Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
188
D14049.08
November 2010
November 2010
Grey Headline (continued)
CISCO TELEPRESENCE
VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
CPL reference
Restricting access to a local gateway
In these examples, a gateway is registered to the VCS with a prefix of
9 and the administrator wants
to stop calls from outside the organization being routed through it.
This can be done in two ways: using the
This can be done in two ways: using the
address-switch node or the taa:rule-switch node.
Examples of each are shown below.
Using the address-switch node
<?xml version="1.0" encoding="UTF-8" ?>
<cpl xmlns="urn:ietf:params:xml:ns:cpl"
xmlns:taa="http://www.tandberg.net/cpl-extensions"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:cpl cpl.xsd">
<taa:routed>
<address-switch field="destination">
<address regex="9(.*)">
<address-switch field="originating-zone">
<!-- Calls coming from the traversal zone are not allowed to use this
<cpl xmlns="urn:ietf:params:xml:ns:cpl"
xmlns:taa="http://www.tandberg.net/cpl-extensions"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:cpl cpl.xsd">
<taa:routed>
<address-switch field="destination">
<address regex="9(.*)">
<address-switch field="originating-zone">
<!-- Calls coming from the traversal zone are not allowed to use this
gateway -->
<address is="TraversalZone">
<!-- Reject call with a status code of 403 (Forbidden) -->
<reject status="403" reason="Denied by policy"/>
</address>
</address-switch>
</address>
</address-switch>
</taa:routed>
</cpl>
<address is="TraversalZone">
<!-- Reject call with a status code of 403 (Forbidden) -->
<reject status="403" reason="Denied by policy"/>
</address>
</address-switch>
</address>
</address-switch>
</taa:routed>
</cpl>
Using the taa:rule-switch node
<?xml version="1.0" encoding="UTF-8" ?>
<cpl xmlns="urn:ietf:params:xml:ns:cpl"
xmlns:taa="http://www.tandberg.net/cpl-extensions"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:cpl cpl.xsd">
<taa:routed>
<taa:rule-switch>
<taa:rule originating-zone="TraversalZone" destination="9(.*)">
<!-- Calls coming from the traversal zone are not allowed to use this
<cpl xmlns="urn:ietf:params:xml:ns:cpl"
xmlns:taa="http://www.tandberg.net/cpl-extensions"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="urn:ietf:params:xml:ns:cpl cpl.xsd">
<taa:routed>
<taa:rule-switch>
<taa:rule originating-zone="TraversalZone" destination="9(.*)">
<!-- Calls coming from the traversal zone are not allowed to use this
gateway -->
<!-- Reject call with a status code of 403 (Forbidden) -->
<reject status="403" reason="Denied by policy"/>
</taa:rule>
<taa:rule origin="(.*)" destination="(.*)">
<!-- All other calls allowed -->
<proxy/>
</taa:rule>
</taa:rule-switch>
</taa:routed>
</cpl>
<!-- Reject call with a status code of 403 (Forbidden) -->
<reject status="403" reason="Denied by policy"/>
</taa:rule>
<taa:rule origin="(.*)" destination="(.*)">
<!-- All other calls allowed -->
<proxy/>
</taa:rule>
</taa:rule-switch>
</taa:routed>
</cpl>
CPL examples