Cisco Cisco Expressway
Unified CM for secure communications.
Update the Expressway Neighbor Zone to Unified CM to Use TLS
Note that Expressway will report that the Unified CM zone is active even while it is communicating with Unified CM
over TCP. The changes below are necessary to enable communications over TLS.
over TCP. The changes below are necessary to enable communications over TLS.
On Expressway:
1.
Go to Configuration > Zones > Zones, then select the zone to Unified CM.
2.
Configure the following fields:
SIP section
Port
5061
Transport
TLS
TLS verify mode
On
Authentication trust mode
Off
Leave other parameters as previously configured.
3.
Click Save.
Verify That the TLS Connection is Operational
To verify correct TLS operation, check that the Expressway zone reports its status as active and then make some test
calls.
calls.
1.
Check the Expressway zone is active:
a.
Go to Configuration > Zones > Zones.
b.
Check the SIP status of the zone.
If the zone is not active, try resetting or restarting the trunk again on Unified CM.
2.
Make a test call from a system routed through an Expressway to a Unified CM phone.
3.
Make a test call from a Unified CM phone to a system routed through an Expressway.
Configure Lync Server Environment
■
■
Task 1: Trust the Gateway Expressway
This procedure creates a trusted application pool for each Expressway Gateway (or cluster) in the Lync environment,
because Lync Server treats Expressway as an application. Then you add any subordinate peers to the application
pool, create a trusted application to run in that pool, and then enable the topology.
because Lync Server treats Expressway as an application. Then you add any subordinate peers to the application
pool, create a trusted application to run in that pool, and then enable the topology.
The context for the following procedure depends on your Lync environment, as follows:
■
If a Lync Director is in use, then configure the Lync Director (pool) to trust the Gateway Expressway and to
route traffic to it.
route traffic to it.
Other Lync FE Servers receiving calls for the video domain may not know how to route them (depending on
Lync SIP routing configuration), and may pass the calls to the Director pool for routing.
Lync SIP routing configuration), and may pass the calls to the Director pool for routing.
26
Cisco Expressway with Microsoft Lync Deployment Guide
Configuration