Jabber client - encryption of VCS Expressway with MRA

Similar Questions

• Control of VCS and VCS expressway design

  I have a problem with the design of control and track Express VCS. Now, here's two VCS control and a highway. As you know, put on the Internet Highway and a control on my seat. At the same time, I want to put the other control on the management of my company which is in another city. Can it work correctly? How dose it work?

  You must create two zones on VCS Expressway crossing server and a customer journey area by control VCS.

  In other words, you should have a link path by VCS - C connection VCS-E separately.

  Please be sure to set different H.323/SIP port on each VCS - C.

  For example:

  VCS - C1 (Headquarters): area of traversal client pointing to VCS-E 6001 as port H323 and SIP traversal port 7001.

  VCS - C2 (branch): area of traversal client pointing to VCS - E with 6002 as port H323 and SIP traversal port 7002.

  VCS-E: a traversal server zone list for VCS - C1 (6001 as port H323 and SIP traversal port 7001) and other traversal server list for VCS - C2 (6002 as port H323 and SIP traversal port 7002)

• Client Jabber Viceo registry for VCS/MSDS

  Hello

  I am trying to record a video jabber VCS or TMS customer but his does not work. Whenever I was

  "Bad username, domain and/or password". Check spelling and caps lock.

  Do not know why. Should what I do to register a customer with username and password? VCSC and VCSe are configured for access from inside and outside VCSe.

  Is there a guide for video Jabber clients?

  Best regards

  Jason

  Hi Jason!

  You need a starter pack of VCS-highway or TMS (license + Movi licenses) and a VCS (with the option of commissioning key device).

  As you write VCSe and c its more likely that you do not have the starter pack.

  She has need of configuration and user creation, so it would work not just out of the box.

  The recommended method is the TMSPE, you will find here the deployment guide:

  http://www.Cisco.com/en/us/docs/Telepresence/infrastructure/tmspe/Install_Guide/Cisco_TMSPE_Deployment_Guide_1-0.PDF

  If you have older versions of TMS/VCS you will use it (but I recommend you upgrade and use TMSPE!):

  http://www.Cisco.com/en/us/docs/Telepresence/infrastructure/TMS/config_guide/Cisco_TMS_Provisioning_Deployment_Guide_13-0.PDF

  In addition to this documentation Cisco for TMS, VCS and JabberVideo control.

  TMS:

  http://www.Cisco.com/en/us/products/ps11338/tsd_products_support_series_home.html

  VCS:

  http://www.Cisco.com/en/us/products/ps11337/tsd_products_support_series_home.html

  JabberVideo:

  http://www.Cisco.com/en/us/products/ps11328/tsd_products_support_series_home.html

  Jason: Please note the validations and define the thread if it's an answer!

• Jabber VCS Expressway - DNS resolution internal Highway itself

  Much of community support.

  I am currently configuration solution VCS Expressway (Highway E both Expressway C servers). Due to some restrictions of firewall that I need to resolve the fqdn Expressway C directly from the highway E server which means that I need to Hwy E resolve C Expressway fqdn withoout using the DNS server. I was wondering if there is a way to edit the VCS Expressway hosts file (if such a thing exists in the VCS) as anyone can do in the operating systems such as linux. I make this question because I took a capture .pcap of VCS and there saw the DNS query process but option number one was 127.0.0.1, which is the highway itself. Perhaps this connection attempt is just the highway to research in its DNS cache, but I'm not sure.

  Best regards

  Roberto Lopez.

  Ah, this is the reason why I asked. You don't need DNS for it.

  The way it will work is when the Traversal (in your case Expressway-C) client tries to connect to the server of course (in your case Expressway-E), the Traversal server will look at the common name on the cert that was produced by the customer of the crossing. He sees if the highway E would be there with what is specified when you configure the zone crossing on the highway e.

  Basically, DNS is not necessary. You just need to make sure that the domain Highway C FULL name is what is specified in the "TLS check name of the topic." Also make sure that if the certificates are signed by a CA, root/intermediate certificates must be downloaded to the two C/E Expressway. also, make sure you put the FULL name of the motorway E in the crossing area on the fast track C, and not the IP address.

  HTH

• Cannot communicate with the server error 11.5 Jabber clients Windows and Mac

  Hi guys,.

  I recently installed CUCM 11.5 (No. Cisco instant messaging and presence) in my lab. Its a simple installation without the LDAP server using the internal directory CUCM to set up customers. I am successfully able to connect to Jabber via my iPhone and iPad on 11.5 Jabber clients or 11.6. I am also able to connect to jabber in windows machine if I use the version of the client Jabber 9.7. However, if I use 11.5 Jabber on the Windows client, it gives me "cannot connect with Server error." On Macbook, I get this error on all the versions I used including old version 9.6.

