Cisco Cisco Expressway
■
Changing connection sockets (e.g. SIP port configuration)
■
Changing TFTP server configuration
■
Upgrading the software on the node
Configuring the HTTP Server Allow List on Expressway-C
Jabber client endpoints may need to access additional web services inside the enterprise. This requires an allow list
of servers to be configured to which the Expressway will grant access for HTTP traffic originating from outside the
enterprise.
of servers to be configured to which the Expressway will grant access for HTTP traffic originating from outside the
enterprise.
Here are some examples of features and services that you may need to add to the allow list:
■
Visual Voicemail
■
Jabber Update Server
■
Custom HTML tabs / icons
■
Directory Photo Host
■
Advanced File Transfer (AFT)
■
Problem Report Tool server
Note:
In order for the AFT feature to work across Expressway you must ensure that all Unified CM IM and Presence
Service nodes, across all Unified CM IM and Presence Service clusters, have been added to the allow list either
manually or automatically.
manually or automatically.
To configure the set of addresses to which HTTP access will be allowed:
1.
On Expressway-C, go to Configuration > Unified Communications > Configuration.
2.
Click HTTP server allow list.
3.
Configure the hostnames or IP addresses of any HTTP servers that external Jabber clients are allowed to
access.
access.
Access is granted if the server portion of the client-supplied URI matches one of the names entered here, or if
it resolves via DNS lookup to a specified IP address.
it resolves via DNS lookup to a specified IP address.
Expressway-C automatically adds the addresses of all discovered Unified CM nodes (that are running the
CallManager and TFTP service), IM and Presence Service nodes, and Cisco Unity Connection nodes to the allow list.
These entries cannot be deleted. These entries are displayed in the Auto-configured allow list section of the HTTP
server allow list page.
CallManager and TFTP service), IM and Presence Service nodes, and Cisco Unity Connection nodes to the allow list.
These entries cannot be deleted. These entries are displayed in the Auto-configured allow list section of the HTTP
server allow list page.
Setting Up the Expressway-E
This section describes the configuration steps required on the Expressway-E.
Configuring DNS and NTP Settings
Check and configure the basic system settings on Expressway:
1.
Ensure that System host name and Domain name are specified (System > DNS).
2.
Ensure that public DNS servers are specified (System > DNS).
3.
Ensure that all Expressway systems are synchronized to a reliable NTP service (System > Time). Use an
Authentication method in accordance with your local policy.
Authentication method in accordance with your local policy.
If you have a cluster of Expressways you must do this for every peer.
23
Mobile and Remote Access Through Cisco Expressway Deployment Guide
Configuring Mobile and Remote Access on Expressway