Computer Telephony Interface Quick Buffer Encoding Inspection

Some Cisco Voice over IP (VoIP) applications use the Telephony Application Programming Interface (TAPI) and Java TAPI (JTAPI). TAPI-compatible applications can run on a wide variety of PC and telephony hardware and can support a variety of network services. The Cisco TAPI Service Provider (TSP) uses the Computer Telephony Interface Quick Buffer Encoding (CTIQBE) to communicate with Cisco CallManager on TCP port 2748. Figure 8-1 illustrates how CTIQBE works.

Figure 8-1. Explanation of CTIQBE

In Figure 8-1, a PC with Cisco IP SoftPhone communicates with a Cisco CallManager. CTIQBE inspection is not enabled by default. Use the inspect ctiqbe command to enable the Cisco ASA to inspect the TCP port 2748 CTIQBE packets, as shown in Example 8-5.

Example 8-5. Enabling CTIQBE Inspection

Chicago# configure terminal

Chicago(config)# policy-map asa_global_fw_policy

Chicago(config-pmap)# class inspection_default

Chicago(config-pmap-c)# inspect ctiqbe

In Example 8-5, CTIQBE inspection is enabled under the Cisco ASA global policy. Consequently, all traffic traversing the security appliance is inspected for CTIQBE, which successfully translates and transfers CTIQBE traffic to and from Cisco CallManager and IP SoftPhone.


CTIQBE application inspection is not supported if the alias command is present in the configuration.


CTIQBE calls will fail if two Cisco IP SoftPhones are registered with different Cisco CallManagers connected to different interfaces of the Cisco ASA.


If the Cisco CallManager IP address is to be translated and you are also using PAT, TCP port 2748 must be statically mapped to the same port of the PAT (interface) address for Cisco IP SoftPhone registrations to succeed. The CTIQBE listening port (TCP 2748) is fixed and is not configurable on Cisco CallManager, Cisco IP SoftPhone, or Cisco TSP.


Stateful failover of CTIQBE calls is not supported.

You can use the show conn state ctiqbe detail command to display the status of CTIQBE connections. The C flag represents the media connections allocated by the CTIQBE inspection engine. Example 8-6 includes the output of the show conn state ctiqbe detail command.

Example 8-6. Output of the show conn state ctiqbe detail Command

Chicago# show conn state ctiqbe detail

5 in use, 11 most used

Flags: A - awaiting inside ACK to SYN, a - awaiting outside ACK to SYN,

 B - initial SYN from outside, C - CTIQBE media, D - DNS, d - dump,

 E - outside back connection, F - outside FIN, f - inside FIN,

 G - group, g - MGCP, H - H.323, h - H.225.0, I - inbound data,

 i - incomplete, J - GTP, j - GTP data, k - Skinny media,

 M - SMTP data, m - SIP media, O - outbound data, P - inside back connection,

 q - SQL*Net data, R - outside acknowledged FIN,

 R - UDP RPC, r - inside acknowledged FIN, S - awaiting inside SYN,

 s - awaiting outside SYN, T - SIP, t - SIP transient, U - up

Part I: Product Overview

Introduction to Network Security

Product History

Hardware Overview

Part II: Firewall Solution

Initial Setup and System Maintenance

Network Access Control

IP Routing

Authentication, Authorization, and Accounting (AAA)

Application Inspection

Security Contexts

Transparent Firewalls

Failover and Redundancy

Quality of Service

Part III: Intrusion Prevention System (IPS) Solution

Intrusion Prevention System Integration

Configuring and Troubleshooting Cisco IPS Software via CLI

Part IV: Virtual Private Network (VPN) Solution

Site-to-Site IPSec VPNs

Remote Access VPN

Public Key Infrastructure (PKI)

Part V: Adaptive Security Device Manager

Introduction to ASDM

Firewall Management Using ASDM

IPS Management Using ASDM

VPN Management Using ASDM

Case Studies

Cisco Asa(c) All-in-one Firewall, IPS, And VPN Adaptive Security Appliance
Cisco ASA: All-in-One Firewall, IPS, and VPN Adaptive Security Appliance
ISBN: 1587052091
EAN: 2147483647
Year: 2006
Pages: 231 © 2008-2020.
If you may any questions please contact us: