Cisco Cisco Expressway Maintenance Manual
Note: If you were using the SSO feature with X8.5, this change may cause it to stop working after upgrade
to X8.5.1. You have two options to resolve this: leave the new default on the Expressway-C, and you may
need to reconfigure the IdP to expect requests to be signed with SHA-256 (recommended for better
security); the other option is to revert the Expressway-C's signing algorithm to SHA-1 for your IdP (go to
to X8.5.1. You have two options to resolve this: leave the new default on the Expressway-C, and you may
need to reconfigure the IdP to expect requests to be signed with SHA-256 (recommended for better
security); the other option is to revert the Expressway-C's signing algorithm to SHA-1 for your IdP (go to
Configuration > Unified Communications > Identity Providers (IdP)
, locate your IdP row, then in
Actions
column click Configure Digest).
X8.2
Unified Communications: Jabber Guest
Cisco Jabber Guest is a consumer to business (C2B) solution that extends the reach of Cisco's enterprise
telephony to people outside of a corporate firewall who do not have phones registered with Cisco Unified
Communications Manager.
telephony to people outside of a corporate firewall who do not have phones registered with Cisco Unified
Communications Manager.
External XMPP federation
External XMPP federation enables users registered to Unified CM IM & Presence to communicate via the
Expressway-E with users from a different XMPP deployment.
Expressway-E with users from a different XMPP deployment.
TURN media over TCP
The Expressway-E TURN server supports TURN media over TCP.
This allows clients to use TURN services in environments where UDP connections are not supported or
blocked. Configuration of the supported protocols is available only through the CLI command
xConfiguration Traversal Server TURN ProtocolMode
blocked. Configuration of the supported protocols is available only through the CLI command
xConfiguration Traversal Server TURN ProtocolMode
.
New 'Unified Communications traversal' zone type
To simplify the configuration of secure traversal client and traversal server zones for Unified
Communications, you must now use the new zone type of Unified Communications traversal when
configuring zones via the web interface.
Communications, you must now use the new zone type of Unified Communications traversal when
configuring zones via the web interface.
This automatically configures an appropriate traversal zone (a traversal client zone when selected on a
Expressway-C, or a traversal server zone when selected on an Expressway-E) that uses SIP TLS with TLS
verify mode set to On, and Media encryption mode set to Force encrypted.
Expressway-C, or a traversal server zone when selected on an Expressway-E) that uses SIP TLS with TLS
verify mode set to On, and Media encryption mode set to Force encrypted.
This replaces the previous Unified Communications services setting that was available when configuring
traversal client and traversal server zones. Existing zones configured in previous software versions for
Unified Communications services are automatically converted to use the new Unified Communications
traversal zone type.
traversal client and traversal server zones. Existing zones configured in previous software versions for
Unified Communications services are automatically converted to use the new Unified Communications
traversal zone type.
Note that this zone type applies to the web interface only, the underlying CLI configuration settings have not
changed.
changed.
Support for X-cisco-srtp-fallback
Support has been added for the X-cisco-srtp-fallback package, allowing the Expressway's B2BUA
to use Cisco Unified Communications Manager-style best effort media encryption for the automatically
generated TLS neighbor zones.
to use Cisco Unified Communications Manager-style best effort media encryption for the automatically
generated TLS neighbor zones.
RTP and RTCP media demultiplexing ports
In Small/Medium systems, 1 pair of RTP and RTCP media demultiplexing ports are used. These can now
either be explicitly specified (
either be explicitly specified (
Configuration > Traversal > Ports
) or they can be allocated from the start of
Cisco Expressway Administrator Guide (X8.5.1)
Page 392 of 399
Reference material
Software version history