Refer to the exhibit.
An engineer is working on a ticket that reports TEL1 cannot call TEL2. These dial peers are configured to route the call between the endpoints.
dial-peer voice 2001voip
destination-pattern 2001
session protocol sipv2
session target ipv4:10.1.1.2
incoming called-number.
codec g722-64 video
codec h264
dtmf-relay rtp-nte sip-notify sip-kpml
no vad
dial-peer voice 3001 voip
destination-pattern 3001
session protocol sipv2
session target ipv4:10.3.1.2
incoming called-number.
codec g722-64
video codec h264
dtmf-relay rtp-nte sip-notify sip-kpml
no vad
While troubleshooting, the engineer discovers that the Cisco Unified Border Element is giving the error “SIP/2.0 403 Forbidden”. Which two Cisco Unified Border Element configurations resolve this issue? (Choose two.)
A. voice service voip
mode border-element
ip address trusted list
ipv4 10.1.1.0 255.255.255.0
ipv4 10.2.1.0 255.255.255.0
allow-connections sip to sip
sip
bind control source-interface loopback0
bind media source-interface loopback0
B. voice service voip
no ip address trusted authenticate
mode border-element
allow-connections sip to sip
sip
bind control source-interface loopback0
bind media source-interface loopback0
C. voice service voip
mode border-element
ip address trusted list
allow-connections sip to sip
sip
bind control source-interface loopback0
bind media source-interface loopback0
D. voice service voip
mode border-element
allow-connections sip to sip
sip
bind control source-interface loopback0
bind media source-interface loopback0
E. voice service voip
mode border-element
ip address trusted list
ipv4 10.1.1.0 255.255 255.0
ipv4 10.3.1.0 255.255.255.0
allow-connections sip to sip
sip
bind control source-interface loopback0
bind media source-interface loopback0
Cisco and its stupid questions….
Dial-peer targets are automatically added to ip address trust lists so no need to configure them manually.
https://www.cisco.com/c/en/us/support/docs/voice/call-routing-dial-plans/112083-tollfraud-ios.html
“Note: If you have dial-peers configured with session target, calls from those IPs will be accepted even if there is no trusted list configured.”
the correct answer are B & E :
B. voice service voip
no ip address trusted authenticate
mode border-element
allow-connections sip to sip
E. voice service voip
mode border-element
ip address trusted list
ipv4 10.1.1.0 255.255 255.0
ipv4 10.3.1.0 255.255.255.0
allow-connections sip to sip
sip
you can configure only one under voice service Voip of the router, but both of them are correct.
I agree
BE are correct, A has wrong IP addresses and C does not have any IP address
B and E are correct
I agree