Cisco Cisco TelePresence Video Communication Server Expressway Maintenance Manual
TLS Support Restricted
To improve security, the VCS now only supports specific versions of TLS. The VCS offers and accepts TLS versions
1.0, 1.1, and 1.2, when establishing secure connections.
1.0, 1.1, and 1.2, when establishing secure connections.
Changes and Minor Enhancements
■
The VCS now has a mechanism to reply to all H.323 requests (eg. RRQ) with the request in progress message
(RIP). This prevents the requests from timing out, which is possible when an external authentication
mechanism does not respond in a timely fashion.
(RIP). This prevents the requests from timing out, which is possible when an external authentication
mechanism does not respond in a timely fashion.
Use the command
Xconfig H323 Gatekeeper Registration RIPAllRequests: On
to enable this feature.
■
From version X8.8 onwards, the VCS does not create DSA host keys. It creates RSA or ECDSA keys instead,
for improved security.
for improved security.
If you upgrade a system that already has a DSA host key, the existing key will persist so that SSH client users
do not have to verify the fingerprint again.
do not have to verify the fingerprint again.
■
From version X8.8 onwards, connections between cluster peers use TLS instead of IPSec. When you upgrade
a cluster, the cluster comes up in TLS permissive mode.
a cluster, the cluster comes up in TLS permissive mode.
■
Multiple Device Messaging (a new feature in IM and Presence Service 11.5) is now supported for clients that
connect through VCS to IM and Presence Service in the cloud.
connect through VCS to IM and Presence Service in the cloud.
This feature is not supported through any versions of VCS before X8.8.
Service Setup Wizard: Choose Services
Navigating the Wizard
■
As of X8.8, you'll see the service setup wizard when you first log in to the VCS user interface.
If you previously logged in or have upgraded, you'll see the Status > Overview page (as usual). Click Run
service setup from that page to launch the wizard. You can run or rerun the wizard at any time.
service setup from that page to launch the wizard. You can run or rerun the wizard at any time.
■
While you're in the wizard, click Skip Service Setup Wizard if you want to back out completely, or Back to the
previous page.
previous page.
■
Click Continue to save and move to the next wizard page.
■
At the end you must restart the VCS. When you go back into the user interface, you'll only see menus and
pages that apply to the services you chose with the wizard.
pages that apply to the services you chose with the wizard.
Choose Series, Type, and Services
1.
Choose Cisco TelePresence Video Communication Server (VCS) or Cisco Expressway Series.
2.
—
If you chose VCS: Choose VCS Control or VCS Expressway
—
If you chose Expressway: Choose Expressway-C or Expressway-E
The list of services changes to match what is available on your chosen Series and Type.
3.
Check the boxes next to the services you want to host on this system.
If you want to keep all the menu options, or if you want to use the wizard for applying licenses but don't want
to choose services yet, check Proceed without selecting services.
to choose services yet, check Proceed without selecting services.
4.
Click Continue.
Example 1: Hybrid Services
1.
Click Expressway Series.
2.
Click Expressway-C.
3.
Check Spark Hybrid Services.
25
Cisco TelePresence Video Communication Server Administrator Guide
Service Setup Wizard: Choose Services