Cisco Cisco Expressway Maintenance Manual
Configuring traversal client zones
To traverse a firewall, the Expressway must be connected with a traversal server (typically, an Expressway-
E).
E).
In this situation your local Expressway is a traversal client, so you create a connection with the traversal
server by creating a traversal client zone on your local Expressway. You then configure the client zone with
details of the corresponding zone on the traversal server. (The traversal server must also be configured with
details of the Expressway client zone.)
server by creating a traversal client zone on your local Expressway. You then configure the client zone with
details of the corresponding zone on the traversal server. (The traversal server must also be configured with
details of the Expressway client zone.)
After you have neighbored with the traversal server you can:
n
use the neighbor as a traversal server
n
query the traversal server about its endpoints
n
apply transforms to any queries before they are sent to the traversal server
n
control the bandwidth used for calls between your local Expressway and the traversal server
For full details on how traversal client zones and traversal server zones work together to achieve firewall
traversal, see
traversal, see
.
must be configured for traversal zones to work.
The configurable options for a traversal client zone are:
Field
Description
Usage tips
Configuration
section:
Name
The name acts as a unique identifier, allowing you to
distinguish between zones of the same type.
distinguish between zones of the same type.
Type
The nature of the specified zone, in relation to the local
Expressway. Select Traversal client.
Expressway. Select Traversal client.
After a zone has been created,
the Type cannot be changed.
the Type cannot be changed.
Hop count
The hop count is the number of times a request will be
forwarded to a neighbor gatekeeper or proxy (see the
forwarded to a neighbor gatekeeper or proxy (see the
the hop count to use when sending a search request to
this particular zone.
this particular zone.
If the search request was
received from another zone and
already has a hop count
assigned, the lower of the two
values is used.
received from another zone and
already has a hop count
assigned, the lower of the two
values is used.
Connection credentials
section:
Username and
Password
Password
Traversal clients must always authenticate with traversal
servers by providing their authentication credentials. Each
traversal client zone must specify a Username and
Password to be used for authentication with the traversal
server.
servers by providing their authentication credentials. Each
traversal client zone must specify a Username and
Password to be used for authentication with the traversal
server.
Multiple traversal client zones
can be configured, each with
distinct credentials, to connect to
one or more service providers.
can be configured, each with
distinct credentials, to connect to
one or more service providers.
H.323
section:
Mode
Determines whether H.323 calls are allowed to and from
the traversal server.
the traversal server.
Protocol
Determines which of the two firewall traversal protocols
(Assent or H.460.18) to use for calls to the traversal server.
(Assent or H.460.18) to use for calls to the traversal server.
information.
Cisco Expressway Administrator Guide (X8.1.1)
Page 85 of 343
Zones and neighbors
Configuring zones