Cisco Cisco Expressway Maintenance Manual
Field
Value
Rule name
IP addresses from known zones
Description
Allow calls to IP addresses only from a known zone
Priority
100
Source
All zones
Request must be
authenticated
authenticated
No
Mode
Any IP address
On successful match
Continue
Target zone
Overseas office
State
Enabled
Configuring Search Rules to Use an External Service
The configuration process to set up the Expressway to use an external policy service for search rules (dial plan) is
broken down into the following steps:
broken down into the following steps:
■
Configure the policy service to be used by search rules.
■
Configure the relevant search rules to direct a search to the policy service.
Configuring a policy service to be used by search rules
1.
Go to Configuration > Dial plan > Policy services.
2.
Click New.
3.
Configure the fields on the Create policy service page as follows:
Field
Description
Usage tips
Name
The name of the policy service.
Description
An optional free-form description of the policy
service.
service.
The description appears as a tooltip if you
hover your mouse pointer over a policy
service in the list.
hover your mouse pointer over a policy
service in the list.
Protocol
The protocol used to connect to the policy
service.
service.
The default is HTTPS.
The Expressway automatically supports
HTTP to HTTPS redirection when
communicating with the policy service
server.
HTTP to HTTPS redirection when
communicating with the policy service
server.
Certificate
verification
mode
verification
mode
When connecting over HTTPS, this setting
controls whether the certificate presented by
the policy server is verified.
controls whether the certificate presented by
the policy server is verified.
If On, for the Expressway to connect to a policy
server over HTTPS, the Expressway must have
a root CA certificate loaded that authorizes that
server’s server certificate. Also the certificate's
Subject Common Name or Subject Alternative
Name must match one of the Server address
fields below.
server over HTTPS, the Expressway must have
a root CA certificate loaded that authorizes that
server’s server certificate. Also the certificate's
Subject Common Name or Subject Alternative
Name must match one of the Server address
fields below.
The Expressway’s root CA certificates are
loaded via (Maintenance > Security
certificates > Trusted CA certificate).
loaded via (Maintenance > Security
certificates > Trusted CA certificate).
133
Cisco Expressway Administrator Guide