Cisco Cisco TelePresence Management Suite (TMS) Version 15
Setting up DNS for Cisco IP Video Phone E20 provisioning
Cisco TelePresence Management Suite Agent Legacy Deployment Guide (13.2)
Page 39 of 55
Setting up DNS for Cisco IP Video Phone E20
provisioning
provisioning
This section describes the DNS setup necessary for provisioning E20 outside the firewall.
In standard Cisco TMS/Cisco VCS deployments for enterprises, some endpoints are connected to the
intranet while others are connected to a variety of home networks outside the firewall. In the latter case, the
E20 needs to connect to the Cisco TMS/Cisco VCS infrastructure through a Cisco VCS Expressway located
outside the company firewall. Consequently, the E20 must be provisioned with an Expressway as the SIP
proxy. This is only possible if the external manager entered into the E20 wizard is resolved through DNS.
intranet while others are connected to a variety of home networks outside the firewall. In the latter case, the
E20 needs to connect to the Cisco TMS/Cisco VCS infrastructure through a Cisco VCS Expressway located
outside the company firewall. Consequently, the E20 must be provisioned with an Expressway as the SIP
proxy. This is only possible if the external manager entered into the E20 wizard is resolved through DNS.
If provisioning is done internally, this setup is optional; however, it will allow for a flexible failover/load-
balancing scheme for the Cisco VCS cluster.
balancing scheme for the Cisco VCS cluster.
NAPTR records
A Name Authority Pointer (NAPTR) record is a DNS record used for regular expression rewrite rules for
domain names.
domain names.
Setting up these DNS entries can be done in two ways. The DNS infrastructure could return different NAPTR
records depending on whether the external manager is located inside or outside the firewall. If this is not
possible, the DNS names of the external manager addresses must be different and resolve to two different
NAPTR records on the same DNS server.
records depending on whether the external manager is located inside or outside the firewall. If this is not
possible, the DNS names of the external manager addresses must be different and resolve to two different
NAPTR records on the same DNS server.
Flags
The E20 bases its provisioning request on the NAPTR record flag:
n
"s" indicates that the NAPTR response is an SRV record. If the flag is "s" only, the E20 will be provisioned
from the internal Cisco VCS.
from the internal Cisco VCS.
n
"e" indicates that the SIP proxy is located outside the firewall (e=external). This indicator is Cisco
proprietary. If the flag is "se", the E20 will be provisioned from the external Cisco VCS.
proprietary. If the flag is "se", the E20 will be provisioned from the external Cisco VCS.
Required NAPTR record for external endpoint provisioning
For an encrypted TCP connection, use the following type of record to point to the SIP secure service:
example.com. IN NAPTR 50
50
"se"
"SIPS+D2T"
"" _sips._
tcp.example.com.
For a non-encrypted TCP connection, use the following type of record to point to the TCP SIP service:
example.com. IN NAPTR 90
50
"se"
"SIP+D2T"
""
_sip._
tcp.example.com.
For a non-encrypted UDP connection, use the following type of record to point to the TCP SIP service:
example.com. IN NAPTR 100
50
"se"
"SIP+D2U"
"" _sip._
udp.example.com.
Optional NAPTR record for internal endpoint provisioning
For an encrypted TCP connection, use the following type of record to point to the SIP secure service:
example.com. IN NAPTR 50
50
"s"
"SIPS+D2T"
"" _sips._
tcp.example.com.