Cisco Cisco Expressway Maintenance Manual
Unified Communications
This section describes how to configure the Expressway-C and Expressway-E for Unified Communications
functionality, a core part of the Cisco Collaboration Edge Architecture:
functionality, a core part of the Cisco Collaboration Edge Architecture:
Unified Communications Prerequisites
Configuring a Secure Traversal Zone Connection for Unified Communications
To support Unified Communications features (such as mobile and remote access or Jabber Guest), there must be a
Unified Communications traversal zone connection between the Expressway-C and the Expressway-E. This involves:
Unified Communications traversal zone connection between the Expressway-C and the Expressway-E. This involves:
■
Installing suitable security certificates on the Expressway-C and the Expressway-E.
■
Configuring a Unified Communications traversal zone between the Expressway-C and the Expressway-E
Note:
You should configure only one Unified Communications traversal zone per Expressway.
Installing Expressway Security Certificates
You must set up trust between the Expressway-C and the Expressway-E:
1.
Install a suitable server certificate on both the Expressway-C and the Expressway-E.
—
The certificate must include the Client Authentication extension. The system will not allow you to upload a
server certificate without this extension when Unified Communications features have been enabled.
server certificate without this extension when Unified Communications features have been enabled.
—
The Expressway includes a built-in mechanism to generate a certificate signing request (CSR) and is the
recommended method for generating a CSR:
recommended method for generating a CSR:
•
Ensure that the CA that signs the request does not strip out the client authentication extension.
•
The generated CSR includes the client authentication request and any relevant subject alternate names
for the Unified Communications features that have been enabled (see
for the Unified Communications features that have been enabled (see
).
—
To generate a CSR and /or to upload a server certificate to the Expressway, go to Maintenance > Security
certificates > Server certificate. You must restart the Expressway for the new server certificate to take
effect.
certificates > Server certificate. You must restart the Expressway for the new server certificate to take
effect.
Cisco Systems, Inc.
56