  The only thing that I noticed that it is option for iPhone Jabber Client forward to put the ip of the CUCM server on option Phone Service only. There are in Windows or Mac Jabber Client 11.6, arrangement for CCM 9 or a later version, where I put my CUCM server IP address.  Am I missing something?

  Kind regards

  S

  Hello

  Just check that you have configured on the system--> the server on cucm entry. If its host name or the FULL domain name, I think your jabber for windows try to solve but unable to do so because of no connectivity to the DNS server or no entry in the DNS server.  Try it below to check if she.

  Change the host file on PC windows from the location below,

  C:\Windows\system32\drivers\etc

  Once you pass on the location and add the cucm entry in the host file, reset your jabber and mention the cucm for connection ip address manually and then check.

• The authentication of the client at the edge of Collaboration / MRA

  Hello

  Could someone help with the following question?

  When a Jabber client to get authenticated?

  My understanding is that when a Jabber Internet device accesses (to connect) the highway-E, only the server (Expressway-E) is authenticated (using the public certification authority in the operative part of Jabber).

  Is this correct? If so, the user of the device Jabber/get authenticated when the device attempts to save with the CUCM?

  Thanks in advance,

  / Bertin

  Dimension Data.

  In the case of deployment of Jabber/CUCM/Highway, during the initial connection between the Jabber client and server side of the highway, there is an exchange of key/cert/handshake that creates a secure between communication channel. At this point customer Jabber solidly passes the credentials to the edge of the highway and happening at the Expressway kernel, the kernel then provides the credentials to the server CUCM (that defies in turn compared to its local user database authentication or LDAP, if it is in use) then returns a message authenticated core Expressway , which sends it to the side of the highway, which tells in turn the Jabber client, it has successfully authenticated.

  This leaves out some deeper technical details, but does that answer your question?

  Also, above statements may be different for a deployment of VCS (not Expressway series) as there are has several authentication options. It would also be about endpoint and video Jabber for TelePresence and not 'normal' Jabber points.

• Highway-C and highway-E and VCS Expressway

  Hello

  I'm confused by these three

  I know that expressway-E is used with Express-C track

  Their function is like VCS Expressway? or am I wrong?

  Please help to know when to use each one?

  Also why use us next to the firewall? What is the average of the crossing of firewall?

  Also, when I connect external with Jabber, is there any type of registration with each of them? I see a number taken in charge of registeration of 2500 and 5000 in the VCS Expressway data sheet

  Thank you

  Haitham

  Hi Haitham,

  In general, a point of endpoints/client must register for a 'device' so that it can be used as part of a company dial plan. This 'device' could be CUCM or a VCS and will determine if an endpoint/client is used to connect, or how the calls and form, it can be done.

  If the endpoint does NOT have one of these devices (CUCM or VCS), it could still be used (for example, a videoconferencing device stand alone), it's just that we do not see within the company structure of appeal. It may not appear in the directories, it cannot give priority to call outside, etc etc. The Jabber client has to register with CUCM either a VCS to make it work at all.

  If you use CUCM with a VCS-E, endpoints will record to CUCM. If the endpoints are internal to the company, they apply directly to the CUCM and if are external, then they will be connect via VCS-E and the recording will be dug through CUCM, so still save with CUCM.

  VCS-C/e with environment of TMS, endpoints will record VCS - c when internal and again use the VCS-E for tunnel applications from external device to the VCS - C. Depending on how you want to deploy these devices, external devices/clients could actually register directly with VCS-E, but I'm getting ahead of things. Jabber in this environment use of TMS to provide authentication of the user, even if the actual recording takes place on the VCS.

  Does that help?

  Chris

• How to make or VCS Expressway TURN illustrated works?

  Hi, Experts.

  My VCS Expressway equipped Tower, and I found for TOWER configuration is pretty simple, it allow just under VCS Configuration > Expressway > turn ON, but no matter, I tried, licenses of relay TOWER always indicated '0' in the 'current' line under the VCS Expressway dashboard.

  I took my test in this way, two Jabber client video (v4.5, MAC edition) reside in a different network behind NAT (no firewall), they call each other and regardless I turn on or turn off the TOWER, still good video quality services mine. (VCS Highway away from the two movi), I assumed that in both cases, the media traffic send directly between the two Movi, rather than climb up to the VCS Highway and then return, normally called us "Hairpin" traffic.

  The result is not I have enabled or disabled the service of the TOWER, it always not-pinned hair, and still no license relay TOWER was used.

