/en/manuals/1703945/Table of ContentsContents2Document revision history5Introduction6Prerequisites8Upgrade an X6.0, X6.1, X7.0 or X7.0.n cluster to an X7.1 cluster9Before the upgrade9Upgrade VCS cluster peers to X7.19Upgrade the Master peer9Upgrade non-master peers12After all the cluster peers have been upgraded13After the upgrade14Check cluster status14Create a new cluster of VCS X7.1 peers (Provisioning Extension mode – preferred)15Prerequisites15Set up the master peer of the cluster15After the master peer configuration17Additional cluster configuration17Create a new cluster of VCS X7.1 peers (TMS Agent legacy mode)18Prerequisites18Set up the master peer of the cluster18After the master peer configuration22No Cisco TMS22Additional cluster configuration22Add an X7.1 VCS to a VCS X7.1 cluster (Provisioning Extension mode)23Prerequisites23After adding the VCS peer to the cluster27Additional cluster configuration27Add an X7.1 VCS to a VCS X7.1 cluster (TMS Agent legacy mode)28After adding the VCS peer to the cluster33Additional cluster configuration34Remove a live VCS from a VCS X7.1 cluster (permanently)35Reconfigure TMS36After the removal36Remove an out-of-service VCS from a VCS X7.1 cluster (permanently)38Reconfigure TMS39After the removal39Before reconnecting the out-of-service VCS back to the network39Disband a VCS X7.1 cluster41Reconfigure TMS43Change the master peer of a VCS X7.1 cluster44Changing the master peer where the old master is or is not accessible44Reconfigure TMS44If the old master is not available44Change the IP address of a VCS X7.1 peer45Upgrading VCS X5.2 or earlier versions to X7.146Upgrade VCS X1 / X2 Alternates to a VCS X7.1 cluster46Upgrade an X3 / X4 / X5.0 cluster to an X7.1 cluster46Upgrade an X5.1, X5.1.1 or X5.2 cluster to an X7.1 cluster46Appendix 1 – Backing up a VCS47Backing up an X5.0 or later VCS47Appendix 2 – Adding a VCS to TMS48Appendix 3 – IP port and protocol numbers50Appendix 4 – Impact of clustering on other VCS applications51Conference Factory (Multiway™)51Microsoft Office Communications Server 2007 (OCS) and Lync Server 201051Appendix 5 – Configuring endpoints to work with a VCS cluster52H.323 endpoints52Option 1 – DNS SRV (preferred)52Option 2 – DNS Round-Robin (2nd choice)52Option 3 – Static IP (least preferred)53SIP endpoints53Option 1 – SIP Outbound (preferred)53Option 2 – DNS SRV (2nd choice)54Option 3 – DNS Round-Robin (3rd choice)54Option 4 – Static IP (least preferred)55Appendix 6 – Troubleshooting56Cisco VCS alarms and warnings56“Cluster name not configured: if FindMe or clustering are in use a cluster name must be defined; see the Clustering section of the VCS Administrator Guide for more information”56“Cluster replication error: <details> manual synchronization of configuration is required”56"Cluster replication error: the NTP server is unreachable"56"Cluster replication error: the local VCS does not appear in the list of peers"56"Cluster replication error: automatic replication of configuration has been temporarily disabled because an upgrade is in progress"57"Invalid clustering configuration: H.323 mode must be turned On - clustering uses H.323 communications between peers"57“Security alert: the TMS Agent database has the default LDAP password set”57“Security alert: the TMS Agent database has the default replication password set”57“VCS database failure: Please contact your Cisco support representative”57Cisco TMS58No TMS Agent tabs58Cisco TMS warnings58TMS Cluster Diagnostics58Conference Factory template does not replicate58VCS’s External manager protocol keeps getting set to HTTPS58My cluster of Cisco VCS Expressways with dual network interfaces is not replicating correctly59My cluster of Cisco VCS Expressways with static NAT is not replicating correctly59Appendix 7 – Upgrading Cisco TMS to 12.660Appendix 8 – Changing the cluster name (and keeping FindMe accounts)61Provisioning Extension mode61TMS Agent legacy mode61Appendix 9 – Cluster name and DNS SRV records62Endpoints supporting SIP DNS SRV63Looking up .SRV records64Nslookup64Dig64Appendix 10 – NAPTR records66NAPTR record format66Looking up NAPTR records67Looking up an ENUM NAPTR record67Looking up a domain NAPTR record68Size: 792 KBPages: 69Language: EnglishOpen manual
/en/manuals/1607471/Table of ContentsIntroduction5Deployment scenario5Summary of configuration process5Prerequisites for system configuration6Enabling calls between endpoints registered on the VCS Control7VCS Control configuration7Setting up the SIP domain of the VCS Control7Creating transforms7Unified CM configuration8Registering endpoints to the VCS Control8Endpoint configuration8Confirming registrations9Test calls9Enabling calls between endpoints registered on Unified CM10VCS Control configuration10Unified CM configuration10Configuring the SIP Profile for VCS10Configuring the region with an appropriate session bit rate for video calls11Configuring the SIP Profile for phone devices11Adding a phone device12Configuring the device directory number12Configuring phone endpoint to pick up its configuration from Unified CM12Confirming registrations13Test calls13Enabling endpoints registered on VCS to call endpoints registered on Unified CM14Unified CM configuration14Configuring the SIP Trunk security profile14Configuring the SIP Trunk device14Configuring the Cluster Fully Qualified Domain Name16VCS Control configuration16Creating a neighbor zone for Unified CM17Creating a search rule to route calls to the Unified CM neighbor zone18Creating a transform that converts number@<IP address of cucm> to number@vcs....19Test calls20Enabling endpoints registered on Unified CM to call endpoints registered on VCS21VCS Control configuration21Creating a transform to convert Unified CM supplied domain information to the...21Unified CM configuration22Allowing numeric dialing from Cisco phones to VCS22Allowing dialing to VCS domain from Cisco phones23Test calls23Connecting VCS to Unified CM Using TLS24Ensuring Certificate Trust Between Unified CM and VCS24Loading Server and Trust Certificates on VCS24Loading Server and Trust Certificates on Unified CM25Setting the Cluster Security Mode to Mixed Mode25Configuring a SIP Trunk Security Profile on Unified CM26Updating the Unified CM Trunk to VCS to Use TLS27Updating the VCS Neighbor Zone to Unified CM to Use TLS27Verifying That the TLS Connection is Operational28Network of VCSs28Encrypted Calls to Endpoints Registered to Unified CM28Checking Unified CM message size limit29Appendix 1: Troubleshooting30Problems connecting VCS Control local calls30Look at “Search history” to check the applied transforms30Look at call history to check how the call progressed30Check for errors31Tracing calls31Call failures with Cisco TelePresence Server31In-call problems31Calls clear down when a call transfer from a video phone on Unified CM transf...31Failure to join a Unified CM endpoint to a conference using Multiway31Poor video quality from Unified CM32Taking a trace on Unified CM using RTMT32Configure Unified CM to enable tracing32Installing RTMT – Real Time Monitoring Tool32Running RTMT32Taking a trace using RTMT32Call failures33TLS calls fail when Unified CM uses SRV trunk destinations33Encrypted call failures33Appendix 2: Known interworking capabilities and limitations34Capabilities34SIP and H.323 endpoints making basic calls34Limitations34Cisco TelePresence Conductor34E20 encryption34T150 running L6.0 code34H.323 MXP and 997134Appendix 3: Connecting Unified CM to a VCS cluster35Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster35Configuring the trunk to VCS to specify a list of VCS peers35Appendix 4: Connecting VCS to a cluster of Unified CM nodes37Option 1: Using a single neighbor zone37Unified CM configuration37VCS Control configuration37Option 2: Using a DNS zone37Unified CM configuration37DNS server configuration38VCS Control configuration38Appendix 5: Multiway and Unified CM40VCS configuration40Unified CM configuration40Appendix 6: Additional information41IP address dialing41Characters allowed in SIP URIs41Document revision history42Size: 939 KBPages: 43Language: EnglishOpen manual
/en/manuals/1703587/Table of ContentsIntroduction5Objectives and intended audience5Deployment scenario5Summary of configuration process5Prerequisites for system configuration6Enabling calls between endpoints registered on the VCS Control7VCS Control configuration7Setting up the SIP domain of the VCS Control7Creating transforms7Unified CM configuration8Registering endpoints to the VCS Control8Endpoint configuration8Confirming registrations9Test calls9Enabling calls between endpoints registered on Unified CM10VCS Control configuration10Unified CM configuration10Configuring the SIP Profile for VCS10Configuring the region with an appropriate session bit rate for video calls13Configuring the SIP Profile for phone devices13Adding a phone device13Configuring the device directory number13Configuring phone endpoint to pick up its configuration from Unified CM14Confirming registrations14Test calls14Enabling endpoints registered on VCS to call endpoints registered on Unified CM15Unified CM configuration15Configuring the SIP Trunk security profile15Configuring the SIP Trunk device16Configuring the Cluster Fully Qualified Domain Name19VCS Control configuration19Creating a neighbor zone for Unified CM20Creating a search rule to route calls to the Unified CM neighbor zone21Creating a transform that converts number@<IP address of cucm> to number@vcs....23Test calls23Enabling endpoints registered on Unified CM to call endpoints registered on VCS24VCS Control configuration24Setting up a transform to convert Unified CM supplied domain information to t...24Unified CM configuration25Allowing numeric dialing from Cisco phones to VCS25Allowing dialing to VCS domain from Cisco phones26Test calls27Connecting VCS to Unified CM using TLS28Ensuring that Unified CM trusts the VCS server certificate28Configuring a SIP trunk security profile on Unified CM28Updating the Unified CM trunk to VCS to use TLS29Updating the VCS neighbor zone to Unified CM to use TLS30Verifying that the TLS connection is operational30Network of VCSs30Encrypted calls to endpoints registered to Unified CM31Checking Unified CM message size limit32Appendix 1 – Troubleshooting33Problems connecting VCS Control local calls33Look at “Search history” to check the applied transforms33Look at call history to check how the call progressed33Check for errors34Tracing calls34Call failures with Cisco TelePresence Server34In-call problems34Calls clear down when a call transfer from a video phone on Unified CM transf...34Failure to join a Unified CM endpoint to a conference using Multiway34Poor video quality from Unified CM34Taking a trace on Unified CM using RTMT34Configure Unified CM to enable tracing35Installing RTMT – Real Time Monitoring Tool35Running RTMT35Taking a trace using RTMT35TLS calls fail when Unified CM uses SRV trunk destinations36Appendix 2 – Known interworking capabilities and limitations37Capabilities37SIP and H.323 endpoints making basic calls37Cisco TelePresence Conductor37Limitations37E20 encryption37T150 running L6.0 code37H.323 MXP and 997137Appendix 3 – Connecting Unified CM to a VCS cluster38Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster38Configuring the trunk to VCS to specify a list of VCS peers38Appendix 4 – Connecting VCS to a cluster of Unified CM nodes40Option 1: Using a single neighbor zone40Unified CM configuration40VCS Control configuration40Option 2: Using a DNS zone40Unified CM configuration40DNS server configuration41VCS Control configuration41Appendix 5 – Multiway and Unified CM43VCS configuration43Unified CM configuration43Appendix 6 – ‘Cisco Unified Communications Manager’ zone profile parameters44Appendix 7 – Enabling BFCP (Dual video / presentation sharing)46VCS configuration46Unified CM configuration46Appendix 8 – Additional information47IP address dialing47Characters allowed in SIP URIs47Document revision history48Size: 1.08 MBPages: 49Language: EnglishOpen manual
/en/manuals/1675926/Table of ContentsIntroduction3Deciding between Cisco VCS or IM and Presence Service for XMPP Federation3How to Use this Deployment Guide3Related Documentation3External XMPP Federation through Cisco VCS4Prerequisites4Task Flow for XMPP Federation through Cisco VCS6Server Certificate Requirements for Unified Communications7Configuring Local Domains for XMPP Federation on Cisco VCS Control10Configuring Cisco VCS Expressway for XMPP Federation11Configuring how XMPP Servers for Federated Domains and Chat Node Aliases are ...13Configuring the Allow and Deny Lists for Federated Domains and Chat Node Aliases14DNS SRV Records for XMPP Federation15Port Usage for XMPP Federation17Checking XMPP Federation Status18Troubleshooting External XMPP Federation19XMPP Federation through IM and Presence Service23Task Flow for XMPP Federation through IM and Presence Service25Configuring IM and Presence Service for XMPP Federation27DNS Configuration for XMPP Federation30Policy Settings Configuration for XMPP Federation37Configure the Cisco Adaptive Security Appliance for XMPP Federation39Turn on XMPP Federation Service41Security Certificate Configuration for XMPP Federation42Email Address for Federation Configuration47Serviceability Configuration for Federation52Federation Integration Verification54Troubleshooting an XMPP Federation Integration56High Availability for XMPP Federation57Document Revision History58Size: 1.03 MBPages: 59Language: EnglishOpen manual
Troubleshooting GuideTable of ContentsIntroduction3Alarms3VCS logs4Event Log4Configuration Log4Network Log4Call and search history5Calls5Search history5Diagnostic logging6Using diagnostic logging6Advanced logging levels6Wireshark7NTP server8Size: 107 KBPages: 9Language: EnglishOpen manual
Troubleshooting GuideTable of ContentsIntroduction3Alarms3VCS logs4Event Log4Configuration Log4Network Log4Call and search history5Calls5Search history5Diagnostic logging6Advanced logging levels6NTP server7Additional information8Memory usage8Document revision history9Size: 114 KBPages: 10Language: EnglishOpen manual
Troubleshooting GuideTable of ContentsContents2Introduction3Alarms3VCS logs4Event Log4Configuration Log4Network Log4Call and search history5Calls5Search history5Diagnostic logging6Advanced logging levels6NTP server7Additional information8Memory usage8Document revision history9Size: 306 KBPages: 10Language: EnglishOpen manual
Troubleshooting GuideTable of ContentsIntroduction3Troubleshooting suspected hardware issues4System will not power up, or boot up, or is constantly rebooting, or booting ...4System is reporting a fan failure4Suspected hard disk issues4High temperature warning/alarm6Front panel buttons unresponsive7Network adapter issues7Serial port displays an unexpected login prompt (VCS only)7TANDBERG application / tsh will not start (VCS only)8'preboot agent installation failure' message seen in boot log8Logs and evidence9System snapshot (from web)9System snapshot (from root shell)9Crash logs10Sensor logs10DMI code11Board test11smartctl11ifconfig output13ethtool statistics dump13Checking for viruses14Alarms and warnings15Physical evidence15Console access16Restoring default configuration (factory reset)17Prerequisite files17Performing a reset to default configuration17Resetting via USB stick18Size: 443 KBPages: 19Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroducing System Metrics Collection3Configure System Metrics Collection on Expressway3Configure System Metrics on Remote Server3Troubleshooting System Metrics4System Metrics Reference4Document Revision History7Cisco Legal Information8Cisco Trademark8Size: 124 KBPages: 8Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction3Using the command line interface (CLI)3CLI command types3xConfiguration command reference4xConfiguration commands4xCommand command reference58xCommand commands58xStatus command reference77xStatus elements77Restoring default configuration90Configuration items reset by DefaultValuesSet level 390Configuration items reset by DefaultValuesSet level 291Policy services93Policy service request parameters93Policy service responses94Size: 501 KBPages: 95Language: EnglishOpen manual
