Cisco Cisco Meeting Server 1000

Cisco Meeting Server Release 2.0 : Certificate Guidelines for Single Split Deployments

for example, if the trunk connection will be allowed on interface A, port 4999, then type:

loadbalancer trunk Edge1toLB a:4999

5. Configure the public interface and port (for accepting client connections), using

loadbalancer public <tag> <iface:port whitelist>

for example, if client connections are to be allowed on B, port 5222, then type:

loadbalancer public Edge1toLB b:5222

6. In a common Edge server deployment, the Web Bridge is also enabled and needs to make

use of the trunk. To allow this, configure the loopback as a public interface, e.g.

loadbalancer public Edge1toLB b:5222 lo:5222

7. Enable the trunk, using:

loadbalancer enable <tag>

for example

loadbalancer enable Edge1toLB

Note: The public port is not opened until there is a trunk to service the connection.

8. SSH into the MMP of the Core server

9. Create a trunk between the Core and Edge server for xmpp traffic

trunk create <tag> <port/service name>

For example:

trunk create trunktoEdge1 xmpp

10. Assign the private key/certificate pair to the trunk and the Load Balancer’s certificate using

the command:

trunk auth <tag> <key-file> <cert-file> <trust-bundle>

where keyfile and certificatefile are the filenames of the matching private
key/certificate pair for the trunk, <trust-bundle> is the certificate for the Load Balancer.

For example:

trunk auth trunktoEdge1 core1.key core1.crt edge1.crt

Note: The Load Balancer certificate

edge1.crt

is added as a ‘trust bundle’ to the Core

server

11. Configure the Edge server that this trunk will connect to, using:

trunk edge <tag> <edge name/ip address> [<default port>]

For example, if the Edge server name is edge1.example.com using port 4999, then type:

trunk edge trunktoEdge1 edge1.example.com 4999

4 Installing signed certificates and private keys on the Meeting Server