  What happens here? something wrong? I'm quite confused.

  You have to turn on the feature of ice on the Jabber video model?

  

  On the model of commissioning, you must configure the address of TurnServer, TurnAuthUsername and TurnAuthPassword.

  You must also configure the authentication domain in VCS - E who use to run the server (you must set the match name and user password with TurnAuthUsername and TurnAuthPassword set up on the model of commissioning).

• VCS Express with CUCM 10

  Hello

  There is a lot of confusion on Express C/E & VCS C/E, if anyone can confirm my following queries:

  With VCS VCS & Express control every endpoint to register with VCS control (no participation required CUCM or VCS control can't integrate with CUCM)?

  With Highway Core & edge that every endpoint is record in CUCM & CUCM will record Expressway Core?

  For calls B2B & movi Jabber, that we must have Expressway Center/periphery, VCS control/Express IS NOT support jabber movi & called B2B?

  Software Express C/E & VCS C/E are the same, but the licenses are different?

  Our clients have obtained

  1 x control VCS licensed

  1 x Express VCS under license

  1 x ISDN gateway,

  1 x TP driver

  1 x TP management suit.

  Kind regards

  Francisco

  With VCS VCS & Express control every endpoint to register with VCS control (no participation required CUCM or VCS control can't integrate with CUCM)?

  Yes, no CUCM is required, endpoints can also enroll in the VCS-E or it could register SIP to VCS - C proxy endpoints. A parallel installation of VCS CUCM with a trunk should also work with todays versions.

  The VCS will be only support standards basis of endpoints SIP and H323, its main purpose

  a for video settings. You won't be able to use it to register, provision or use of Cisco IP phones with it.

  With Highway Core & edge that every endpoint is record in CUCM & CUCM will record Expressway Core?

  See the C & E highway as a single unit to the external communication. The registrations are transferred by proxy

  CUCM outside.

  But that also means, you can't register 3 party at the highway and even end points

  Cisco endpoints must support the installation of the fast track C & E.

  The highway also runs things like XMPP for Jabber.

  For calls B2B & movi Jabber, that we must have Expressway Center/periphery, VCS control/Express IS NOT support jabber movi & called B2B?

  The C & E Highway can also manipulate calls business2business or another sip trunks / h323, but this infrastructure requires the media license.

  B2B calls also works very well with the installation of VCS.

  If you are talking about how to provide Jabber accounts and video Jabber:

  There are video Jabber (which is implemented by TMS and VCS) and Jabber (i.e. led CUCM) there.

  If you are talking about outside calls that he can just be regarded as regular b2b external calls.

  then they be it work with VCS or motorways on the site of the end.

  Software Express C/E & VCS C/E are the same, but the licenses are different?

  It is correct. Licensing Expressway is more attractive for users CUCM, but you already have

  have SPRDD in place that should work in all cases well.

  With CUCM, you get licenses Expressway in any case. So according to the type of use, you.

  B2B, internal calls... you can add a configuration of fast track to Jabber and the stuff of office home and

  use the VCs to B2B and part 3 records.

• VCS Expressway IP Private address

  I have a control of VCS and Express that seems to work fine with normal endpoints.

  Also, Movi users can register from the inside to the control without problem.

  I areas, configuration etc. correctly I think.

  I'm not sure is

  Control and Express have private IP addresses

  Express has a 1:1 of its public address NAT.

  There is no option of dual nic.

  This will cause no problem checking out movi?

  I even see the attempt of entry in the register.  I only see a subscription.

  Thank you

  Hi John,.

  Yes, using a 1:1NAT with the highway you need a key to option DOUBLE NIC. It will allow the option configure the NAT STATIC address in IP field configuration.

  With this highway configuration would come to know the NAT address.

  If you collect the newspapers, then you will see the message subscribe however if you collect the wireshark traces or MOVI/Jabber client logs you will see the jabber trying to send enrollment message to the private ip address of the highway and not NAT'ed ip, then the record will get failed.

  to make the script work, option key double nic.

  check out the link for more details below.

  http://www.Cisco.com/en/us/docs/Telepresence/infrastructure/VCs/config_guide/Cisco_VCS_Basic_Configuration_Cisco_VCS_Control_with_Cisco_VCS_Expressway_Deployment_Guide_X7-1.PDF

  Appendix 4 page no 59 has really good explanation.

  Thank you

  Alok

• VCS Expressway, highway

  Hello

  Gently, I confused, what are the differences between VCS Expressway and Freeway?

  -Don't need Expressway a HW (server), it is only allowed in CUCM I need to buy?