Maintenance ManualTable of ContentsContents2About the Cisco TelePresence Video Communication Server (VCS)16VCS base applications16VCS Control16VCS Expressway™16Standard features17Optional features17FindMe™18Device Provisioning18Dual Network Interfaces18About this guide19Typographical conventions19Installation and initial configuration19Using the web interface20Required fields20How page navigation is shown in this guide20Supported browsers20Using the command line interface (CLI)21Command types21Web page features and layout22What’s new in this version?24Session management24Client certificate-based authentication24Automatic updating of CRLs (certificate revocation lists)24Cisco AM GW available on VCS Expressway24Movi ClearPath provisioning24Improved cluster set-up process24Presence configuration24Overview and status information25Status overview25System information26Ethernet status27IP status28Resource usage29Active administrator sessions29Active user sessions29Registration status29Registrations by device29Registrations by alias30Registration history31Registration details32Call status32Call status32Call history33Call summary34Call details34Call media details34Search history35About searches35Search history list35Search details36Local Zone status36Zone status37Link status37Pipe status37Policy service status38TURN relays status38Presence39Presence publishers39Presence presentities39Presence subscribers40OCS Relay status40Provisioning status41Provisioning server41Phone book server41Warnings41Hardware status42Event Log42Configuration Log43VCS unit front panel44Network and system settings45Configuring IP settings45Configuring Ethernet settings46Configuring DNS settings46Configuring Quality of Service settings47Configuring system name and access settings48Configuring SNMP settings51Configuring time zone and NTP server settings52Configuring the Login page53Configuring external manager settings53Configuring logging levels54Event Log levels54Remote logging55Protocols56About H.32356Using the VCS as an H.323 gatekeeper56H.323 endpoint registration56About SIP56VCS as a SIP registrar57VCS as a SIP proxy server58Proxying registration requests58VCS as a SIP Presence Server59H.323 configuration59SIP configuration60Configuring SIP domains62Configuring SIP and H.323 interworking62Searching by protocol62Enabling SIP endpoints to dial H.323 numbers63Registration control64About registrations64Finding a VCS with which to register64Registrations on a VCS Expressway64MCU, gateway and Content Server registration65Configuring registration restriction policy65Registering aliases66H.32366SIP67Attempts to register using an existing alias67Blocking registrations67Removing existing registrations67Re-registrations67About Allow and Deny Lists68Configuring the registration Allow List68Configuring the registration Deny List69Device authentication70About device authentication70Authentication Policy70Authentication mechanism70Authentication Policy configuration options71Zone-level Authentication Policy71Subzone-level Authentication Policy73SIP authentication trust74Device authentication configuration75Authentication database75Endpoint credentials used for authentication75Device authentication using LDAP75Authentication process75LDAP server settings76Device LDAP schemas77Authentication using a local database78Authenticating with external systems78Zones and neighbors79About your video communications network79Example network diagram79Structuring your dial plan80Flat dial plan80Structured dial plan80Hierarchical dial plan80About the Local Zone and subzones81Bandwidth management81Local Zone searches81About zones82Default Zone82Zone configuration82Configuring neighbor zones83Configuring traversal client zones86Configuring traversal server zones88Configuring ENUM zones91Configuring DNS zones92Zone configuration: advanced settings93Zone configuration: pre-configured profile settings98TLS certificate verification of neighbor systems99Clustering and peers100About clusters100About the configuration master101Secure communication between peers101Alternates101Setting up a cluster101Maintaining a cluster102Cluster name102Cluster pre-shared key102Setting configuration for the cluster102Adding and removing peers from a cluster102Changing the master peer102Monitoring the status of the cluster103Configuration that is not replicated across a cluster103Troubleshooting cluster replication problems104Managing clusters and peers105Sharing registrations across peers105Sharing bandwidth across peers105Cluster upgrades and downgrades106Cluster backup and restore106Clustering and FindMe106Clustering and Presence107Clustering and TMS107About the Cluster Subzone107Neighboring the local VCS to another VCS cluster108TMS Agent replication status109Dial plan and call processing110Call routing process110How the VCS determines the destination of a call110About the VCS's directory service112About hop counts112Configuring hop counts112About transforms and search rules112Transforms113Search rules113Dial plan configuration113About the fallback alias114About pre-search transforms115Pre-search transform process115Configuring pre-search transforms115Search and zone transform process117Configuring search rules118Example searches and transforms120Filter queries to a zone without transforming121Always query a zone with original alias (no transforms)121Query a zone for a transformed alias122Query a zone for original and transformed alias123Query a zone for two or more transformed aliases124Stripping @domain for dialing to H.323 numbers125Transforms for alphanumeric H.323 ID dial strings127Allowing calls to IP addresses only if they come from known zones129Configuring policy services129About Call Policy131Configuring Call Policy131Configuring Call Policy rules using the web interface133Configuring Call Policy using a CPL script134Configuring VCS to use the Cisco TelePresence Advanced Media Gateway135Configuring the VCS135Usage features and limitations135Configuring Cisco AM GW policy rules136Dialable address formats137Dialing by IP address138Dialing by H.323 ID or E.164 alias138Dialing by H.323 or SIP URI138Dialing by ENUM138IP dialing139Calls to unknown IP addresses139About URI dialing140URI dialing without DNS140URI dialing via DNS141URI resolution process using DNS141URI dialing via DNS for outgoing calls142URI dialing via DNS for incoming calls144URI dialing and firewall traversal146About ENUM dialing146ENUM dialing process146Enabling ENUM dialing147ENUM dialing for outgoing calls147Zone configuration for ENUM dialing149ENUM dialing for incoming calls150Configuring DNS servers for ENUM and URI dialing151Configuring a zone for incoming calls only151Call signaling configuration152Identifying calls153Disconnecting calls154Disconnecting a call using the web interface154Disconnecting a call using the CLI154Limitations when disconnecting SIP calls154Bandwidth control156About bandwidth control156Example network deployment156Bandwidth configuration157About downspeeding158About subzones158Default links between subzones158About the Traversal Subzone158About the Default Subzone159Configuring subzones159Configuring subzone membership rules160Applying bandwidth limitations to subzones162Links and pipes163Configuring links163Default links164Configuring pipes164Applying pipes to links165Bandwidth control examples166Firewall traversal169About firewall traversal169Expressway solution169How does it work?169VCS as a firewall traversal client170VCS as a firewall traversal server170Configuring traversal server zones170Configuring other traversal server features170Quick guide to VCS traversal client - server configuration170Firewall traversal protocols and ports172Expressway process172H.323 firewall traversal protocols172SIP firewall traversal protocols172Ports for initial connections from traversal clients172Default port summary173TURN ports173Ports for connections out to the public internet174Firewall traversal and authentication174Authentication and NTP176Firewall traversal and Dual Network Interfaces176Firewall configuration176Configuring traversal for endpoints176Configuring traversal server ports177About ICE and TURN services178About ICE178About TURN178TURN relay server178Configuring TURN services179TURN relay status information180Applications181Conference Factory181Conference creation process181About Presence182Presence Server183Presence User Agent (PUA)183Configuring Presence184OCS Relay186Configuring a connection between the VCS and the OCS186About FindMe™187How are devices specified?187FindMe process overview187Who must do what before FindMe can be used?188Recommendations when deploying FindMe188Example188Configuring FindMe188Searching for FindMe users190About provisioning (Starter Pack)191Starter Pack191Device authentication191Phone book support191Configuring provisioning191Maintenance193About upgrading software components193VCS software components193Prerequisites193Backing up before upgrading194Upgrading and option keys194Installing and rebooting194Upgrade procedure194Upgrading using secure copy (SCP/PSCP)195Option keys196Adding option keys using the web interface196Adding option keys using the CLI197About security certificates197Managing security certificates197CRL management198Certificate-based authentication configuration199Client certificate testing201Advanced account security202Prerequisites202VCS functionality: changes and limitations203Configuring language settings203Changing the language203Installing language packs204About login accounts204Account authentication204Administrator accounts204User accounts205Root accounts205Configuring login account authentication205Account authentication using LDAP205Login history207Root account207Resetting an administrator or root password208Resetting user account passwords208Configuring administrator accounts209Password strength209Configuring administrator groups211Configuring user accounts211Principal devices (Starter Pack only)213Configuring user groups214Backing up and restoring VCS data215Limitations215Creating a backup216Restoring a previous backup216Creating a system snapshot217Incident reporting217Incident reporting warning: privacy-protected personal data217Sending incident reports automatically218Sending incident reports manually218Viewing incident reports218Incident report details219Checking the effect of a pattern219Locating an alias220Port usage220Local VCS inbound ports221Local VCS outbound ports221Remote listening ports221Restarting222Restarting using the web interface222Rebooting222Rebooting using the web interface223Shutting down223Shutting down using the web interface223Shutting down using the CLI223Reference material224Software version history225X6225X5.2226X5.1227X5230X4232About Event Log levels234Event Log format234Administrator and FindMe user events234Message details field235Events and levels237CPL reference244CPL address-switch node244otherwise246not-present246location247rule-switch247proxy248reject248Unsupported CPL elements248CPL examples249LDAP configuration for device authentication256Downloading the H.350 schemas256Configuring a Microsoft Active Directory LDAP server256Configuring an OpenLDAP server258DNS configuration examples261Verifying the SRV record261Microsoft DNS server261BIND 8 & 9261Changing the default SSH key262Default SSH key warnings262Standalone VCS262Clustered VCS262Restoring default configuration263Configuration items reset by DefaultValuesSet level 3263Configuration items reset by DefaultValuesSet level 2264Password encryption266Maximum length of passwords266Pattern matching variables267Port reference269Regular expressions275Supported characters277Case sensitivity277TMS Agent278FindMe278Device Provisioning278TMS Agent account passwords278TMS Agent passwords279TMS Agent LDAP and replication accounts279VCSs managed by TMS279VCSs not managed by TMS279What are traversal calls?281Warnings list282Command reference — xConfiguration287xConfiguration commands287Command reference — xCommand351xCommand commands351Command reference — xStatus372xStatus elements372About policy services387Policy service request parameters387Policy service responses388Bibliography389Glossary392Legal notices400Intellectual property rights400Copyright notice400Patent information400Disclaimers and notices401Size: 3.8 MBPages: 401Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction8The Cisco TelePresence Video Communication Server8Overview8Cisco VCS and the video communication network8Cisco VCS base applications9Cisco VCS Control9Cisco VCS Expressway™9Standard features10Optional features11FindMe™11Device Provisioning11Dual Network Interfaces11What’s new in this version?12Usability enhancements12FindMe™ / User Policy option key12Subzone registration policies12Zone configuration12Conference Factory generated alias ranges12Cisco AM GW support12Far end camera control interworking13G.729 support for interworked calls13Advanced account security13CRL checking for TLS connections to LDAP servers13HTTPS client certificate validation13Clustering13Hardware failure warnings13Auditor account access level13Remote account authentication over LDAP13Starter Pack13Using this guide14Using the Cisco VCS15Web interface15Installation and initial configuration15Using the web interface15Supported browsers15Page features and layout16Command line interface (CLI)17Installation and initial configuration17Command types17How CLI commands are shown in this guide17Text entry17Supported characters17Case sensitivity17Overview and status18Overview page19Status20System information20Ethernet status20IP status21Resource usage21Registrations by device22Registrations by alias22Registration history23Registration details23Calls24Call history24Call summary24Searches25Search history25Search details25Local Zone26Zones26Links27Pipes27TURN relays28Presence28OCS Relay29Provisioning29Warnings30Hardware30Event Log31Configuration Log39System configuration40System configuration41System administration41About the system name41About administration access settings41Ethernet41About Ethernet speed41IP42About IP protocols42IPv4 to IPv6 gatewaying (interworking)42External LAN interface42About IP routes (static routes)42About LAN configuration42About Dual Network Interfaces42About static NAT42Quality of Service (QoS)43Supported mechanisms43DNS43About DNS servers43About DNS settings43Time44About the NTP server44VCS time display44Login page44SNMP45About SNMP45External manager45About external managers45Configuration45Logging46About Event Log levels46Setting the Event Log level46About remote logging46Enabling remote logging46Cisco VCS configuration47H.32348H.323 overview48About H.323 on the VCS48Using the Cisco VCS as an H.323 gatekeeper48H.323 endpoint registration48Configuring H.32349Enabling H.32349Configuring H.323 ports49Registration conflict mode49Time to live49Call time to live49Auto discover49Caller ID49SIP50SIP overview50About SIP on the Cisco VCS50Using the Cisco VCS as a SIP registrar50Using the Cisco VCS as a SIP Presence Server50Using the Cisco VCS as a SIP proxy server50Proxying registration requests50SIP endpoint registration50Movi v2.0 (or later) clients50Configuring SIP51Enabling SIP51SIP registration expiry51SIP registration proxy mode51SIP protocols and ports51Session timers51SIP device interoperability51SIP domains51Interworking52Configuring interworking52H.323 <-> SIP interworking mode52Enabling SIP endpoints to dial H.323 numbers52Registration control53Registration overview53Endpoint registration53Registrations on a Cisco VCS Expressway53MCU, gateway and Content Server registration53Finding a Cisco VCS with which to register54SIP54H.32354Preventing automatic registrations54Device authentication55Device authentication using LDAP56Configuring the LDAP server directory56Configuring LDAP server settings56Authentication using a local database57Authenticating with external systems57Registering aliases58About alias registration58Attempts to register using an existing alias58Blocking registrations58Allow and Deny Lists59About Allow and Deny Lists59Activating use of Allow or Deny Lists59Removing existing registrations59Using the Allow and Deny Lists60Zones and neighbors61Introduction62Local Zone and subzones63Configuring the Local Zone and its subzones63Bandwidth management63Local Zone searches63Traversal Subzone64What are traversal calls?64Configuring the Traversal Subzone ports64Zones65About zones65Neighbor zone65Traversal client zone65Traversal server zone65ENUM zone66DNS zone66Default Zone66Zone configuration67TLS certificate verification of neighbor systems67Connections to neighbor systems over TCP and TLS67SIP authentication trust67Configuring zones68Configuring neighbor zones68Configuring traversal client zones69Configuring traversal server zones70Configuring ENUM zones71Configuring DNS zones71Zone configuration: advanced settings72Zone configuration: pre-configured profile settings75Dial plans76Structuring your dial plan76Flat dial plan76Structured dial plan76Hierarchical dial plan76Clustering and peers77Clustering overview78About clustering78About the configuration master78Cluster configuration79Configuring clusters79Setting up a cluster79Maintaining a cluster79Setting configuration for the cluster79Adding and removing peers from a cluster79Cluster name79Changing the master peer79Monitoring the status of the cluster79Which configuration is not replicated?80Troubleshooting cluster replication problems80Managing clusters and peers81Sharing registrations across peers81Sharing bandwidth across peers81Upgrades and downgrades81Backup and restore81Clustering and FindMe82Clustering and Presence82Clustering and Cisco TMS82Cluster Subzone83Neighboring the local Cisco VCS to another VCS cluster83Call processing84Introduction85Search process85Dialing by address types86About the different address types86Dialing by IP address86Endpoints registered to a Cisco VCS Expressway86Dialing by H.323 ID or E.164 alias86Dialing by H.323 or SIP URI86Dialing by ENUM86Hop counts87About hop counts87Configuring hop counts87Searches and transforms88Overview of searches and transforms88Zone searching and transform process88Pre-search transforms89Pre-search transform process89Configuring pre-search transforms90Search configuration91Calls to unknown IP addresses91About unregistered endpoints91Calls to Unknown IP addresses settings91Recommended configuration for firewall traversal91Fallback alias91Zone searching and zone transforms92Examples94Stripping @domain for dialing to H.323 numbers94Examples95Transforms for alphanumeric H.323 ID dial strings95Combining match types and priorities96Always query a zone with original alias (no transforms)96Configuring a zone for incoming calls only96Filter queries to a zone without transforming97Allowing calls to IP addresses only if they come from known zones97Query a zone for original and transformed alias98Query a zone for two or more transformed aliases99Call Policy100Call Policy and authentication100Enabling Call Policy101Configuring basic Call Policy using the web interface101Configuring Call Policy using a CPL script102Viewing existing CPL script102About CPL XSD files102Uploading a CPL script102Deleting an existing CPL script102Routing calls via the Cisco AM GW103VCS and the Cisco AM GW103Configuring the VCS to use the Cisco AM GW103Usage features and limitations103Controlling which calls to route via the Cisco AM GW103Configuring Cisco AM GW policy rules104URI dialing105Overview105URI dialing without DNS105URI dialing via DNS105Enabling URI dialing via DNS105URI resolution process using DNS106URI dialing via DNS for outgoing calls107URI dialing process107Adding and configuring DNS zones107Configuring search rules for DNS zones107Configuring DNS servers107URI dialing via DNS for incoming calls108Types of DNS records required108Incoming call process108SRV record format108Configuring H.323 SRV records108Configuring SIP SRV records108Example DNS record configuration109URI dialing and firewall traversal109Recommended configuration109ENUM dialing110ENUM dialing process110Enabling ENUM dialing110ENUM dialing for outgoing calls111Prerequisites111Process111ENUM dialing for outgoing calls112Adding and configuring ENUM zones112Configuring matches for ENUM zones112Configuring transforms for ENUM zones112Configuring DNS servers112ENUM dialing for incoming calls113Prerequisites113About DNS domains for ENUM113Configuring DNS NAPTR records113Call configuration114Call routed mode114Call loop detection mode114Call IDs, Serial Numbers and Tags115Identifying calls115Disconnecting calls116Limitations when disconnecting SIP calls116Bandwidth control117Bandwidth control overview118Bandwidth control on the VCS118Example network deployment118Subzones119About subzones119Subzone registration policy119About the Traversal Subzone119Traversal calls119About the Default Subzone119Default links between subzones119Configuring subzones and membership rules120Applying bandwidth limitations to subzones121Bandwidth consumption of traversal calls121Links122Creating and editing links122Default links122Pipes123Creating and editing pipes123Applying pipes to links124Default bandwidth and downspeeding125Bandwidth control examples126Example without a firewall126Example with a firewall127Cisco VCS Expressway subzone configuration127Cisco VCS Control subzone configuration127Firewall traversal128Firewall traversal overview129About Expressway™129Cisco VCS as a firewall traversal client129Cisco VCS as a firewall traversal server129Quick guide to traversal client - server configuration130Firewall traversal protocols and ports131Expressway process131H.323 firewall traversal protocols131SIP firewall traversal protocols131Ports for initial connections from traversal clients132Assent ports132SIP ports132H.460.18/19 