hours a day.

•Allowing for little rest is not ultimately practical.

•So, take a nap.

•Things will happen while you’re asleep, but you’ll have the energy to catch up when you wake.

•Even when you are gone for good, things will still happen.

•No one is indispensable, it may take a while to get a replacement, but you will be replaced.

•Hence, “LOVE YOUR JOB BUT NEVER FALL IN LOVE WITH YOUR COMPANY.

Free kidney Treatment....

Tamilnadu kidney Research Foundation :
There is a foundation called TANKER (Tamilnadu kidney Research Foundation), where they treat all kidney related problems free of cost. They even do Dialysis free of cost. Please forward this message and let people utilize this opportunity. It can help people who are in need. Don't neglect..please forward the message. For further Details contact : 044 - 28273407 and 28241635..

Inform to all your frenz...may be it makes helpful for atleast one...

Simple to find Lost Mobile ................

An IMEI number-
The International Mobile Equipment Identity (IMEI) number is an international identity number used to uniquely identify a mobile phone. The 15-digit IMEI number is an electronic fingerprint transmitted every time a phone is used, which reveals the identity of the mobile handset.

How can I find out my IMEI number?
IMEI numbers are independent of the phone number and are usually written underneath the battery or on the back of the handset. Mobile phone users can also check their 15 digit IMEI number by dialling *#06# on their mobile handset. Mobile phone owners should make a note of their IMEI number and keep the details in a safe place.

If u lost your mobile, send an e-mail to mailto:cop@vsnl.netwith the following info.
Your name:
Address:
Phone model:
Make:
Last used No.:
E-mail for communication:
Missed date: IMEI No.:
"No need to go to police station"
Source: THE HINDU, 13.5.06

National Roads Safety Councl..Ha..Ha..Ha.Haa

Hi!

The National Roads Safety Council has done extensive testing on

a newly designed seat belt. Results show that accidents can be

reduced by as much as 45% when the belt is properly installed.

Correct installation is illustrated above.......

Office Humour:

After 2 years of selfless service, a man realized that he has not been promoted, no transfer, no salary increment, no commendation. So he decided to walk up to his HR Manager. His manager looked at him, smiled and asked him to sit down saying:

"My friend you have not worked here for even a single day." The man was surprised to hear this, but the manager went on to explain.

Manager: How many days are there in a year? Man: 365 days and sometimes 366. Manager: How many hours make up a day? Man: 24 Hours.

Manager: How long do u work in a day? Man: 10am to 6pm i.e 8 hours a day.Manager: So, what fraction of the day do u work in hours? Man: He did some arithmetic and said 8/24 i.e 1/3 (one third).

Manager: This is nice of u! what is 1/3rd of 366 days? Man: 122(1/3 x 366=122 in days)

Manager: Do u come to work on weekends? Man: No sir.

Manager: How many days r there in a year that r weekends? Man: 52 Saturdays and 52 Sundays equals to 104 days.

Manager: Thanks for that. If u remove 104 days from 122 days. how many days do u now have? Man: 18 days.

Manager: I do give u 2 weeks sick leave every year. Now remove that 14 days from the 18 days left. How many days do u have remaining? Man: 4 days.

Manager: Do u work on Republic Day? Man: No sir!

Manager: Do u come to work on Independence Day?Man: No sir!

Manager: So how many days r left? Man: 2 days Sir!

Manager: Do u come to work on New Years Day? Man: No sir!

Manager: So how many days r left? Man: 1 day sir!

Manager: Do u work on Christmas Day? Man: No Sir!

Manager: So how many days r left? Man: None Sir!

Manager: So what r u claiming?Man: !!!... Moral-NEVER GO TO HR FOR HELP!!!

HR-HIGH RISK................

POWER OF MAKE UP...SIVAJI HERO (Rajnikant)...Before & After Makeup

CALL CENTER JOKES

These "silly tech support calls " have been around in e-mails and online since the dawn of tech support.
They are always fun to read. I'm in the mood for a good laugh. How 'bout you?

**********

Customer: Hi, this is Celine. I can't get my diskette out. Tech support: Have you tried pushing the Button? Customer: Yes, sure, it's really stuck. Tech support: That doesn't sound good; I'll make a note. Customer: No, wait a minute... I hadn't inserted it yet... it's still on my desk... Sorry....

**********

Tech support: What kind of computer do you have? Female customer: A white one... Tech support: Click on the 'my computer' icon on to the left of the screen. Customer: Your left or my left?

**********

Tech support: Good day. How may I help you? Male customer: Hello... I can't print. Tech support: Would you click on "start" for me and... Customer: Listen pal; don't start getting technical on me! I'm not Bill Gates.

**********

Customer: Hi, good afternoon, this is Martha, I can't print. Every time I try, it says 'Can't find printer'. I've even lifted the printer and placed it in front of the monitor, but the computer still says he can't find it...

**********

Customer: I have problems printing in red... Tech support: Do you have a color printer? Customer: Aaaah....... ......... ....thank you.

**********

Tech support: What's on your monitor now, ma'am? Customer: A teddy bear my boyfriend bought for me at the 7-11.

**********

Customer: My keyboard is not working anymore. Tech support: Are you sure it's plugged into the computer? Customer: No. I can't get behind the computer. Tech support: Pick up your keyboard and walk 10 paces back Customer: OK Tech support: Did the keyboard come with you? Customer: Yes Tech support: That means the keyboard is not plugged in. Is there another keyboard? Customer: Yes, there's another one here. Ah...that one does work... **********

Tech support: Your password is the small letter "a" as in apple, a capital letter V as in Victor, the number 7. Customer: Is that 7 in capital letters?

**********
Customer: I can't get on the Internet. Tech support: Are you sure you used the right password? Customer: Yes, I'm sure. I saw my colleague do it. Tech support: Can you tell me what the password was? Customer: Five stars.

**********

Tech support: What anti-virus program do you use? Customer: Netscape.Tech support: That's not an anti-virus program. Customer : Oh, sorry...Internet Explorer.

**********

Customer : I have a huge problem. A friend has placed a screen saver on my computer, but every time I move the mouse, it disappears.

**********

Tech support: How may I help you? Customer: I'm writing my first e-mail. Tech support: OK, and what seems to be the problem? Customer: Well, I have the letter 'a' in the address, but how do I get the circle around it?

**********

A woman customer called the Canon help desk with a problem with her printer. Tech support: Are you running it under windows? Customer: "No, my desk is next to the door, but that is a good point. The man sitting in the cubicle next to me is under a window, and his printer is working fine."

**********

And last but not least... Tech support: "Okay Bob, let's press the control and escape keys at the same time. That brings up a task list in the middle of the screen. Now type the letter "P" to bring up the Program Manager" Customer: I don't have a P. Tech support: On your keyboard, Bob. Customer: What do you mean? Tech support: "P".....on your keyboard, Bob. Customer: I'M NOT GOING TO DO THAT!