BLF Presence

For Directory Number Presence the Directory Number needs to be associated with the user via either;

  1. The End User  Line Appearance Association for Presence setting
  2. Via the DN Line Appearance  Users Associated with Line settings.

Both these settings perform the same function therefore only one method needs to be used. This allows the users Presence to be advertised to watchers. CUCM will advertise the presence status directly to IM&P using SIP PUBLISH.

With the use of Jabber and when the user is logged into Jabber as well as the DN on the phone, CUCM will send the BLF presence to the logged in Jabber client, the Jabber client will then inform IM&P of the user presence via XMPP/HTTP. CUCM does not advertise direct to IM&P in this situation.

BLF Presence Group & Subscribe CSS

A subscribe CSS is associated with the watcher and lists the partitions that the watcher is allowed to see.

Use subscribe CSSs to control the routing of a watcher presence-based SIP SUBSCRIBE message to the correct destinations.

A BLF presence group controls the destinations that a watcher can monitor, based on the association of a user, device or dn with a defined presence group. Devices, directory numbers, and users can be assigned to a presence group.
Use presence groups to define sets of similar users and to define whether presence status updates of other user groups are allowed or disallowed.
BLF speed dials are administratively controlled and are not impacted by the presence policy configuration.

Therefore on a SIP trunk, the SCSS provides the partitions that the inbound SUBSCRIBE on the SIP trunk is allowed to see (iow: the partitions that the SUBSCRIBE(R) is allowed to be routed to). The SIP trunk SCSS is assigned for inbound SUBSCRIBE requests from the connected SIP device. The BLF group provides the permissions after SCSS has been checked. For inbound SUBSCRIBEs this means that the SUBSCRIBE will be checked against the SCSS then the BLF Presence Group. For SUBSCRIBE request from CUCM (or connected devices to CUCM – phones) the BLF group is representative of the external connected SIP devices and the SIP trunk BLF group must be permitted in the source SUBSCRIBE request BLF presence group.
BLF provides the basic grouping of device, DN and users and additionally provides authorisation between presence groups (inter-presence-subscriptions). Devices, DN and users can also be in different partitions. By using Presence Groups, the authorisation (or access) to these entities can be further restricted at Presence Group level.

CUCM Enterprise Parameter “BLF For Call Lists  Required Field” needs to be changed from the default of disabled to enabled in order for CUCM connected phones to see the presence status of directory numbers in call history and directories.

IOS requires the presence presence call-list command to be enabled.

CUCM Processing

So CUCM looks at it this way.

  1. Does the watcher’s SCSS include the partition of the watchee ?
    1. No – Deny SUBSCRIBE request
    2. Yes – Is the watcher’s assigned BLF presence group allowed to ‘see’/access the watchee’s BLF presence group?
      1. No – Deny SUBSCRIBE request
      2. Yes – Allow SUBSCRIBE request

CUCM Summary

  1. First Level Authorisation: SCSS (Partitions
  2. Second Level Authorisation: BLF Presence Group)


  • BLF Presence Group
  • SUBSCRIBE Calling Search Space
  • SIP Trunk Security Profile
    • Accept presence subscription (TRUE)
    • Accept unsolicited notification (TRUE) [not validated required as TRUE yet]


voice register dn  1
number 5002000
 allow watch
name Doggie
label Doggie(BR3)
voice register pool  1
id mac ACA0.166F.2173
type 9971
number 1 dn 1
dtmf-relay sip-kpml
username Doggie password 1
no vad
blf-speed-dial 1 2001000 label “Simon(HQ)”
 blf-speed-dial 2 3008101 label “Johnny(BR1)”
 blf-speed-dial 3 3008100 label “Boggie(BR1)”
 presence call-list
 watcher all
 allow subscribe
 presence enable

Simon Birtles

I have been in the IT sector for over 20 years with a primary focus on solutions around networking architecture & design in Data Center and WAN. I have held two CCIEs (#20221) for over 12 years with many retired certifications with Cisco and Microsoft. I have worked in demanding and critical sectors such as finance, insurance, health care and government providing solutions for architecture, design and problem analysis. I have been coding for as long as I can remember in C/C++ and Python (for most things nowadays). Locations that I work without additional paperwork (incl. post Brexit) are the UK and the EU including Germany, Netherlands, Spain and Belgium.