ports132TURN ports132Ports for connections out to the public internet132Firewall traversal and authentication133Authentication and NTP133Other issues134Firewall traversal and Dual Network Interfaces134Firewall configuration134Configuring the Cisco VCS as a traversal client135Configuring the Cisco VCS as a traversal server136Adding and configuring a traversal server zone136Configuring traversal for endpoints136Configuring traversal server ports137Configuring the Cisco VCS as a TURN server138TURN services138About ICE138About TURN138TURN relay server138Capabilities and limitations138Configuring TURN services138Applications139Conference Factory140Configuration140Presence141Presence Server141Presence User Agent (PUA)142Aggregation of presence information142FindMe presence142Registration refresh period142Configuring Presence143Enabling and disabling Presence Services143Presence Server expiration times143Viewing presence status144Publishers144Presentities144Subscribers144OCS Relay145Configuring OCS Relay145Viewing OCS Relay status145FindMe™146Overview146What is FindMe?146How are devices specified?146Process overview146Who must do what before FindMe can be used?146Recommendations when deploying FindMe146Enabling FindMe on the Cisco VCS147Configuring FindMe147Caller ID147Device creation message147Searching for FindMe accounts147Principal devices147FindMe™ user guide148About FindMe148FindMe user accounts148Individual versus group FindMe148Accessing the FindMe home page148Configuring your FindMe user account149FindMe home page149Defining device details150Defining location details151Provisioning (Starter Pack)152Configuration152TMS Agent153Overview153FindMe™153Device Provisioning153TMS Agent account passwords153Maintenance154Upgrading software components155Overview155VCS software components155Prerequisites155Backing up before upgrading155Upgrading and option keys155Installing and rebooting155Upgrade procedure156Upgrading using secure copy (SCP/PSCP)156Downgrade procedure156Option keys157Adding option keys using the web interface157Adding option keys using the CLI157Security certificates158Enabling security158Trusted CA certificate158Server certificate data158Advanced account security159Prerequisites159VCS functionality: changes and limitations159Enabling advanced account security159Login accounts160Account authentication configuration160Administrator accounts161Default administrator account161Additional administrator accounts161Administrator password security161Maintaining administrator accounts161Maintaining user accounts162Creating user accounts162Managing user accounts163Configuring devices and locations163Configuring principal devices163Changing an account's password163Administrator and user groups164Configuring administrator groups164Configuring user groups164Account authentication using LDAP165Configuring LDAP server settings165TLS encryption and CRL checking165Root account166Changing the root account password166Accessing the root account over SSH and Telnet166Resetting passwords166System administration access167Overview167Security considerations167Configuring administration access167Administration session timeout167Backup and restore168Creating a backup of your VCS data168Restoring a previous backup168System snapshot169Creating a system snapshot169Incident reporting170Warning: privacy-protected personal data170What information does the report contain?170Viewing incident reports171Sending incident reports manually171Removing sensitive information from the report171Sending incident reports automatically171Tools172Check pattern172Locate172Port usage173Local VCS inbound ports173Local VCS outbound ports173Remote listening ports173Restarting, rebooting and shutting down174Restoring default configuration175Configuration items reset by DefaultValuesSet level 3175Configuration items reset by DefaultValuesSet level 2176Password encryption178Appendices179CPL reference180Overview of CPL on the Cisco VCS180address-switch180address180field181subfield182otherwise182not-present182location183rule-switch183proxy184reject184Unsupported CPL elements184CPL examples185Call screening of authenticated users185Call screening based on alias185Call screening based on domain186Change of domain name186Allow calls from locally registered endpoints only187Block calls from Default Zone and Default Subzone187Restricting access to a local gateway188Using the address-switch node188Using the taa:rule-switch node188Redirecting failed calls based on status code189Reject attempts to subscribe to a presentity190Regular expression reference191Pattern variable reference192Port reference193DNS configuration196Overview196Verifying the SRV record196Microsoft DNS server196BIND 8 & 9196LDAP configuration for device authentication197About the LDAP databases197Downloading the H.350 schemas197Microsoft Active Directory197Prerequisites197Installing the H.350 schemas197Adding H.350 objects198Securing with TLS198OpenLDAP199Prerequisites199Installing the H.350 schemas199Adding H.350 objects200Securing with TLS200Command reference - xConfiguration201Command reference - xCommand248Command reference - xStatus265Warnings284Bibliography287Glossary289Legal notices295Size: 14.8 MBPages: 295Language: EnglishOpen manual
Maintenance ManualTable of ContentsContents2About the Cisco TelePresence Video Communication Server (Cisco VCS)16Cisco VCS base applications16Cisco VCS Control16Cisco VCS Expressway™16Standard features17Optional features17FindMe™18Device Provisioning18Dual Network Interfaces18About this guide19Typographical conventions19Installation and initial configuration19Using the web interface20Required fields20How page navigation is shown in this guide20Supported browsers20Using the command line interface (CLI)21Command types21Web page features and layout22What’s new in this version?24Enhanced authentication policy24External policy services24Secure communication between cluster peers24View registrations and calls across a cluster24Client-initiated connection management24Starter Pack enhancements24User interface language packs24Enhanced online help25Cisco VCS unit LCD panel25Multiple remote syslog servers25SNMPv3 support25Web interface25Overview and status information26Status overview26System information27Ethernet status28IP status29Resource usage30Registration status30Registrations by device30Registrations by alias31Registration history32Registration details33Call status33Call status33Call history34Call summary34Call details35Call media details35Search history35About searches35Search history list36Search details36Local Zone status37Zone status37Link status38Pipe status38Policy service status38TURN relays status39Presence39Presence publishers39Presence presentities40Presence subscribers40OCS Relay status41Provisioning status41Provisioning server41Phone book server42Warnings42Hardware status42Event Log42Configuration Log44Cisco VCS unit front panel45Network and system settings46Configuring IP settings46Configuring Ethernet settings47Configuring DNS settings48Configuring Quality of Service settings49Configuring system name and access settings49Configuring SNMP settings50Configuring time zone and NTP server settings52Configuring the Login page53Configuring external manager settings53Configuring logging levels54Event Log levels54Remote logging55Protocols56About H.32356Using the Cisco VCS as an H.323 gatekeeper56H.323 endpoint registration56About SIP56Cisco VCS as a SIP registrar57Cisco VCS as a SIP proxy server58Proxying registration requests58Cisco VCS as a SIP Presence Server59H.323 configuration59SIP configuration60Configuring SIP domains62Configuring SIP and H.323 interworking62Searching by protocol62Enabling SIP endpoints to dial H.323 numbers63Registration control64About registrations64Finding a Cisco VCS with which to register64Registrations on a Cisco VCS Expressway64MCU, gateway and Content Server registration65Configuring registration restriction policy65Registering aliases66H.32366SIP66Attempts to register using an existing alias67Blocking registrations67Removing existing registrations67Re-registrations67About Allow and Deny Lists68Configuring the registration Allow List68Configuring the registration Deny List69Device authentication70About device authentication70Authentication Policy70Authentication mechanism70Authentication Policy configuration options71Zone-level Authentication Policy71Subzone-level Authentication Policy73SIP authentication trust74Device authentication configuration75Authentication database75Endpoint credentials used for authentication75Device authentication using LDAP75Authentication process75LDAP server settings76Device LDAP schemas77Authentication using a local database78Authenticating with external systems78Zones and neighbors79About your video communications network79Example network diagram79Structuring your dial plan80Flat dial plan80Structured dial plan80Hierarchical dial plan80About the Local Zone and subzones81Bandwidth management81Local Zone searches81About zones82Default Zone82Zone configuration82Configuring neighbor zones83Configuring traversal client zones86Configuring traversal server zones88Configuring ENUM zones91Configuring DNS zones92Zone configuration: advanced settings93Zone configuration: pre-configured profile settings98TLS certificate verification of neighbor systems99Clustering and peers100About clusters100About the configuration master101Secure communication between peers101Alternates101Setting up a cluster101Maintaining a cluster102Cluster name102Cluster pre-shared key102Setting configuration for the cluster102Adding and removing peers from a cluster102Changing the master peer102Monitoring the status of the cluster103Configuration that is not replicated across a cluster103Troubleshooting cluster replication problems104Managing clusters and peers105Sharing registrations across peers105Sharing bandwidth across peers105Cluster upgrades and downgrades106Cluster backup and restore106Clustering and FindMe106Clustering and Presence107Clustering and Cisco TMS107About the Cluster Subzone107Neighboring the local Cisco VCS to another Cisco VCS cluster108TMS Agent replication status109Dial plan and call processing110Call routing process110How the Cisco VCS determines the destination of a call110About the Cisco VCS's directory service112About hop counts112Configuring hop counts112About transforms and search rules112Transforms113Search rules113Dial plan configuration113About the fallback alias114About pre-search transforms115Pre-search transform process115Configuring pre-search transforms115Search and zone transform process117Configuring search rules118Example searches and transforms120Filter queries to a zone without transforming121Always query a zone with original alias (no transforms)121Query a zone for a transformed alias122Query a zone for original and transformed alias123Query a zone for two or more transformed aliases124Stripping @domain for dialing to H.323 numbers125Transforms for alphanumeric H.323 ID dial strings127Allowing calls to IP addresses only if they come from known zones129Configuring policy services129About Call Policy131Configuring Call Policy131Configuring Call Policy rules using the web interface133Configuring Call Policy using a CPL script134Configuring Cisco VCS to use the Cisco TelePresence Advanced Media Gateway134Configuring the Cisco VCS Control135Usage features and limitations135Configuring Cisco AM GW policy rules135Dialable address formats137Dialing by IP address137Dialing by H.323 ID or E.164 alias137Dialing by H.323 or SIP URI138Dialing by ENUM138IP dialing138Calls to unknown IP addresses138About URI dialing139URI dialing without DNS139URI dialing via DNS140URI resolution process using DNS141URI dialing via DNS for outgoing calls142URI dialing via DNS for incoming calls144URI dialing and firewall traversal146About ENUM dialing146ENUM dialing process146Enabling ENUM dialing147ENUM dialing for outgoing calls147Zone configuration for ENUM dialing148ENUM dialing for incoming calls150Configuring DNS servers for ENUM and URI dialing151Configuring a zone for incoming calls only151Call signaling configuration151Identifying calls152Disconnecting calls154Disconnecting a call using the web interface154Disconnecting a call using the CLI154Limitations when disconnecting SIP calls154Bandwidth control156About bandwidth control156Example network deployment156Bandwidth configuration157About downspeeding158About subzones158Default links between subzones158About the Traversal Subzone158About the Default Subzone159Configuring subzones159Configuring subzone membership rules160Applying bandwidth limitations to subzones162Links and pipes163Configuring links163Default links164Configuring pipes164Applying pipes to links165Bandwidth control examples166Firewall traversal169About firewall traversal169Expressway solution169How does it work?169Cisco VCS as a firewall traversal client170Cisco VCS as a firewall traversal server170Configuring traversal server zones170Configuring other traversal server features170Quick guide to Cisco VCS traversal client - server configuration170Firewall traversal protocols and ports172Expressway process172H.323 firewall traversal protocols172SIP firewall traversal protocols172Ports for initial connections from traversal clients172Default port summary173TURN ports173Ports for connections out to the public internet174Firewall traversal and authentication174Authentication and NTP176Firewall traversal and Dual Network Interfaces176Firewall configuration176Configuring traversal for endpoints177Configuring traversal server ports178About ICE and TURN services178About ICE178About TURN179TURN relay server179Configuring TURN services179TURN relay status information180Applications181Conference Factory181Conference creation process181About Presence182Presence Server183Presence User Agent (PUA)183Configuring Presence185OCS Relay186Configuring a connection between the Cisco VCS and the OCS187About FindMe™187How are devices specified?188FindMe process overview188Who must do what before FindMe can be used?188Recommendations when deploying FindMe189Example189Configuring FindMe189Searching for FindMe users191About provisioning (Starter Pack)191Starter Pack191Device authentication192Phone book support192Configuring provisioning192Maintenance193About upgrading software components193Cisco VCS software components193Prerequisites193Backing up before upgrading194Upgrading and option keys194Installing and rebooting194Upgrade procedure194Upgrading using secure copy (SCP/PSCP)195Option keys196Adding option keys using the web interface196Adding option keys using the CLI197About security certificates197Managing security certificates198Advanced account security199Prerequisites199Cisco VCS functionality: changes and limitations199Configuring language settings200Changing the language200Installing language packs200About login accounts200Account authentication201Administrator accounts201User accounts201Root accounts202Configuring login account authentication202Account authentication using LDAP202Login history204Root account204Resetting an administrator or root password205Resetting user account passwords205Configuring administrator accounts205Password strength206Configuring administrator groups207Configuring user accounts208Principal devices (Starter Pack only)209Configuring user groups211Backing up and restoring Cisco VCS data211Limitations212Creating a backup212Restoring a previous backup213Creating a system snapshot213Incident reporting213Incident reporting warning: privacy-protected personal data214Sending incident reports automatically214Sending incident reports manually214Viewing incident reports215Incident report details215Checking the effect of a pattern216Locating an alias216Port usage217Local VCS inbound ports218Local VCS outbound ports218Remote listening ports218Restarting218Restarting using the web interface219Rebooting219Rebooting using the web interface219Shutting down220Shutting down using the web interface220Shutting down using the CLI220Reference material221Software version history222X5.2222X5.1223X5225X4228About Event Log levels230Event Log format230Administrator and FindMe user events230Message details field231Events and levels233CPL reference240CPL address-switch node240otherwise242not-present242location243rule-switch243proxy244reject244Unsupported CPL elements244CPL examples245LDAP configuration for device authentication252Downloading the H.350 schemas252Configuring a Microsoft Active Directory LDAP server252Configuring an OpenLDAP server254DNS configuration examples257Verifying the SRV record257Microsoft DNS server257BIND 8 & 9257Changing the default SSH key258Default SSH key warnings258Standalone Cisco VCS258Clustered Cisco VCS258Restoring default configuration259Configuration items reset by DefaultValuesSet level 3259Configuration items reset by DefaultValuesSet level 2260Password encryption262Maximum length of passwords262Pattern matching variables263Port reference265Regular expressions271Supported characters273Case sensitivity273TMS Agent274FindMe274Device Provisioning274TMS Agent account passwords275TMS Agent passwords275TMS Agent LDAP and replication accounts275Cisco VCSs managed by Cisco TMS275Cisco VCSs not managed by Cisco TMS276What are traversal calls?277Warnings list278Bibliography283Glossary286Legal notices294Intellectual property rights294Copyright notice294Patent information294Disclaimers and notices295Size: 3.37 MBPages: 295Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction18About the Cisco TelePresence Video Communication Server (VCS)19VCS base applications19Standard features20Optional features21Installation and initial configuration22About this guide23Typographical conventions23Using the web interface24Using the command line interface (CLI)25Web page features and layout26What’s new in this version?28Device authentication using an Active Directory Service for Movi endpoints28Shared cluster licenses28Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync28Presence User Agent28Enhanced SIP registration expiry controls29Improved diagnostics29GRUU (Globally Routable User Agent URI) support30Improved DNS subsystem30Improved NTP synchronization30TMS Agent database credentials included within local authentication database ...30Other enhancements and usability improvements30Overview and status information32Status overview33System information34Ethernet status35IP status36Resource usage37Clustered VCS systems37Active sessions38Active administrator sessions38Active user sessions38Registration status39Registrations by device39Registrations by alias40Registration history40Registration details41Call status42Current calls42Call history43Call summary44Call details44Call media details44B2BUA calls44B2BUA call media details45Search history46About searches46Search history list46Search details47Local Zone status48Zone status49Bandwidth50Link status50Pipe status50Policy service status51TURN relays status52Presence53Presence publishers53Presence