Cisco Cisco Expressway
n
Windows: Certificate Manager
n
IOS: Trust store
n
Android: Location & Security settings
Jabber client configuration details for mobile and remote access is contained within the relevant installation
and configuration for that Jabber client:
and configuration for that Jabber client:
n
n
n
DNS records
This section summarizes the public (external) and local (internal) DNS requirements. For more information,
see
see
.
Public DNS
The public (external) DNS must be configured with _collab-edge._tls.<domain> SRV records so that
endpoints can discover the Expressway-Es to use for mobile and remote access. SIP service records are
also required (for general deployment, not specifically for mobile and remote access). For example, for a
cluster of 2 Expressway-E systems:
endpoints can discover the Expressway-Es to use for mobile and remote access. SIP service records are
also required (for general deployment, not specifically for mobile and remote access). For example, for a
cluster of 2 Expressway-E systems:
Domain
Service
Protocol
Priority
Weight
Port
Target host
example.com
collab-edge
tls
10
10
8443
expe1.example.com
example.com
collab-edge
tls
10
10
8443
expe2.example.com
example.com
sips
tcp
10
10
5061
expe1.example.com
example.com
sips
tcp
10
10
5061
expe2.example.com
Local DNS
The local (internal) DNS requires _cisco-uds._tcp.<domain> and _cuplogin._tcp.<domain>
SRV records. For example:
SRV records. For example:
Domain
Service
Protocol
Priority
Weight
Port
Target host
example.com
cisco-uds
tcp
10
10
8443
cucmserver.example.com
example.com
cuplogin
tcp
10
10
8443
cupserver.example.com
Ensure that the cisco-uds and _cuplogin SRV records are NOT resolvable outside of the internal
network, otherwise the Jabber client will not start mobile and remote access negotiation via the Expressway-
E.
network, otherwise the Jabber client will not start mobile and remote access negotiation via the Expressway-
E.
Firewall
n
Ensure that the relevant ports have been configured on your firewalls between your internal network (where
the Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the DMZ
and the public internet. See
the Expressway-C is located) and the DMZ (where the Expressway-E is located) and between the DMZ
and the public internet. See
n
If your Expressway-E has one NIC enabled and is using static NAT mode, note that:
Unified Communications: Mobile and Remote Access via Cisco Expressway Deployment Guide (X8.1.1)
Page 10 of 36
Configuration overview