Cisco Cisco Expressway
If you are deploying Mobile and Remote Access with multiple IM and Presence Service clusters, you must configure
Intercluster peer links between the clusters, and the Intercluster Sync Agent (ICSA) must be active on all clusters.
This ensures that the user database is replicated between clusters, allowing Expressway-C to correctly route
XMPP traffic.
Intercluster peer links between the clusters, and the Intercluster Sync Agent (ICSA) must be active on all clusters.
This ensures that the user database is replicated between clusters, allowing Expressway-C to correctly route
XMPP traffic.
For details of the correct configuration, refer to the chapter "Intercluster Peer Configuration" in Configuration and
Administration of IM and Presence Service on Cisco Unified Communications Manager. You can find the correct
document for your version at
Administration of IM and Presence Service on Cisco Unified Communications Manager. You can find the correct
document for your version at
.
Expressway
The following steps summarize the configuration required on the Expressway-E and the Expressway-C. Full details
are described in section
are described in section
1.
Ensure that System host name and Domain name are specified for every Expressway, and that all Expressway
systems are synchronized to a reliable NTP service.
systems are synchronized to a reliable NTP service.
2.
Set Unified Communications mode to Mobile and remote access.
3.
Configure the Unified CM, IM and Presence Service, and Cisco Unity Connection servers on the Expressway-
C.
C.
4.
Configure the domains on the Expressway-C for which services are to be routed to Unified CM.
5.
[Optional] Create additional deployments and associate domains and UC services with them.
6.
Install appropriate server certificates and trusted CA certificates.
7.
Configure a Unified Communications traversal zone connection between the Expressway-E and the
Expressway-C.
Expressway-C.
8.
If required, configure the HTTP server allow list for any web services inside the enterprise that need to be
accessed from remote Jabber clients.
accessed from remote Jabber clients.
9.
[Optional] Configure SSO over collaboration edge, to allow for common identity between external Jabber
clients and the users' Unified CM profiles
clients and the users' Unified CM profiles
Note that configuration changes on the Expressway generally take immediate effect. If a system restart or other
action is required you will be notified of this either through a banner message or via an alarm.
action is required you will be notified of this either through a banner message or via an alarm.
Unified Communications Prerequisites
Configuring a Secure Traversal Zone Connection for Unified Communications
To support Unified Communications features (such as mobile and remote access or Jabber Guest), there must be a
Unified Communications traversal zone connection between the Expressway-C and the Expressway-E. This involves:
Unified Communications traversal zone connection between the Expressway-C and the Expressway-E. This involves:
■
Installing suitable security certificates on the Expressway-C and the Expressway-E.
■
Configuring a Unified Communications traversal zone between the Expressway-C and the Expressway-E
Note:
You should configure only one Unified Communications traversal zone per Expressway.
Installing Expressway Security Certificates
You must set up trust between the Expressway-C and the Expressway-E:
1.
Install a suitable server certificate on both the Expressway-C and the Expressway-E.
—
The certificate must include the Client Authentication extension. The system will not allow you to upload a
server certificate without this extension when Unified Communications features have been enabled.
server certificate without this extension when Unified Communications features have been enabled.
18
Mobile and Remote Access Through Cisco Expressway Deployment Guide
Unified Communications Prerequisites