presentities53Presence subscribers54OCS Relay status55OCS/Lync B2BUA56OCS/Lync user status56OCS/Lync B2BUA status56Provisioning status57Provisioning server57Phone book server57Alarms58Logs59Event Log59Configuration Log60Network Log61Hardware status63VCS unit front panel63Network and system settings64Network settings65Configuring IP settings65Configuring Ethernet settings67Configuring DNS settings67Configuring Quality of Service settings69Network services70Configuring system name and access settings70Configuring SNMP settings72Configuring time zone and NTP server settings74Other settings75Configuring the Login page75Configuring external manager settings75Configuring logging levels76Protocols78About H.32379Using the VCS as an H.323 gatekeeper79H.323 endpoint registration79H.323 configuration79About SIP81VCS as a SIP registrar81VCS as a SIP proxy server82Proxying registration requests83VCS as a SIP Presence Server83SIP configuration83Configuring SIP domains86Configuring SIP and H.323 interworking87Searching by protocol87Enabling SIP endpoints to dial H.323 numbers87Registration control89About registrations90Finding a VCS with which to register90Registrations on a VCS Expressway90MCU, gateway and Content Server registration91Configuring registration restriction policy91Registering aliases92About Allow and Deny Lists95Configuring the registration Allow List95Configuring the registration Deny List96Device authentication97About device authentication98Authentication Policy98Authentication mechanism98Authentication Policy configuration options100Zone-level Authentication Policy100Subzone-level Authentication Policy102SIP authentication trust103Device authentication configuration104Authentication database104Endpoint credentials used for authentication104Device authentication using LDAP105Authentication process105LDAP server settings105Device LDAP schemas107Authentication using a local database108Authentication using Active Directory Service109Movi authentication using an Active Directory Service109Active Directory Service (ADS) configuration110Authenticating with external systems113Zones and neighbors114About your video communications network115Example network diagram115Structuring your dial plan116Flat dial plan116Structured dial plan116Hierarchical dial plan116About the Local Zone and subzones118Bandwidth management118Local Zone searches118About zones119Default Zone119Zone configuration120Configuring neighbor zones120Configuring traversal client zones123Configuring traversal server zones125Configuring ENUM zones128Configuring DNS zones128Zone configuration: advanced settings129Zone configuration: pre-configured profile settings134TLS certificate verification of neighbor systems135Configuring a zone for incoming calls only135Clustering and peers136About clusters137About the configuration master137Secure communication between peers138Alternates138Resource usage within a cluster139Example deployment139Managing clusters and peers140Setting up a cluster140Maintaining a cluster140Configuration that is not replicated across a cluster142Sharing registrations across peers143Sharing bandwidth across peers144Cluster upgrades and downgrades144Cluster backup and restore144Clustering and FindMe145Clustering and Presence145Clustering and TMS146About the Cluster Subzone146Neighboring the local VCS to another VCS cluster147TMS Agent replication status148Troubleshooting cluster replication problems149Dial plan and call processing151Call routing process152How the VCS determines the destination of a call152About the VCS's directory service154About hop counts155Configuring hop counts155Dial plan configuration156About the fallback alias156About transforms and search rules158Transforms158Search rules158About pre-search transforms159Configuring pre-search transforms159Search and zone transform process161Configuring search rules162Example searches and transforms165Filter queries to a zone without transforming165Always query a zone with original alias (no transforms)166Query a zone for a transformed alias166Query a zone for original and transformed alias167Query a zone for two or more transformed aliases168Stripping @domain for dialing to H.323 numbers169Transforms for alphanumeric H.323 ID dial strings171Allowing calls to IP addresses only if they come from known zones173Configuring policy services175About Call Policy176Configuring Call Policy176Configuring Call Policy rules using the web interface178Configuring Call Policy using a CPL script179Configuring VCS to use the Cisco TelePresence Advanced Media Gateway181Configuring the VCS181Usage features and limitations181Configuring Cisco AM GW policy rules182Dialable address formats184Dialing by IP address184Dialing by H.323 ID or E.164 alias184Dialing by H.323 or SIP URI184Dialing by ENUM185IP dialing186Calls to unknown IP addresses186About URI dialing188URI dialing without DNS188URI dialing via DNS189URI resolution process using DNS189URI dialing via DNS for outgoing calls191URI dialing via DNS for incoming calls192URI dialing and firewall traversal195About ENUM dialing196ENUM dialing process196Enabling ENUM dialing196ENUM dialing for outgoing calls197Zone configuration for ENUM dialing199ENUM dialing for incoming calls200Configuring DNS servers for ENUM and URI dialing202Call signaling configuration203Identifying calls205Disconnecting calls207Disconnecting a call using the web interface207Disconnecting a call using the CLI207Limitations when disconnecting SIP calls207Bandwidth control208About bandwidth control209Example network deployment209Bandwidth configuration210About downspeeding210About subzones212Default links between subzones212About the Traversal Subzone212About the Default Subzone213Configuring subzones213Configuring subzone membership rules214Applying bandwidth limitations to subzones216Links and pipes218Configuring links218Default links218Configuring pipes219Applying pipes to links220Bandwidth control examples222Firewall traversal224About firewall traversal225Expressway solution225How does it work?225VCS as a firewall traversal client226VCS as a firewall traversal server226Configuring a traversal client and server227Firewall traversal protocols and ports228Expressway process228H.323 firewall traversal protocols228SIP firewall traversal protocols228Ports for initial connections from traversal clients229Default port summary229TURN ports230Ports for connections out to the public internet230Firewall traversal and authentication231Authentication and NTP232Firewall traversal and Dual Network Interfaces233Firewall configuration234Configuring traversal for endpoints234Configuring traversal server ports235About ICE and TURN services236About ICE236About TURN236TURN relay server236Configuring TURN services237Applications239Conference Factory240Conference creation process240Presence242Presence Server242Presence User Agent (PUA)243Configuring Presence244OCS Relay247Configuring a connection between the VCS and the OCS247Microsoft OCS/Lync B2BUA (back-to-back user agent)248Usage features and limitations248Configuring the Microsoft OCS/Lync B2BUA249Configuring the B2BUA's trusted hosts252Configuring transcoder policy rules252Configuring B2BUA transcoders254Restarting the B2BUA service254FindMe™256How are devices specified?256FindMe process overview256Who must do what before FindMe can be used?257Recommendations when deploying FindMe257Configuring FindMe258Searching for FindMe users259Starter Pack provisioning261Starter Pack261Device authentication261Phone book support261Configuring provisioning261Maintenance263About upgrading software components264VCS software components264Prerequisites264Backing up before upgrading264Upgrading and option keys265Installing and rebooting265Upgrade procedure265Upgrading using secure copy (SCP/PSCP)266Option keys268Adding option keys using the web interface269Adding option keys using the CLI269About security certificates270Managing security certificates270CRL management271Certificate-based authentication configuration272Client certificate testing274Advanced account security276Prerequisites276VCS functionality: changes and limitations276Configuring language settings278Changing the language278Installing language packs278About login accounts279Account authentication279Administrator accounts279User accounts279Root accounts280Configuring login account authentication280Account authentication using LDAP280Login history282Root account282Resetting an administrator or root password283Resetting user account passwords284Configuring administrator accounts284Password strength286Password security286Configuring administrator groups287Configuring user accounts288Principal devices (Starter Pack only)290Configuring a user's principal devices290Configuring user groups291Backing up and restoring VCS data292Limitations292Creating a backup293Restoring a previous backup293Diagnostics tools295Diagnostic logging295Creating a system snapshot296Configuring Network Log levels297Configuring Support Log levels297Incident reporting298Incident reporting caution: privacy-protected personal data298Sending incident reports automatically298Sending incident reports manually299Viewing incident reports299Incident report details300Checking the effect of a pattern301Locating an alias302Port usage303Local VCS inbound ports303Local VCS outbound ports304Remote listening ports304Network utilities305Ping305Traceroute305DNS lookup306Restarting308Restarting using the web interface308Rebooting309Rebooting using the web interface309Shutting down310Shutting down using the web interface310Shutting down using the CLI310Reference material311Software version history312X6.1312X6313X5.2315X5.1316X5319X4322About Event Log levels325Event Log format325Administrator and FindMe user events326Message details field326Events and levels328CPL reference335CPL address-switch node335otherwise337not-present337location338rule-switch338proxy339reject339Unsupported CPL elements339CPL examples340LDAP configuration for device authentication346Downloading the H.350 schemas346Configuring a Microsoft Active Directory LDAP server346Configuring an OpenLDAP server348DNS configuration examples351Verifying the SRV record351Microsoft DNS server351BIND 8 & 9352Changing the default SSH key353Default SSH key alarms353Restoring default configuration354Configuration items reset by DefaultValuesSet level 3354Configuration items reset by DefaultValuesSet level 2355Password encryption357Maximum length of passwords357Pattern matching variables359Port reference361Regular expressions367Supported characters369Case sensitivity369TMS Agent370FindMe370Device Provisioning370TMS Agent account passwords371TMS Agent passwords372TMS Agent LDAP and replication accounts372VCSs managed by TMS372VCSs not managed by TMS372What are traversal calls?374Alarms list375Alarms summary375Command reference — xConfiguration388xConfiguration commands388Command reference — xCommand444xCommand commands444Command reference — xStatus463xStatus elements463About policy services475Policy service request parameters475Policy service responses476Bibliography477Glossary480Legal notices487Intellectual property rights487Copyright notice487Patent information487Size: 4.16 MBPages: 488Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction12About the Cisco TelePresence Video Communication Server (VCS)13VCS base applications13Standard features14Optional features15Installation and initial configuration16About this guide17Typographical conventions17Using the web interface18Using the command line interface (CLI)19Web page features and layout20What’s new in this version?22TMS Provisioning Extension support22Call processing22Virtual appliance support22Other enhancements and usability improvements22Overview and status information23Status overview24System information25Ethernet status26IP status27Resource usage28Clustered VCS systems28Active sessions29Active administrator sessions29Active user sessions29Registration status30Registrations by device30Registrations by alias31Registration history31Registration details32Call status33Current calls33Call history34Call summary35B2BUA calls35Search history37About searches37Search history list37Search details38Local Zone status39Zone status40Bandwidth41Link status41Pipe status41Policy service status42TURN relays status43Presence44Presence publishers44Presence presentities44Presence subscribers45OCS Relay status46OCS/Lync B2BUA47OCS/Lync user status47OCS/Lync B2BUA status47TMS Provisioning Extension service status48Provisioning Server status48User records provided by TMS Provisioning Extension services49FindMe records provided by TMS Provisioning Extension services50Phone book records provided by TMS Provisioning Extension services51Provisioned devices51Checking provisioned data51Alarms53Logs54Event Log54Configuration Log55Network Log56Hardware status58VCS unit front panel58Network and system settings59Network settings60Configuring IP settings60Configuring Ethernet settings62Configuring DNS settings62Configuring Quality of Service settings64Network services65Configuring system name and access settings65Configuring SNMP settings67Time68Other settings71Configuring the Login page71Configuring external manager settings71Configuring TMS Provisioning Extension services72Configuring logging levels74Protocols76About H.32377Using the VCS as an H.323 gatekeeper77H.323 endpoint registration77H.323 configuration77About SIP79VCS as a SIP registrar79VCS as a SIP proxy server80Proxying registration requests80VCS as a SIP Presence Server81SIP configuration81Configuring SIP domains84Configuring SIP and H.323 interworking85Searching by protocol85Enabling SIP endpoints to dial H.323 numbers85Registration control87About registrations88Finding a VCS with which to register88Registrations on a VCS Expressway88MCU, gateway and Content Server registration89Configuring registration restriction policy89Registering aliases90About Allow and Deny Lists93Configuring the registration Allow List93Configuring the registration Deny List94Device authentication95About device authentication96Authentication Policy96Authentication mechanism97Authentication Policy configuration options99Zone-level Authentication Policy99Subzone-level Authentication Policy101SIP authentication trust102Device authentication configuration103Authentication database103Endpoint credentials used for authentication103Device authentication using LDAP104Authentication process104LDAP server settings104Device LDAP schemas106Authentication using a local database107Credentials managed within TMS107Starter Pack107Authentication using Active Directory Service108Movi authentication using an Active Directory Service108Active Directory Service (ADS) configuration109Authenticating with external systems112Zones and neighbors113About your video communications network114Example network diagram114Structuring your dial plan115Flat dial plan115Structured dial plan115Hierarchical dial plan115About the Local Zone and subzones117Bandwidth management117Local Zone searches117About zones118Default Zone118Zone configuration119Configuring neighbor zones119Configuring traversal client zones122Configuring traversal server zones124Configuring ENUM zones126Configuring DNS zones127Zone configuration: advanced settings128Zone configuration: pre-configured profile settings133TLS certificate verification of neighbor systems133Configuring a zone for incoming calls only134Clustering and peers135About clusters136Resource usage within a cluster138Example deployment138Managing clusters and peers139Setting up a cluster139Maintaining a cluster139Peer-specific configuration141Sharing registrations across peers142Sharing bandwidth across peers142Cluster upgrades and downgrades143Cluster backup and restore143Clustering and FindMe143Clustering and Presence144Clustering and TMS144About the Cluster Subzone145Neighboring the local VCS to another VCS cluster145TMS Agent replication status146Troubleshooting cluster replication problems147Dial plan and call processing148Call routing process149About the VCS's directory service151About hop counts152Configuring hop counts152Dial plan configuration153About the fallback alias153About transforms and search rules155Transforms155Search rules155About pre-search transforms156Configuring pre-search transforms156Search and zone transform process158Configuring search rules159Example searches and transforms162Filter queries to a zone without transforming162Always query a zone with original alias (no transforms)163Query a zone for a transformed alias163Query a zone for original and transformed alias164Query a zone for two or more transformed aliases165Stripping @domain for dialing to H.323 numbers166Transforms for alphanumeric H.323 ID dial strings168Allowing calls to IP addresses only if they come from known zones170Configuring policy services171About Call Policy172Configuring Call Policy172Configuring Call Policy rules using the web interface174Configuring Call Policy using a CPL script174Configuring VCS to use the Cisco TelePresence Advanced Media Gateway176Configuring the VCS176Usage features and limitations176Configuring Cisco AM GW policy rules177Dialable address formats179Dialing by IP address179Dialing by H.323 ID or E.164 alias179Dialing by H.323 or SIP URI179Dialing by ENUM180IP dialing181Calls to unknown IP addresses181About URI dialing183URI dialing without DNS183URI dialing via DNS184URI resolution process using DNS184URI dialing via DNS for outgoing calls186URI dialing via DNS for incoming calls187URI dialing and firewall traversal190About ENUM dialing191ENUM dialing process191Enabling ENUM dialing191ENUM dialing for outgoing calls192Zone configuration for ENUM dialing193ENUM dialing for incoming calls195Configuring DNS servers for ENUM and URI dialing196Call signaling configuration198Identifying calls199Disconnecting calls201Disconnecting a call using the web interface201Disconnecting a call using the CLI201Limitations when disconnecting SIP calls201Bandwidth control202About bandwidth control203Example network deployment203Bandwidth configuration205About downspeeding205About subzones206Default links between subzones206About the Traversal Subzone206About the Default Subzone207Configuring subzones207Configuring subzone membership rules208Applying bandwidth limitations to subzones209Links and pipes212Configuring links212Default links212Configuring pipes213Applying pipes to links214Bandwidth control examples216Firewall traversal218About firewall traversal219Expressway solution219How does it work?219VCS as a firewall traversal client219VCS as a firewall traversal server220Configuring a traversal client and server221Firewall traversal protocols and ports222Expressway process222H.323 firewall traversal protocols222SIP firewall traversal protocols222Ports for initial connections from traversal clients223Default port summary223TURN ports224Ports for connections out to the public internet224Firewall traversal and authentication225Authentication and NTP226Firewall traversal and Dual Network