  -pre sales engineer, when can I choose VCS-E? and when can I take the freeway?

  Thanks and greetings

  There is a thread here:

  https://supportforums.Cisco.com/discussion/12699961/Expressway-series-vs-VCs-control-Expressway

  To summarize:

  What are the differences between VCS Expressway and Freeway?

  -VCS expressway or the Server Traversal is the 'legacy' that supports local recording of external H323/SIP based endpoints by using its features of Registrar Gatekeeper h.323 and SIP. It also serves as the traversal server for VCS (client of crossing) control to support for firewall traversal calls and B2B.

  -Highway consists of Core Expressway and the highway, or they call it 'Collaboration Edge'. The concept of highway is the same as the 'life' VCS control + VCS Expressway to provide firewall route, B2B calls. Channel Express is an extension for CUCM controlled environment for Mobile and remote access. With Highway, external clients/video endpoints can register on the CUCM without using VPN. Expressway in this case do not support the records the of endpoints. Endpoints will locally save on CUCM using technology of firewall Expressway (Core + Edge) courses.

  Expressway takes a HW (server), it is only allowed in CUCM I need to buy?

  -  Highway needs a server and it can be deployed in a virtual environment.

  You can take a look at offerings Cisco Business Edition 6000 (BE6K):

  http://www.Cisco.com/c/en/us/products/collateral/Unified-Communications/Business-Edition-6000/data_sheet_c78-717454.html?CacheMode=refresh

  as when can pre sales engineer, I choose VCS-E? and when can I take the freeway?

  -I suggest to contact your Cisco representative helping you find the right solution for your customer.

  Kind regards

  Acevirgil

• VCS Expressway cannot connect

  Hello

  I just put in place a control of VCS and a highway of VCS. I set up the traversal client on the VCS control using the port 6001 H.323 and SIP 7001.  I set up the crossing on the VCS Exp server using the same ports.  I get "H.323 could not not connect to x.x.x.x:6001 no response of the system.

  The SIP will not connect either 'connection failed '.

  There is no list of the control of VCS to VCS highway.  Authentication is disabled.  They are both pointed out the same NTP.

  Any ideas?

  Thank you!!

  Rhonda,

  In short, the configuration looks OK. Can specify you what other types of devices couche3 between the VCS - C and VCS-E outside the ASA?

  If the firewall is not the issue, the problem may be caused by routing problems. If you allow ICMP from the command to the highway, you can check if the routing of the works by logging in as root (with SSH) for the VCS - C and launching the command

  Traceroute x.x.x.x

  where x.x.x.x is the IP address of your Expressway.

  Thank you

  Andreas

• Disable the content on the Jabber client

  Hello

  Just thought that I had double check, I suspect that the answer is no - are there any way to disable the sharing of content (BFCP) on the Jabber client (without making any changes on the infrastructure)?

  Thank you

  Hi Darren,

  No you can not disable it on video Jabber. However if you have a sheath with a specific neighbor where you don't want users of content sharing then made a custom in VCS area and disable the option of BFCP here!

  Any special requirement, why you want to disable this feature?

  Concerning

  Alok

• Cannot call the Jabber Client customer Movi

  Hi team,

  We cannot call Jabber Client customer Movi using client SIP URI of Movi.

  Here is the photo of the back-end infrastructure: -.

  CUCM: 8.6.2

  VCS: X7.2

  TMS: 13.2.1

  CUPS: N/A

  The Jabber Clients are sized CUCM and CUPS. MOVI Clients are provisioned on the TMS and VCS.

  I've referred a case of TAC and TAC engineer informed that dialing SIP URI is not supported Jabber client on CUCM 8.6.2 Movi

  Could someone provide me with the Bug ID or valid document that says. ?

  Thank you

  Saurabh

  Slim,

  I'll send you the link Monday

  Thnx

  Alok

• Internet of Jabber Clients through VCSe calls

  Hi Experts,

  We have provisioned on CUCM 8.6.2 Jabber clients and Movi customers supplied on VCS control (X 7.0) and TMS (13.2.1)

  We will deploy VCSexpressway soon to our society.

  My request is that it will be possible for the Jabber Clients on CUCM to call outside our company. I know Movi would work, but not sure of Jabber clients.

  Could someone help me? If it can work, how it is possible?

  Thank you

  Saurabh

  Slim,

  It should work very well. !! Once you make a call to jabber client that calls flow would be to track Express VCS de VCS control and then again in venture capital control of CUCM on the sip trunk.

  the only thing is that you must develop with the numbering plan so that it should not conflict with other numbering on the vcs control plans.

  Rgds,

  Alok