Cisco Cisco Expressway
1.
Go to System > DNS.
2.
Configure the Domain name as follows:
Expressway-C
Expressway-E
Domain name
Enter internal-domain.net
Enter example.com
3.
Click Save.
The fully qualified domain name for the Expressway-C is now
expc.internal-domain.net
The fully qualified domain name for the Expressway-E is now
expe.example.com
DNS Servers
The DNS server addresses specify the IP addresses of up to five domain name servers to be used for resolving domain
names. In either of the following cases you must specify at least one default DNS server for address resolution:
names. In either of the following cases you must specify at least one default DNS server for address resolution:
■
To use fully qualified domain names instead of IP addresses when specifying external addresses. For example,
for LDAP and NTP servers, neighbor zones and peers.
for LDAP and NTP servers, neighbor zones and peers.
■
To use features such as URI dialing or ENUM dialing.
The Expressway queries one server at a time. If that server is unavailable the Expressway tries another server from the
list.
list.
In the example deployment two DNS servers are configured for each Expressway, which provides a level of DNS
server redundancy. The Expressway-C is configured with DNS servers which are located on the internal network. The
Expressway-E is configured with DNS servers which are publicly routable.
server redundancy. The Expressway-C is configured with DNS servers which are located on the internal network. The
Expressway-E is configured with DNS servers which are publicly routable.
To configure the Default DNS server addresses:
1.
Go to System > DNS.
2.
Configure the DNS server Address fields as follows:
Expressway-C
Expressway-E
Address 1
Enter 10.0.0.11
Enter 194.72.6.57
Address 2
Enter 10.0.0.12
Enter 194.73.82.242
3.
Click Save.
Expressway-C has a fully qualified domain name of expc.internal-domain.net
Expressway-E has a fully qualified domain name of expe.example.com
Task 5: Replacing the Default Server Certificate
For extra security, you may want to have the Expressway communicate with other systems (such as LDAP servers,
neighbor Expressways, or clients such as SIP endpoints and web browsers) using TLS encryption.
neighbor Expressways, or clients such as SIP endpoints and web browsers) using TLS encryption.
For this to work successfully in a connection between a client and server:
■
The server must have a certificate installed that verifies its identity. This certificate must be signed by a
Certificate Authority (CA).
Certificate Authority (CA).
■
The client must trust the CA that signed the certificate used by the server.
The Expressway allows you to install a certificate that can represent the Expressway as either a client or a server in
connections using TLS. The Expressway can also authenticate client connections (typically from a web browser) over
connections using TLS. The Expressway can also authenticate client connections (typically from a web browser) over
20
Cisco Expressway-E and Expressway-C - Basic Configuration Deployment Guide
Expressway System Configuration