Interfaces227Firewall configuration228Configuring traversal for endpoints228Configuring traversal server ports229About ICE and TURN services230About ICE230About TURN230Configuring TURN services231Applications232Conference Factory233Conference creation process233Presence235Presence Server235Presence User Agent (PUA)236Configuring Presence237OCS Relay240Configuring a connection between the VCS and the OCS240Microsoft OCS/Lync B2BUA (back-to-back user agent)241Usage features and limitations241Configuring the Microsoft OCS/Lync B2BUA242Configuring the B2BUA's trusted hosts244Configuring transcoder policy rules245Configuring B2BUA transcoders246Restarting the B2BUA service247FindMe™248User (FindMe) account configuration248How are devices specified?248FindMe process overview249Recommendations when deploying FindMe249Configuring FindMe249Searching for FindMe users252TMS provisioning253VCS Provisioning Server254Starter Pack provisioning256Configuring Starter Pack provisioning256Maintenance258About upgrading software components259VCS software components259Prerequisites259Backing up before upgrading259Upgrading and option keys260Installing and rebooting260Upgrade procedure260Upgrading using secure copy (SCP/PSCP)261Option keys263Adding option keys using the web interface264Adding option keys using the CLI264About security certificates265Managing security certificates265CRL management266Certificate-based authentication configuration267Client certificate testing269Advanced account security271Prerequisites271VCS functionality: changes and limitations271Configuring language settings273Changing the language273Installing language packs273About login accounts274Account authentication274Administrator accounts274User accounts274Root accounts275Configuring login account authentication275Account authentication using LDAP275Login history277Root account277Resetting an administrator or root password278Resetting user account passwords278Configuring administrator accounts279Password security280Configuring administrator groups281Configuring user accounts281Configuring a user's principal devices284Configuring user groups284Backing up and restoring VCS data286Creating a backup286Restoring a previous backup287Diagnostics tools288Diagnostic logging288Creating a system snapshot289Configuring Network Log levels290Configuring Support Log levels290Incident reporting291Incident reporting caution: privacy-protected personal data291Sending incident reports automatically291Sending incident reports manually292Viewing incident reports292Incident report details293Checking the effect of a pattern294Locating an alias295Port usage296Local VCS inbound ports296Local VCS outbound ports296Remote listening ports297Network utilities298Ping298Traceroute298DNS lookup299Restarting301Restarting using the web interface301Rebooting302Rebooting using the web interface302Shutting down303Shutting down using the web interface303Shutting down using the CLI303Developer resources304Debugging and system administration tools304Experimental menu304Reference material305Software version history306X7306X6.1308X6309X5.2310X5.1311X5314X4317About Event Log levels319Event Log format319Administrator and FindMe user events319Message details field320Events and levels322CPL reference329CPL address-switch node329otherwise331not-present331location331rule-switch332proxy332reject333Unsupported CPL elements333CPL examples334LDAP configuration for device authentication340Downloading the H.350 schemas340Configuring a Microsoft Active Directory LDAP server340Configuring an OpenLDAP server342DNS configuration examples345Verifying the SRV record345Microsoft DNS server345BIND 8 & 9345Changing the default SSH key347Default SSH key alarms347Restoring default configuration348Configuration items reset by DefaultValuesSet level 3348Configuration items reset by DefaultValuesSet level 2349Password encryption351Maximum length of passwords351Pattern matching variables353Port reference355Regular expressions360Supported characters363Case sensitivity363TMS Agent (legacy)364FindMe364Device Provisioning365TMS Agent account passwords365TMS Agent passwords366TMS Agent LDAP and replication accounts366VCSs managed by TMS366VCSs not managed by TMS366What are traversal calls?368Alarms list369Alarms summary369Command reference — xConfiguration383xConfiguration commands383Command reference — xCommand438xCommand commands438Command reference — xStatus454xStatus elements454About policy services466Policy service request parameters466Policy service responses467Cryptography support467Flash status word reference table468Bibliography469Glossary471Legal notices478Intellectual property rights478Copyright notice478Patent information478Size: 4.33 MBPages: 479Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction10About the Cisco TelePresence Video Communication Server (VCS)11VCS base applications12Standard features13Optional features14Installation and initial configuration15About this guide16Typographical conventions16Using the web interface17Using the command line interface (CLI)18Web page features and layout19What’s new in this version?21Controlled SIP TLS connections to the Default Zone21Device authentication21Enhanced account security21System security enhancements22Zone and subzone media encryption policy22Call processing22Improved interworking flow control22Enhanced diagnostics23Other enhancements and usability improvements23Overview and status information24Status overview25System information26Ethernet status27IP status28Resource usage29Active sessions30Active administrator sessions30Active user sessions30Login history30Registration status31Call status33Disconnecting calls34B2BUA calls34Search history35Search details36Local Zone status37Zone status38Bandwidth39Link status39Pipe status39Policy service status40TURN relays status41Presence42Presence publishers42Presence presentities42Presence subscribers43OCS Relay status44OCS/Lync B2BUA45OCS/Lync user status45OCS/Lync B2BUA status45TMS Provisioning Extension service status46Provisioning Server status46User records provided by TMS Provisioning Extension services47FindMe records provided by TMS Provisioning Extension services48Phone book records provided by TMS Provisioning Extension services48Provisioned devices49Checking provisioned data49Alarms51Logs52Event Log52Configuration Log53Network Log54Hardware status56VCS unit front panel56Network and system settings57Network settings58Configuring IP settings58Configuring Ethernet settings60Configuring DNS settings60Configuring Quality of Service settings62Configuring firewall rules62Network services66Configuring system name and access settings66Configuring SNMP settings70Configuring time settings71Other settings74Configuring the Login page74Configuring external manager settings74Configuring TMS Provisioning Extension services75Protocols78About H.32379Using the VCS as an H.323 gatekeeper79H.323 endpoint registration79H.323 configuration79About SIP81VCS as a SIP registrar81VCS as a SIP proxy server82Proxying registration requests83VCS as a SIP Presence Server83SIP configuration83Configuring SIP domains86Configuring SIP and H.323 interworking88Registration control89About registrations90Finding a VCS with which to register90Registrations on a VCS Expressway90MCU, gateway and Content Server registration91Configuring registration restriction policy91Registering aliases92About Allow and Deny Lists95Configuring the registration Allow List95Configuring the registration Deny List96Device authentication97About device authentication98Configuring VCS authentication policy99Controlling system behavior for authenticated and non-authenticated devices100Authentication policy configuration options101SIP authentication trust104Device provisioning and authentication policy105Presence and authentication policy108Hierarchical dial plans and authentication policy109Practical configuration of authentication policy110Configuring VCS authentication methods111Authentication using the local database112Using an H.350 directory service lookup via LDAP114Device authentication H.350 schemas116Using Active Directory database (direct)116Active Directory Service (ADS) configuration118Authenticating with external systems121Zones and neighbors122About your video communications network123Structuring your dial plan124Flat dial plan124Structured dial plan124Hierarchical dial plan124About the Local Zone and subzones127About zones128About the Default Zone129Configuring the Default Zone129Configuring Default Zone access rules130Media encryption policy131Zone configuration132Configuring neighbor zones132Configuring traversal client zones135Configuring traversal server zones137Configuring ENUM zones140Configuring DNS zones140Zone configuration: advanced settings141Zone configuration: pre-configured profile settings146TLS certificate verification of neighbor systems147Configuring a zone for incoming calls only147Clustering and peers148About clusters149Resource usage within a cluster151Managing clusters and peers152Setting up a cluster152Maintaining a cluster152Peer-specific configuration154Sharing registrations across peers155Sharing bandwidth across peers155Cluster upgrades, backup and restore156Clustering and FindMe156Clustering and Presence157Clustering and TMS157About the Cluster Subzone157Neighboring the local VCS to another VCS cluster158TMS Agent replication status159Troubleshooting cluster replication problems160Dial plan and call processing161Call routing process162About the VCS's directory service164About hop counts165Dial plan configuration166About the fallback alias166About transforms and search rules168About pre-search transforms169Configuring pre-search transforms169Search and zone transform process171Configuring search rules171Example searches and transforms175Filter queries to a zone without transforming175Always query a zone with original alias (no transforms)176Query a zone for a transformed alias176Query a zone for original and transformed alias177Query a zone for two or more transformed aliases178Stripping @domain for dialing to H.323 numbers179Transforms for alphanumeric H.323 ID dial strings181Allowing calls to IP addresses only if they come from known zones183Configuring policy services184About Call Policy186Configuring Call Policy186Configuring Call Policy rules using the web interface188Configuring Call Policy using a CPL script188Configuring VCS to use the Cisco TelePresence Advanced Media Gateway190Configuring Cisco AM GW policy rules191Dialable address formats193Dialing by IP address193Dialing by H.323 ID or E.164 alias193Dialing by H.323 or SIP URI193Dialing by ENUM194IP dialing195About URI dialing197URI dialing without DNS197URI dialing via DNS198URI resolution process using DNS198URI dialing via DNS for outgoing calls199URI dialing via DNS for incoming calls201URI dialing and firewall traversal204About ENUM dialing205ENUM dialing process205Enabling ENUM dialing205ENUM dialing for outgoing calls206Zone configuration for ENUM dialing207ENUM dialing for incoming calls209Configuring DNS servers for ENUM and URI dialing210Call signaling configuration211Identifying calls212Disconnecting calls214Bandwidth control215About bandwidth control216Bandwidth configuration217About downspeeding217About subzones218About the Traversal Subzone218About the Default Subzone219Configuring subzones219Configuring subzone membership rules220Applying bandwidth limitations to subzones221Links and pipes223Configuring links223Default links223Configuring pipes224Applying pipes to links225Bandwidth control examples227Firewall traversal229About firewall traversal230Configuring VCSs for firewall traversal231Configuring a traversal client and server233Firewall traversal protocols and ports235Firewall traversal and authentication238Authentication and NTP239Firewall configuration240Configuring Expressway and traversal endpoint communications240Configuring traversal server ports241About ICE and TURN services242About ICE242About TURN242Configuring TURN services243Applications244Conference Factory245Presence247Presence Server247Presence User Agent (PUA)248Configuring Presence249OCS Relay252Microsoft OCS/Lync B2BUA (back-to-back user agent)253Configuring the Microsoft OCS/Lync B2BUA254Configuring the B2BUA's trusted hosts256Configuring transcoder policy rules257Configuring B2BUA transcoders258Restarting the B2BUA service259FindMe™260User (FindMe) account configuration260How are devices specified?260FindMe process overview261Recommendations when deploying FindMe261Configuring FindMe261Searching for FindMe users264TMS provisioning265VCS Provisioning Server266Starter Pack provisioning268Configuring Starter Pack provisioning268Maintenance269About upgrading software components270Upgrade procedure271Upgrading using secure copy (SCP/PSCP)272Logging configuration274Event Log levels274Remote logging of events274Option keys276About security certificates278Trusted CA certificate278Managing the VCS's server certificate279CRL management280Certificate-based authentication configuration282Client certificate testing283Advanced account security286Configuring language settings288Changing the language288Installing language packs288About login accounts289Account authentication289Account types289Configuring login account authentication290Configuring remote account authentication using LDAP291Password security293Configuring administrator accounts294Configuring administrator groups295Configuring user accounts297Configuring a user's principal devices299Configuring user groups300Resetting forgotten passwords300Root account301Backing up and restoring VCS data303Creating a backup303Restoring a previous backup304Diagnostics tools306Diagnostic logging306Creating a system snapshot307Configuring Network Log levels308Configuring Support Log levels308Incident reporting309Incident reporting caution: privacy-protected personal data309Sending incident reports automatically309Sending incident reports manually310Viewing incident reports310Incident report details311Checking the effect of a pattern312Locating an alias313Port usage314Local VCS inbound ports314Local VCS outbound ports314Remote listening ports315Network utilities316Ping316Traceroute316Tracepath317DNS lookup317Restarting320Rebooting321Shutting down322Developer resources323Debugging and system administration tools323Experimental menu323Reference material324Software version history325X7.1325X7326X6.1328X6329X5.2330X5.1331X5334X4336About Event Log levels339Event Log format339Administrator and FindMe user events339Message details field340Events and levels342CPL reference349CPL address-switch node349otherwise351not-present351location351rule-switch352proxy352reject353Unsupported CPL elements353CPL examples354LDAP server configuration for device authentication360Downloading the H.350 schemas360Configuring a Microsoft Active Directory LDAP server360Configuring an OpenLDAP server362DNS configuration examples365Verifying the SRV record365Microsoft DNS server365BIND 8 & 9365Changing the default SSH key367Default SSH key alarms367Restoring default configuration368Password security369Pattern matching variables370Port reference372Regular expressions378Supported characters380TMS Agent (legacy)381TMS Agent passwords383What are traversal calls?385Alarms386Command reference — xConfiguration403Command reference — xCommand456Command reference — xStatus470About policy services482Flash status word reference table484Bibliography485Glossary488Accessibility notice495Legal notices496Intellectual property rights496Copyright notice496Patent information497Size: 3.95 MBPages: 498Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction11About the Cisco TelePresence Video Communication Server (VCS)12VCS base applications13Standard features13Optional features14Installation and initial configuration16About this guide17Related documentation17Training17Glossary17Accessibility notice17Using the web interface18Using the command line interface (CLI)19Web page features and layout20What’s new in this version?22X8.1.122X8.122Network and system settings28Network settings29Configuring IP settings29Configuring Ethernet settings31Configuring DNS settings32Configuring Quality of Service settings33Intrusion protection34Configuring firewall rules34Current active firewall rules36Configuring automated intrusion protection36Network services40Configuring system name and access settings40Configuring SNMP settings43Configuring time settings45Configuring the Login page47Configuring external manager settings48Configuring TMS Provisioning Extension services49Firewall traversal52About firewall traversal53The Expressway solution53How does it work?53Endpoint traversal technology requirements54H.323 firewall traversal protocols54SIP firewall traversal protocols54Media demultiplexing54Firewall traversal configuration overview55Configuring a traversal client and server57Configuring ports for firewall traversal58Configuring the firewall58Configuring traversal server ports58Configuring ports for connections from traversal clients59Firewall traversal and authentication61Authentication and NTP61Configuring Expressway and traversal endpoint communications62About ICE and TURN services63About ICE63About TURN63Configuring TURN services64Unified Communications66Mobile and remote access67Jabber client connectivity without VPN68Configuring mobile and remote access on VCS69Setting up the VCS Control69Setting up the VCS Expressway72Setting up VCS security certificates72Setting up secure VCS traversal zones74Checking the status of Unified Communications services75Additional configuration75Protocols77About H.32378Using the VCS as an H.323 gatekeeper78H.323 endpoint registration78Configuring H.32379About SIP81VCS as a SIP registrar81VCS as a SIP proxy server82Proxying registration requests83VCS as a SIP Presence Server83Configuring SIP84SIP functionality and SIP-specific transport modes and ports84Certificate revocation checking modes84Registration controls85Authentication controls87Configuring domains88Configuring the supported services for Unified Communications (VCS Control only)88Configuring delegated credential checking (VCS Expressway only)88Configuring SIP and H.323 interworking90Registration control92About registrations93Finding a VCS with which to register93Registrations on a VCS Expressway93MCU, gateway and Content Server registration94Configuring registration restriction policy94Registering aliases94About Allow and Deny Lists97Configuring the registration Allow List97Configuring the registration Deny List98Configuring Registration Policy to use an external service99Device authentication101About device authentication102Configuring VCS authentication policy103Controlling system behavior for authenticated and non-authenticated devices104Authentication policy configuration options105SIP authentication trust108Configuring delegated credential checking (SIP only)109Device provisioning and authentication policy112Presence and authentication policy114Hierarchical dial plans and authentication