Cisco Cisco Expressway

server certificate in their list of trusted CAs.

Jabber uses the underlying operating system's certificate mechanism:

Windows: Certificate Manager

MAC OS X: Key chain access

IOS: Trust store

Android: Location & Security settings

Jabber client configuration details for mobile and remote access is contained within the relevant installation
and configuration for that Jabber client:

Cisco Jabber for Windows

Cisco Jabber for iPad

Cisco Jabber for Android

Cisco Jabber for Mac

(requires X8.2 or later)

DNS records

This section summarizes the public (external) and local (internal) DNS requirements. For more information,
see

Cisco Jabber DNS Configuration Guide

Public DNS

The public (external) DNS must be configured with _collab-edge._tls.<domain> SRV records so that
endpoints can discover the Expressway-Es to use for mobile and remote access. SIP service records are
also required (for general deployment, not specifically for mobile and remote access). For example, for a
cluster of 2 Expressway-E systems:

Domain

Service

Protocol

Priority

Weight

Port

Target host

example.com

collab-edge

tls

8443

expe1.example.com

example.com

collab-edge

tls

8443

expe2.example.com

example.com

sips

tcp

5061

expe1.example.com

example.com

sips

tcp

5061

expe2.example.com

Local DNS

The local (internal) DNS requires _cisco-uds._tcp.<domain> and _cuplogin._tcp.<domain>
SRV records. For example:

Domain

Service

Protocol

Priority

Weight

Port

Target host

example.com

cisco-uds

tcp

8443

cucmserver.example.com

example.com

cuplogin

tcp

8443

cupserver.example.com

Ensure that the cisco-uds and _cuplogin SRV records are NOT resolvable outside of the internal
network, otherwise the Jabber client will not start mobile and remote access negotiation via the Expressway-
E.

Unified Communications Mobile and Remote Access via Cisco Expressway Deployment Guide (X8.2)

Page 10 of 40

Configuration overview