policy115Practical configuration of authentication policy116Configuring VCS authentication methods116Configuring authentication to use the local database119Using an H.350 directory service lookup via LDAP120Using Active Directory database (direct)123Configuring the connection to Active Directory Service (ADS)124Authenticating with external systems129Zones and neighbors130About your video communications network131Structuring your dial plan132Flat dial plan132Structured dial plan132Hierarchical dial plan132About zones134Configuring media encryption policy135Configuring the B2BUA for media encryption136Configuring ICE messaging support137About the Local Zone and subzones138The Default Zone139Configuring the Default Zone139Configuring Default Zone access rules140Configuring zones141Configuring neighbor zones141Configuring traversal client zones144Configuring traversal server zones146Configuring ENUM zones149Configuring DNS zones150Zone configuration: advanced settings151Zone configuration: pre-configured profile settings154TLS certificate verification of neighbor systems155Configuring a zone for incoming calls only156Clustering and peers157About clusters158License usage within a cluster160Managing clusters and peers162Setting up a cluster162Maintaining a cluster163Specifying peer-specific items in clustered systems164Sharing registrations across peers166Sharing bandwidth across peers166Cluster upgrades, backup and restore167Clustering and Presence167Clustering and Cisco TMS167About the Cluster Subzone168Neighboring the local VCS to another VCS cluster169Troubleshooting cluster replication problems170Dial plan and call processing171Call routing process172Configuring hop counts174Configuring dial plan settings175About the fallback alias175About transforms and search rules176About pre-search transforms176Configuring pre-search transforms177Search and zone transform process178Configuring search rules179Example searches and transforms182Filter queries to a zone without transforming182Always query a zone with original alias (no transforms)183Query a zone for a transformed alias183Query a zone for original and transformed alias184Query a zone for two or more transformed aliases185Stripping @domain for dialing to H.323 numbers186Transforms for alphanumeric H.323 ID dial strings188Allowing calls to IP addresses only if they come from known zones190Configuring search rules to use an external service191About Call Policy194Configuring Call Policy194Configuring Call Policy rules using the web interface195Configuring Call Policy using a CPL script195Configuring Call Policy to use an external service197Supported address formats199Dialing by IP address199Dialing by H.323 ID or E.164 alias199Dialing by H.323 or SIP URI199Dialing by ENUM200Dialing by IP address201About URI dialing203URI dialing without DNS203URI dialing via DNS204URI resolution process using DNS204URI dialing via DNS for outgoing calls205URI dialing via DNS for incoming calls207URI dialing and firewall traversal209About ENUM dialing211ENUM dialing process211Enabling ENUM dialing211ENUM dialing for outgoing calls212Configuring zones and search rules for ENUM dialing213ENUM dialing for incoming calls215Configuring DNS servers for ENUM and URI dialing217Configuring call routing and signaling218Identifying calls219Disconnecting calls220Bandwidth control221About bandwidth control222Configuring bandwidth controls223About downspeeding223About subzones224About the Traversal Subzone224Configuring the Default Subzone225Configuring subzones225Configuring subzone membership rules226Applying bandwidth limitations to subzones228Links and pipes230Configuring links230Default links230Configuring pipes231Applying pipes to links232Bandwidth control examples233Applications235Configuring Conference Factory236Presence238Presence Server238Presence User Agent (PUA)239Configuring Presence240B2BUA (back-to-back user agent) overview243Configuring B2BUA TURN servers243Microsoft Lync B2BUA244FindMe™251End-user FindMe account configuration251How are devices specified?251FindMe process overview252Recommendations when deploying FindMe252Configuring FindMe252Cisco TMS provisioning255VCS Provisioning Server256Starter Pack provisioning258Configuring Starter Pack provisioning258User accounts259About user accounts260Account authentication260Account types260Configuring password security262Configuring administrator accounts263Viewing active administrator sessions264Login history264Configuring remote account authentication using LDAP265Checking the LDAP server connection status267Configuring administrator groups268Configuring FindMe groups270Configuring FindMe accounts271Configuring a FindMe account's principal devices273Active FindMe sessions273Resetting forgotten passwords274Resetting your root or admin password via a serial connection274Resetting FindMe account passwords274Using the root account275Changing the root account password275Accessing the root account over SSH275Maintenance276Enabling maintenance mode277About upgrading software components278Upgrading VCS software279Upgrading using secure copy (SCP/PSCP)280Configuring logging281Event Log levels281Remote logging of events281Managing option keys283About security certificates285Managing the trusted CA certificate list285Managing the VCS's server certificate286Managing certificate revocation lists (CRLs)288Configuring certificate-based authentication290Testing client certificates292Advanced security295Configuring advanced account security mode295Configuring FIPS140-2 cryptographic mode296Configuring language settings299Changing the language299Installing language packs299Removing language packs300Backing up and restoring VCS data301When to create a backup301Content of the backup file301Limitations301Creating a system backup301Restoring a previous backup302Diagnostics tools303Configuring diagnostic logging303Creating a system snapshot304Configuring Network Log levels304Configuring Support Log levels305Incident reporting306Incident reporting caution: privacy-protected personal data306Enabling automatic incident reporting306Sending incident reports manually307Viewing incident reports307Incident report details308Checking the effect of a pattern309Locating an alias310Port usage311Local inbound ports311Local outbound ports311Remote listening ports312Network utilities313Ping313Traceroute313Tracepath314DNS lookup314Restarting, rebooting and shutting down317Developer resources319Debugging and system administration tools319Experimental menu319Overview and status information320Status overview321System information323Ethernet status324IP status325Resource usage326Registration status328Call status330Disconnecting calls331B2BUA calls332Viewing B2BUA call media details332Search history333Search details334Local Zone status335Zone status336Bandwidth337Link status337Pipe status337Policy server status and resiliency338Viewing policy server status via the VCS338TURN relays status339Unified Communications status340Presence341Presence publishers341Presence presentities341Presence subscribers342Lync B2BUA343Lync user status343Lync B2BUA status343TMS Provisioning Extension service status344Provisioning Server device requests status (Cisco TMSPE)344User records provided by Cisco TMSPE services345FindMe records provided by Cisco TMSPE services346Phone book records provided by Cisco TMSPE services346Provisioned devices347Checking provisioned data347Starter Pack Provisioning Server status348Managing alarms349Logs350Event Log350Configuration Log351Network Log352Hardware status354VCS unit front panel354Reference material355Performance capabilities356About Event Log levels357Event Log format357Administrator and FindMe user events358Message details field358Events and levels360CPL reference366CPL address-switch node366otherwise368not-present368location368rule-switch369proxy370reject370Unsupported CPL elements370CPL examples371LDAP server configuration for device authentication377Downloading the H.350 schemas377Configuring a Microsoft Active Directory LDAP server377Configuring an OpenLDAP server379DNS configuration examples383Verifying the SRV record383Microsoft DNS server383BIND 8 & 9383Changing the default SSH key385Restoring default configuration (factory reset)386Prerequisite files386Performing a reset to default configuration386Resetting via USB stick386Password encryption388Pattern matching variables389Port reference391Local VCS inbound/outbound ports391Remote listening ports393Unified Communications port reference395Microsoft Lync B2BUA port reference397Device authentication port reference399H.350 directory service399Active Directory (direct)399Regular expressions400Supported characters402Call types and licensing403Call types403What are traversal calls?403Alarms405Command reference — xConfiguration422Command reference — xCommand469Command reference — xStatus488External policy overview490Using an external policy server490External policy request parameters491Default CPL for policy services492Flash status word reference table493Supported RFCs494Software version history496X7.2.1496X7.2496X7.1499X7500Related documentation503Legal notices505Intellectual property rights505Copyright notice505Patent information506Size: 7.28 MBPages: 507Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction11About the Cisco TelePresence Video Communication Server (VCS)12VCS base applications13Standard features13Optional features14Installation and initial configuration16About this guide17Related documentation17Training17Glossary17Accessibility notice17Using the web interface18Using the command line interface (CLI)19Web page features and layout20What’s new in this version?22Network and system settings28Network settings29Configuring IP settings29Configuring Ethernet settings31Configuring DNS settings31Configuring Quality of Service settings33Intrusion protection34Configuring firewall rules34Current active firewall rules36Configuring automated intrusion protection36Network services40Configuring system name and access settings40Configuring SNMP settings43Configuring time settings45Configuring the Login page47Configuring external manager settings48Configuring TMS Provisioning Extension services49Firewall traversal52About firewall traversal53The Expressway solution53How does it work?53Endpoint traversal technology requirements54H.323 firewall traversal protocols54SIP firewall traversal protocols54Media demultiplexing54Firewall traversal configuration overview55Configuring a traversal client and server57Configuring ports for firewall traversal58Configuring the firewall58Configuring traversal server ports58Configuring ports for connections from traversal clients59Firewall traversal and authentication61Authentication and NTP61Configuring Expressway and traversal endpoint communications62About ICE and TURN services63About ICE63About TURN63Configuring TURN services64Unified Communications66Mobile and remote access (feature preview)67Jabber client connectivity without VPN68Configuring mobile and remote access on VCS69Setting up the VCS Control69Setting up the VCS Expressway72Setting up VCS security certificates72Setting up secure VCS traversal zones73Checking the status of Unified Communications services75Additional configuration75Jabber Guest services (feature preview)77Configuring Jabber Guest services on VCS (technical preview)78Protocols79About H.32380Using the VCS as an H.323 gatekeeper80H.323 endpoint registration80Configuring H.32381About SIP83VCS as a SIP registrar83VCS as a SIP proxy server84Proxying registration requests85VCS as a SIP Presence Server85Configuring SIP86SIP functionality and SIP-specific transport modes and ports86Certificate revocation checking modes86Registration controls87Authentication controls89Configuring domains90Configuring the supported services for Unified Communications (VCS Control only)90Configuring delegated credential checking (VCS Expressway only)90Configuring SIP and H.323 interworking92Registration control94About registrations95Finding a VCS with which to register95Registrations on a VCS Expressway95MCU, gateway and Content Server registration96Configuring registration restriction policy96Registering aliases96About Allow and Deny Lists99Configuring the registration Allow List99Configuring the registration Deny List100Configuring Registration Policy to use an external service101Device authentication103About device authentication104Configuring VCS authentication policy105Controlling system behavior for authenticated and non-authenticated devices106Authentication policy configuration options107SIP authentication trust110Configuring delegated credential checking (SIP only)111Device provisioning and authentication policy114Presence and authentication policy116Hierarchical dial plans and authentication policy117Practical configuration of authentication policy118Configuring VCS authentication methods118Configuring authentication to use the local database121Using an H.350 directory service lookup via LDAP122Using Active Directory database (direct)125Configuring the connection to Active Directory Service (ADS)126Authenticating with external systems131Zones and neighbors132About your video communications network133Structuring your dial plan134Flat dial plan134Structured dial plan134Hierarchical dial plan134About zones136Configuring media encryption policy137Configuring the B2BUA for media encryption137Configuring ICE messaging support138About the Local Zone and subzones139The Default Zone140Configuring the Default Zone140Configuring Default Zone access rules141Configuring zones142Configuring neighbor zones142Configuring traversal client zones145Configuring traversal server zones147Configuring ENUM zones150Configuring DNS zones151Zone configuration: advanced settings152Zone configuration: pre-configured profile settings155TLS certificate verification of neighbor systems156Configuring a zone for incoming calls only157Clustering and peers158About clusters159License usage within a cluster161Managing clusters and peers162Setting up a cluster162Maintaining a cluster163Specifying peer-specific items in clustered systems164Sharing registrations across peers166Sharing bandwidth across peers166Cluster upgrades, backup and restore167Clustering and Presence167Clustering and Cisco TMS167About the Cluster Subzone168Neighboring the local VCS to another VCS cluster169Troubleshooting cluster replication problems170Dial plan and call processing171Call routing process172Configuring hop counts174Configuring dial plan settings175About the fallback alias175About transforms and search rules176About pre-search transforms176Configuring pre-search transforms177Search and zone transform process178Configuring search rules179Example searches and transforms182Filter queries to a zone without transforming182Always query a zone with original alias (no transforms)183Query a zone for a transformed alias183Query a zone for original and transformed alias184Query a zone for two or more transformed aliases185Stripping @domain for dialing to H.323 numbers186Transforms for alphanumeric H.323 ID dial strings188Allowing calls to IP addresses only if they come from known zones190Configuring search rules to use an external service191About Call Policy194Configuring Call Policy194Configuring Call Policy rules using the web interface195Configuring Call Policy using a CPL script195Configuring Call Policy to use an external service197Supported address formats199Dialing by IP address199Dialing by H.323 ID or E.164 alias199Dialing by H.323 or SIP URI199Dialing by ENUM200Dialing by IP address201About URI dialing203URI dialing without DNS203URI dialing via DNS204URI resolution process using DNS204URI dialing via DNS for outgoing calls205URI dialing via DNS for incoming calls207URI dialing and firewall traversal209About ENUM dialing211ENUM dialing process211Enabling ENUM dialing211ENUM dialing for outgoing calls212Configuring zones and search rules for ENUM dialing213ENUM dialing for incoming calls215Configuring DNS servers for ENUM and URI dialing217Configuring call routing and signaling218Identifying calls219Disconnecting calls220Bandwidth control221About bandwidth control222Configuring bandwidth controls223About downspeeding223About subzones224About the Traversal Subzone224Configuring the Default Subzone225Configuring subzones225Configuring subzone membership rules226Applying bandwidth limitations to subzones228Links and pipes230Configuring links230Default links230Configuring pipes231Applying pipes to links232Bandwidth control examples233Applications235Configuring Conference Factory236Presence238Presence Server238Presence User Agent (PUA)239Configuring Presence240B2BUA (back-to-back user agent) overview243Configuring B2BUA TURN servers243Microsoft Lync B2BUA244FindMe™251End-user FindMe account configuration251How are devices specified?251FindMe process overview252Recommendations when deploying FindMe252Configuring FindMe252Cisco TMS provisioning255VCS Provisioning Server256Starter Pack provisioning258Configuring Starter Pack provisioning258User accounts259About user accounts260Account authentication260Account types260Configuring password security262Configuring administrator accounts263Viewing active administrator sessions264Login history264Configuring remote account authentication using LDAP265Checking the LDAP server connection status267Configuring administrator groups268Configuring FindMe groups270Configuring FindMe accounts271Configuring a FindMe account's principal devices273Active FindMe sessions273Resetting forgotten passwords274Resetting your root or admin password via a serial connection274Resetting FindMe account passwords274Using the root account275Changing the root account password275Accessing the root account over SSH275Maintenance276Enabling maintenance mode277About upgrading software components278Upgrading VCS software279Upgrading using secure copy (SCP/PSCP)280Configuring logging281Event Log levels281Remote logging of events281Managing option keys283About security certificates285Managing the trusted CA certificate list285Managing the VCS's server certificate286Managing certificate revocation lists (CRLs)288Configuring certificate-based authentication290Testing client certificates292Advanced security294Configuring advanced account security mode294Configuring FIPS140-2 cryptographic mode295Configuring language settings298Changing the language298Installing language packs298Removing language packs299Backing up and restoring VCS data300When to create a backup300Content of the backup file300Limitations300Creating a system backup300Restoring a previous backup301Diagnostics tools302Configuring diagnostic logging302Creating a system snapshot303Configuring Network Log levels304Configuring Support Log levels304Incident reporting305Incident reporting caution: privacy-protected personal data305Enabling automatic incident reporting305Sending incident reports manually306Viewing incident reports306Incident report details307Checking the effect of a pattern308Locating an alias309Port usage310Local inbound ports310Local outbound ports310Remote listening ports311Network utilities312Ping312Traceroute312Tracepath313DNS lookup313Restarting, rebooting and shutting down316Developer resources318Debugging and system administration tools318Experimental menu318Overview and status information319Status overview320System information322Ethernet status323IP status324Resource usage325Registration status327Call status329Disconnecting calls330B2BUA calls331Viewing B2BUA call media details331Search history332Search details333Local Zone status334Zone status335Bandwidth336Link status336Pipe status336Policy server status and resiliency337Viewing policy server status via the VCS337TURN relays status338Unified Communications status339Presence340Presence publishers340Presence presentities340Presence subscribers341Lync B2BUA342Lync user status342Lync B2BUA status342TMS Provisioning Extension service status343Provisioning Server device requests status (Cisco TMSPE)343User records provided by Cisco TMSPE services344FindMe records provided by Cisco TMSPE services345Phone book records provided by Cisco TMSPE services345Provisioned devices346Checking provisioned data346Starter Pack Provisioning Server status347Managing alarms348Logs349Event Log349Configuration Log350Network Log351Hardware status353VCS unit front panel353Reference material354Performance capabilities355About Event Log levels356Event Log format356Administrator and FindMe user events357Message details field357Events and levels359CPL reference365CPL address-switch node365otherwise367not-present367location367rule-switch368proxy369reject369Unsupported CPL elements369CPL examples370LDAP server configuration for device authentication376Downloading the H.350 schemas376Configuring a Microsoft Active Directory LDAP server376Configuring an OpenLDAP server378DNS configuration examples381Verifying the SRV record381Microsoft DNS server381BIND 8 & 9381Changing the default SSH key383Restoring default configuration (factory reset)384Prerequisite files384Performing a reset to default configuration384Password encryption385Pattern matching variables386Port reference388Local VCS inbound/outbound ports388Remote listening ports390Unified Communications port reference392Microsoft Lync B2BUA port reference394Device authentication port reference396H.350 directory service396Active Directory (direct)396Regular expressions397Supported characters399Call types and licensing400Call types400What are traversal calls?400Alarms402Command reference — xConfiguration419Command reference — xCommand466Command reference — xStatus485External policy overview487Using an external policy server487External policy request parameters488Default CPL for policy services489Flash status word reference table490Supported RFCs491Software version history493X7.2.1493X7.2493X7.1496X7497Related documentation500Legal notices502Intellectual property rights502Copyright notice502Patent information503Size: 7.25 MBPages: 504Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction11About the Cisco TelePresence Video Communication Server (VCS)12VCS base applications13Standard features13Optional features14Appliance and virtual machine options16About this guide17Related documentation17Training17Glossary17Accessibility notice17Using the web interface18Using the command line interface (CLI)19Web page features and layout20What’s new in this version?22Network and system settings24Network settings25Configuring IP settings25Configuring Ethernet settings27Configuring DNS settings27Configuring Quality of Service settings29Intrusion protection30Configuring firewall rules30Current active firewall rules32Configuring automated intrusion protection32Network services36Configuring system name and access settings36Configuring SNMP settings39Configuring time settings41Configuring the Login page43Configuring external manager settings44Configuring TMS Provisioning Extension services45Firewall traversal48About firewall traversal49The Expressway solution49How does it work?49Endpoint traversal technology requirements50H.323 firewall traversal protocols50SIP firewall traversal protocols50Media demultiplexing50Firewall traversal configuration overview52Configuring a traversal client and server54Configuring ports for firewall traversal55Configuring the firewall55Configuring traversal server ports55Configuring ports for connections from traversal clients56Firewall traversal and authentication59Authentication and NTP59Configuring Expressway and traversal endpoint communications60About ICE and TURN services61About ICE61About TURN61Configuring TURN services62Unified Communications65Mobile and remote access66Mobile and remote access overview66Configuring mobile and remote access on VCS67Mobile and remote access port reference72External XMPP federation75Deploying VCS for external XMPP federation75Configuring VCS for external XMPP federation76DNS SRV records for XMPP federation80Port usage for XMPP federation81Checking XMPP federation status82Troubleshooting external XMPP federation82Cisco Jabber Guest86Jabber Guest services overview86Jabber Guest signaling and media flows in single-NIC deployment86Jabber Guest licensing and call capacity89Configuring Jabber Guest services on VCS89Configuring your firewall for Jabber Guest traffic93Troubleshooting Jabber Guest services on VCS95Configuring a secure traversal zone connection for Unified Communications96Installing VCS security certificates96Configuring encrypted VCS traversal zones97Server certificate requirements for Unified Communications99Protocols102About H.323103Using the VCS as an H.323 gatekeeper103H.323 endpoint registration103Configuring H.323104About SIP106VCS as a SIP registrar106VCS as a SIP proxy server107Proxying registration requests108VCS as a SIP Presence Server108Configuring SIP109SIP functionality and SIP-specific transport modes and ports109Certificate revocation checking modes110Registration controls110Authentication controls112Configuring domains113Configuring the supported services for Unified Communications (VCS Control only)113Configuring delegated credential checking (VCS Expressway only)113Configuring SIP and H.323 interworking115Registration control117About registrations118Finding a VCS with which to register118Registrations on a VCS Expressway118MCU, gateway and Content Server registration119Configuring registration restriction policy119Registering aliases119About Allow and Deny Lists122Configuring the registration Allow List122Configuring the registration Deny List123Configuring Registration Policy to use an external service124Device authentication126About device authentication127Configuring VCS authentication policy128Controlling system behavior for authenticated and non-authenticated devices129Authentication policy configuration options130SIP authentication trust133Configuring delegated credential checking (SIP only)134Device provisioning and authentication policy137Presence and authentication policy139Hierarchical dial plans and authentication policy140Practical configuration of authentication policy141Configuring VCS authentication methods141Configuring authentication to use the local database144Using an H.350 directory service lookup via LDAP145Using Active Directory database (direct)148Configuring the connection to Active Directory Service (ADS)149Authenticating with external systems154Zones and neighbors155About your video communications network156Structuring your dial plan157Flat dial plan157Structured dial plan157Hierarchical dial plan157About zones159Configuring media encryption policy160Configuring the B2BUA for media encryption160Configuring ICE messaging support161About the Local Zone and subzones162The Default Zone163Configuring the Default Zone163Configuring Default Zone access rules164Configuring zones165Configuring neighbor zones165Configuring traversal client zones168Configuring traversal server zones170Configuring ENUM zones173Configuring DNS zones174Zone configuration: advanced settings175Zone configuration: pre-configured profile settings178TLS certificate verification of neighbor systems179Configuring a zone for incoming calls only180Clustering and peers181About clusters182License usage within a cluster184Managing clusters and peers186Setting up a cluster186Maintaining a cluster187Specifying peer-specific items in clustered systems188Sharing registrations across peers190Sharing bandwidth across peers190Cluster upgrades, backup and restore191Clustering and Presence191Clustering and Cisco TMS191About the Cluster Subzone192Neighboring the local VCS to another VCS cluster193Troubleshooting cluster replication problems194Dial plan and call processing195Call routing process196Configuring hop counts198Configuring dial plan settings199About the fallback alias199About transforms and search rules200About pre-search transforms200Configuring pre-search transforms201Search and zone transform process202Configuring search rules203Example searches and transforms206Filter queries to a zone without transforming206Always query a zone with original alias (no transforms)207Query a zone for a transformed alias207Query a zone for original and transformed alias208Query a zone for two or more transformed aliases209Stripping @domain for dialing to H.323 numbers210Transforms for alphanumeric H.323 ID dial strings212Allowing calls to IP addresses only if they come from known zones214Configuring search rules to use an external service215About Call Policy218Configuring Call Policy218Configuring Call Policy rules using the web interface219Configuring Call Policy using a CPL script219Configuring Call Policy to use an external service221Supported address formats223Dialing by IP address223Dialing by H.323 ID or E.164 alias223Dialing by H.323 or SIP URI223Dialing by ENUM224Dialing by IP address225About URI dialing227URI dialing without DNS227URI dialing via DNS228URI resolution process using DNS228URI dialing via DNS for outgoing calls229URI dialing via DNS for incoming calls231URI dialing and firewall traversal233About ENUM dialing235ENUM dialing process235Enabling ENUM dialing235ENUM dialing for outgoing calls236Configuring zones and search rules for ENUM dialing237ENUM dialing for incoming calls239Configuring DNS servers for ENUM and URI dialing241Configuring call routing and signaling242Identifying calls243Disconnecting calls244Bandwidth control245About bandwidth control246Configuring bandwidth controls247About downspeeding247About subzones248About the Traversal Subzone248Configuring the Default Subzone249Configuring subzones249Configuring subzone membership rules250Applying bandwidth limitations to subzones252Links and pipes254Configuring links254Default links254Configuring pipes255Applying pipes to links256Bandwidth control examples257Applications259Configuring Conference Factory260Presence262Presence Server262Presence User Agent (PUA)263Configuring Presence264B2BUA (back-to-back user agent) overview267Configuring B2BUA TURN servers267Microsoft Lync B2BUA268FindMe™275End-user FindMe account configuration275How are devices specified?275FindMe process overview276Recommendations when deploying FindMe276Configuring FindMe276Cisco TMS provisioning279VCS Provisioning Server280Starter Pack provisioning282Configuring Starter Pack provisioning282User accounts283About user accounts284Account authentication284Account types284Configuring password security286Configuring administrator accounts287Viewing active administrator sessions288Login history288Configuring remote account authentication using LDAP289Checking the LDAP server connection status291Configuring administrator groups292Configuring FindMe groups294Configuring FindMe accounts295Configuring a FindMe account's principal devices297Active FindMe sessions297Resetting forgotten passwords298Resetting your root or admin password via a serial connection298Resetting FindMe account passwords298Using the root account299Changing the root account password299Accessing the root account over SSH299Maintenance300Enabling maintenance mode301About upgrading software components302Upgrading VCS software303Upgrading using secure copy (SCP/PSCP)304Configuring logging305Event Log levels305Remote logging of events305Managing option keys307About security certificates309Managing the trusted CA certificate list309Managing the VCS's server certificate310Managing certificate revocation lists (CRLs)313Configuring certificate-based authentication315Testing client certificates317Advanced security320Configuring advanced account security mode320Configuring FIPS140-2 cryptographic mode321Configuring language settings324Changing the language324Installing language packs324Removing language packs325Backing up and restoring VCS data326When to create a backup326Content of the backup file326Limitations326Creating a system backup326Restoring a previous backup327Diagnostics tools328Configuring diagnostic logging328Creating a system snapshot329Configuring Network Log levels330Configuring Support Log levels330Incident reporting331Incident reporting caution: privacy-protected personal data331Enabling automatic incident reporting331Sending incident reports manually332Viewing incident reports332Incident report details333Checking the effect of a pattern334Locating an alias335Port usage336Local inbound ports336Local outbound ports336Remote listening ports337Network utilities338Ping338Traceroute338Tracepath339DNS lookup339Restarting, rebooting and shutting down342Developer resources344Debugging and system administration tools344Experimental menu344Overview and status information345Status overview346System information348Ethernet status349IP status350Resource usage351Registration status353Call status355Disconnecting calls356B2BUA calls357Viewing B2BUA call media details357Search history358Search details359Local Zone status360Zone status361Bandwidth362Link status362Pipe status362Policy server status and resiliency363Viewing policy server status via the VCS363TURN relay usage364TURN relay summary364Unified Communications status365Presence366Presence publishers366Presence presentities366Presence subscribers367Lync B2BUA368Lync user status368Lync B2BUA status368TMS Provisioning Extension service status369Provisioning Server device requests status (Cisco TMSPE)369User records provided by Cisco TMSPE services370FindMe records provided by Cisco TMSPE services371Phone book records provided by Cisco TMSPE services371Provisioned devices372Checking provisioned data372Starter Pack Provisioning Server status373Managing alarms374Logs375Event Log375Configuration Log376Network Log377Hardware status379Reference material380Performance capabilities381About Event Log levels382Event Log format382Administrator and FindMe user events383Message details field383Events and levels385CPL reference391CPL address-switch node391otherwise393not-present393location393rule-switch394proxy395reject395Unsupported CPL elements395CPL examples396LDAP server configuration for device authentication402Downloading the H.350 schemas402Configuring a Microsoft Active Directory LDAP server402Configuring an OpenLDAP server404DNS configuration examples408Verifying the SRV record408Microsoft DNS server408BIND 8 & 9408Changing the default SSH key410Restoring default configuration (factory reset)411Prerequisite files411Performing a reset to default configuration411Resetting via USB stick412Password encryption413Pattern matching variables414Port reference416Local VCS inbound/outbound ports416Remote listening ports420Mobile and remote access port reference422Microsoft Lync B2BUA port reference424Device authentication port reference426H.350 directory service426Active Directory (direct)426Regular expressions427Supported characters429Call types and licensing430Call types430What are traversal calls?430Alarms432Command reference — xConfiguration449Command reference — xCommand496Command reference — xStatus515External policy overview517Using an external policy server517External policy request parameters518Default CPL for policy services519Flash status word reference table520Supported RFCs521Software version history523X8.2523X8.1.1525X8.1525X7.2.1530X7.2530X7.1533X7534Related documentation538Legal notices540Intellectual property rights540Copyright notice540Patent information541Size: 8.14 MBPages: 542Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction12About the Cisco TelePresence Video Communication Server (VCS)13VCS base applications14Standard features14Optional features15Appliance and virtual machine options17About this guide18Related documentation18Training18Glossary18Accessibility notice18Using the web interface19Using the command line interface (CLI)20Web page features and layout21What’s new in this version?23Changes in X8.5.123Network and system settings25Network settings26Configuring Ethernet settings26Configuring IP settings26Configuring DNS settings28Configuring Quality of Service settings30Static routes30Intrusion protection32Configuring firewall rules32Current active firewall rules34Configuring automated intrusion protection34Network services38Configuring system name and access settings38Configuring SNMP settings42Configuring time settings44Configuring the Login page45Configuring external manager settings47Configuring TMS Provisioning Extension services48Firewall traversal51About firewall traversal52The Expressway solution52How does it work?52Endpoint traversal technology requirements53H.323 firewall traversal protocols53SIP firewall traversal protocols53Media demultiplexing53Firewall traversal configuration overview55Configuring a traversal client and server57Configuring ports for firewall traversal58Configuring the firewall58Configuring traversal server ports58Configuring ports for connections from traversal clients59Firewall traversal and authentication62Authentication and NTP62Configuring Expressway and traversal endpoint communications63About ICE and TURN services64About ICE64About TURN64Configuring TURN services65Unified Communications68Unified Communications prerequisites69Configuring a secure traversal zone connection for Unified Communications69Server certificate requirements for Unified Communications71Mobile and remote access74Mobile and remote access overview74Configuring mobile and remote access on VCS75Using deployments to partition Unified Communications services81Single Sign-On (SSO) over the Collaboration Edge83Checking the status of Unified Communications services88Mobile and remote access port reference88External XMPP federation91Deploying VCS for external XMPP federation91Configuring VCS for external XMPP federation92DNS SRV records for XMPP federation96Port usage for XMPP federation97Checking XMPP federation status98Troubleshooting external XMPP federation98Cisco Jabber Guest102Jabber Guest services overview102Jabber Guest signaling and media flows in single-NIC deployment102Jabber Guest licensing and call capacity105Configuring Jabber Guest services on VCS105Configuring your firewall for Jabber Guest traffic109Troubleshooting Jabber Guest services on VCS111Protocols112About H.323113Using the VCS as an H.323 gatekeeper113H.323 endpoint registration113Configuring H.323114About SIP116VCS as a SIP registrar116VCS as a SIP proxy server117Proxying registration requests118VCS as a SIP Presence Server118Configuring SIP119SIP functionality and SIP-specific transport modes and ports119Certificate revocation checking modes120Registration controls120Authentication controls122Configuring domains123Configuring the supported services for Unified Communications (VCS Control only)123Configuring delegated credential checking (VCS Expressway only)123Configuring SIP and H.323 interworking125Registration control127About registrations128Finding a VCS with which to register128Registrations on a VCS Expressway128MCU, gateway and Content Server registration129Configuring registration restriction policy129Registering aliases129About Allow and Deny Lists132Configuring the registration Allow List132Configuring the registration Deny List133Configuring Registration Policy to use an external service134Device authentication136About device authentication137Configuring VCS authentication policy138Controlling system behavior for authenticated and non-authenticated devices139Authentication policy configuration options140SIP authentication trust143Configuring delegated credential checking (SIP only)144Device provisioning and authentication policy147Presence and authentication policy149Hierarchical dial plans and authentication policy150Practical configuration of authentication policy151Configuring VCS authentication methods151Configuring authentication to use the local database154Using an H.350 directory service lookup via LDAP155Using Active Directory database (direct)158Configuring the connection to Active Directory Service (ADS)159Authenticating with external systems164Zones and neighbors165About your video communications network166Structuring your dial plan167Flat dial plan167Structured dial plan167Hierarchical dial plan167About zones169Configuring media encryption policy170Configuring the B2BUA for media encryption170Configuring ICE messaging support171About the Local Zone and subzones172The Default Zone173Configuring the Default Zone173Configuring Default Zone access rules174Configuring zones175Configuring neighbor zones175Configuring traversal client zones178Configuring traversal server zones180Configuring ENUM zones183Configuring DNS zones184Zone configuration: advanced settings185Zone configuration: pre-configured profile settings188TLS certificate verification of neighbor systems189Configuring a zone for incoming calls only190Clustering and peers191About clusters192License usage within a cluster194Managing clusters and peers196Setting up a cluster196Maintaining a cluster197Specifying peer-specific items in clustered systems198Sharing registrations across peers200Sharing bandwidth across peers200Cluster upgrades, backup and restore201Clustering and Presence201Clustering and Cisco TMS202About the Cluster Subzone202Neighboring between VCS clusters203Troubleshooting cluster replication problems204Dial plan and call processing205Call routing process206Configuring hop counts208Configuring dial plan settings209About the fallback alias209About transforms and search rules210About pre-search transforms210Configuring pre-search transforms211Search and zone transform process212Configuring search rules213Example searches and transforms216Filter queries to a zone without transforming216Always query a zone with original alias (no transforms)217Query a zone for a transformed alias217Query a zone for original and transformed alias218Query a zone for two or more transformed aliases219Stripping @domain for dialing to H.323 numbers220Transforms for alphanumeric H.323 ID dial strings222Allowing calls to IP addresses only if they come from known zones224Configuring search rules to use an external service225About Call Policy228Configuring Call Policy228Configuring Call Policy rules using the web interface229Configuring Call Policy using a CPL script229Configuring Call Policy to use an external service231Supported address formats233Dialing by IP address233Dialing by H.323 ID or E.164 alias233Dialing by H.323 or SIP URI233Dialing by ENUM234Dialing by IP address235About URI dialing237URI dialing without DNS237URI dialing via DNS238URI resolution process using DNS238URI dialing via DNS for outgoing calls239URI dialing via DNS for incoming calls241URI dialing and firewall traversal243About ENUM dialing245ENUM dialing process245Enabling ENUM dialing245ENUM dialing for outgoing calls246Configuring zones and search rules for ENUM dialing247ENUM dialing for incoming calls249Configuring DNS servers for ENUM and URI dialing251Configuring call routing and signaling252Identifying calls253Disconnecting calls254Bandwidth control255About bandwidth control256Configuring bandwidth controls257About downspeeding257About subzones258About the Traversal Subzone258Configuring the Default Subzone260Configuring subzones260Configuring subzone membership rules261Applying bandwidth limitations to subzones263Links and pipes265Configuring links265Default links265Configuring pipes266Applying pipes to links267Bandwidth control examples268Applications270Configuring Conference Factory271Presence273Presence Server273Presence User Agent (PUA)274Configuring Presence275B2BUA (back-to-back user agent) overview278Configuring B2BUA TURN servers278Microsoft Lync B2BUA279FindMe™286End-user FindMe account configuration286How are devices specified?286FindMe process overview287Recommendations when deploying FindMe287Configuring FindMe287Cisco TMS provisioning290VCS Provisioning Server291Starter Pack provisioning293Configuring Starter Pack provisioning293User accounts294About user accounts295Account authentication295Account types295Configuring password security297Configuring administrator accounts298Viewing active administrator sessions299Login history300Configuring remote account authentication using LDAP301Checking the LDAP server connection status303Configuring administrator groups304Configuring FindMe groups306Configuring FindMe accounts307Configuring a FindMe account's principal devices309Active FindMe sessions309Resetting forgotten passwords310Changing an administrator account password via GUI310Resetting root or admin password via serial connection310Resetting root or admin password via vSphere310Resetting FindMe account passwords311Using the root account312Changing the root account password312Accessing the root account over SSH312Maintenance313Enabling SSH access314Enabling maintenance mode315About upgrading software components316Upgrading VCS software317Upgrading using secure copy (SCP/PSCP)318Configuring logging319Changing Event log verbosity319Logging media statistics320Publishing logs to remote syslog servers320Managing option keys322About security certificates324Managing the trusted CA certificate list324Managing the VCS's server certificate325Managing certificate revocation lists (CRLs)328Configuring certificate-based authentication330Testing client certificates332Testing secure traversal334Advanced security335Configuring advanced account security mode335Configuring FIPS140-2 cryptographic mode336Configuring language settings339Changing the language339Installing language packs339Removing language packs340Backing up and restoring VCS data341When to create a backup341Content of the backup file341Limitations341Creating a system backup341Restoring a previous backup342Diagnostics tools343Configuring diagnostic logging343Creating a system snapshot344Configuring Network Log levels345Configuring Support Log levels345Incident reporting346Incident reporting caution: privacy-protected personal data346Enabling automatic incident reporting346Sending incident reports manually347Viewing incident reports347Incident report details348Checking the effect of a pattern349Locating an alias350Port usage351Local inbound ports351Local outbound ports351Remote listening ports352Network utilities353Ping353Traceroute353Tracepath354DNS lookup354Restarting, rebooting and shutting down357Developer resources359Debugging and system administration tools359Experimental menu359Overview and status information360Status overview361System information363Ethernet status364IP status365Resource usage366Registration status368Call status370Disconnecting calls371B2BUA calls372Viewing B2BUA call media details372Search history373Search details374Local Zone status375Zone status376Bandwidth377Link status377Pipe status377Policy server status and resiliency378Viewing policy server status via the VCS378TURN relay usage379TURN relay summary379Unified Communications status380Presence381Presence publishers381Presence presentities381Presence subscribers382Lync B2BUA383Lync user status383Lync B2BUA status383TMS Provisioning Extension service status384Provisioning Server device requests status (Cisco TMSPE)384User records provided by Cisco TMSPE services385FindMe records provided by Cisco TMSPE services386Phone book records provided by Cisco TMSPE services386Provisioned devices387Checking provisioned data387Starter Pack Provisioning Server status388Managing alarms389Logs390Event Log390Configuration Log391Network Log392Hardware status394Reference material395Performance capabilities396About Event Log levels397Event Log format397Administrator and FindMe user events398Message details field398Events and levels400CPL reference406CPL address-switch node406otherwise408not-present408location408rule-switch409proxy410reject410Unsupported CPL elements410CPL examples411LDAP server configuration for device authentication417Downloading the H.350 schemas417Configuring a Microsoft Active Directory LDAP server417Configuring an OpenLDAP server419DNS configuration examples423Verifying the SRV record423Microsoft DNS server423BIND 8 & 9423Changing the default SSH key425Restoring default configuration (factory reset)426Prerequisite files426Performing a reset to default configuration426Resetting via USB stick427Password encryption428Pattern matching variables429Port reference431Local VCS inbound/outbound ports431Remote listening ports435Mobile and remote access port reference437Microsoft Lync B2BUA port reference439Device authentication port reference441H.350 directory service441Active Directory (direct)441Regular expressions442Supported characters444Call types and licensing445Call types445What are traversal calls?445Alarms447Command reference — xConfiguration464Command reference — xCommand514Command reference — xStatus533External policy overview535Using an external policy server535External policy request parameters536Default CPL for policy services537Flash status word reference table538Supported RFCs539Software version history541X8.5541Feature previews541Single sign-on over MRA541Improved line-side capabilities542Multiple deployments for partitioning mobile and remote access to Unified Com...543Serviceability improvements543Other changes544X8.2545X8.1.1547X8.1547X7.2.1552X7.2552X7.1555X7556Related documentation559Legal notices561Intellectual property rights561Copyright notice561Patent information562Size: 8.62 MBPages: 563Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction12About the Cisco TelePresence Video Communication Server (VCS)13VCS base applications14Standard features14Optional features15Appliance and virtual machine options17About this guide18Related documentation18Training18Glossary18Accessibility notice18Using the web interface19Using the command line interface (CLI)20Web page features and layout21What’s new in this version?23Changes in X8.5.223Network and system settings26Network settings27Configuring Ethernet settings27Configuring IP settings27Configuring DNS settings29Configuring Quality of Service settings31Static routes31Intrusion protection33Configuring firewall rules33Current active firewall rules35Configuring automated intrusion protection35Network services39Configuring system name and access settings39Configuring SNMP settings43Configuring time settings45Configuring the Login page46Configuring external manager settings48Configuring TMS Provisioning Extension services49Firewall traversal52About firewall traversal53The Expressway solution53How does it work?53Endpoint traversal technology requirements54H.323 firewall traversal protocols54SIP firewall traversal protocols54Media demultiplexing54Firewall traversal configuration overview56Configuring a traversal client and server58Configuring ports for firewall traversal59Configuring the firewall59Configuring traversal server ports59Configuring ports for connections from traversal clients60Firewall traversal and authentication63Authentication and NTP63Configuring Expressway and traversal endpoint communications64About ICE and TURN services65About ICE65About TURN65Configuring TURN services66Unified Communications69Unified Communications prerequisites70Configuring a secure traversal zone connection for Unified Communications70Server certificate requirements for Unified Communications72Mobile and remote access75Mobile and remote access overview75Configuring mobile and remote access on VCS76Using deployments to partition Unified Communications services82Single Sign-On (SSO) over the Collaboration Edge84Checking the status of Unified Communications services89Mobile and remote access port reference89External XMPP federation92Deploying VCS for external XMPP federation92Configuring VCS for external XMPP federation93DNS SRV records for XMPP federation97Port usage for XMPP federation98Checking XMPP federation status99Troubleshooting external XMPP federation99Cisco Jabber Guest103Jabber Guest services overview103Jabber Guest signaling and media flows in single-NIC deployment103Jabber Guest licensing and call capacity106Configuring Jabber Guest services on VCS106Configuring your firewall for Jabber Guest traffic110Troubleshooting Jabber Guest services on VCS112Protocols113About H.323114Using the VCS as an H.323 gatekeeper114H.323 endpoint registration114Configuring H.323115About SIP117VCS as a SIP registrar117VCS as a SIP proxy server118Proxying registration requests119VCS as a SIP Presence Server119Configuring SIP120SIP functionality and SIP-specific transport modes and ports120Certificate revocation checking modes121Registration controls121Authentication controls123Configuring domains124Configuring the supported services for Unified Communications (VCS Control only)124Configuring delegated credential checking (VCS Expressway only)124Configuring SIP and H.323 interworking126Registration control128About registrations129Finding a VCS with which to register129Registrations on a VCS Expressway129MCU, gateway and Content Server registration130Configuring registration restriction policy130Registering aliases130About Allow and Deny Lists133Configuring the registration Allow List133Configuring the registration Deny List134Configuring Registration Policy to use an external service135Device authentication137About device authentication138Configuring VCS authentication policy139Controlling system behavior for authenticated and non-authenticated devices140Authentication policy configuration options141SIP authentication trust144Configuring delegated credential checking (SIP only)145Device provisioning and authentication policy148Presence and authentication policy150Hierarchical dial plans and authentication policy151Practical configuration of authentication policy152Configuring VCS authentication methods152Configuring authentication to use the local database155Using an H.350 directory service lookup via LDAP156Using Active Directory database (direct)159Configuring the connection to Active Directory Service (ADS)160Authenticating with external systems165Zones and neighbors166About your video communications network167Structuring your dial plan168Flat dial plan168Structured dial plan168Hierarchical dial plan168About zones170Configuring media encryption policy171Configuring the B2BUA for media encryption171Configuring ICE messaging support172About the Local Zone and subzones173The Default Zone174Configuring the Default Zone174Configuring Default Zone access rules175Configuring zones176Configuring neighbor zones176Configuring traversal client zones179Configuring traversal server zones181Configuring ENUM zones184Configuring DNS zones185Zone configuration: advanced settings186Zone configuration: pre-configured profile settings189TLS certificate verification of neighbor systems190Configuring a zone for incoming calls only191Clustering and peers192About clusters193License usage within a cluster195Managing clusters and peers197Setting up a cluster197Maintaining a cluster198Specifying peer-specific items in clustered systems199Sharing registrations across peers201Sharing bandwidth across peers201Cluster upgrades, backup and restore202Clustering and Presence202Clustering and Cisco TMS203About the Cluster Subzone203Neighboring between VCS clusters204Troubleshooting cluster replication problems205Dial plan and call processing206Call routing process207Configuring hop counts209Configuring dial plan settings210About the fallback alias210About transforms and search rules211About pre-search transforms211Configuring pre-search transforms212Search and zone transform process213Configuring search rules214Example searches and transforms217Filter queries to a zone without transforming217Always query a zone with original alias (no transforms)218Query a zone for a transformed alias218Query a zone for original and transformed alias219Query a zone for two or more transformed aliases220Stripping @domain for dialing to H.323 numbers221Transforms for alphanumeric H.323 ID dial strings223Allowing calls to IP addresses only if they come from known zones225Configuring search rules to use an external service226About Call Policy229Configuring Call Policy229Configuring Call Policy rules using the web interface230Configuring Call Policy using a CPL script230Configuring Call Policy to use an external service232Supported address formats234Dialing by IP address234Dialing by H.323 ID or E.164 alias234Dialing by H.323 or SIP URI234Dialing by ENUM235Dialing by IP address236About URI dialing238URI dialing without DNS238URI dialing via DNS239URI resolution process using DNS239URI dialing via DNS for outgoing calls240URI dialing via DNS for incoming calls242URI dialing and firewall traversal244About ENUM dialing246ENUM dialing process246Enabling ENUM dialing246ENUM dialing for outgoing calls247Configuring zones and search rules for ENUM dialing248ENUM dialing for incoming calls250Configuring DNS servers for ENUM and URI dialing252Configuring call routing and signaling253Identifying calls254Disconnecting calls255Bandwidth control256About bandwidth control257Configuring bandwidth controls258About downspeeding258About subzones259About the Traversal Subzone259Configuring the Default Subzone261Configuring subzones261Configuring subzone membership rules262Applying bandwidth limitations to subzones264Links and pipes266Configuring links266Default links266Configuring pipes267Applying pipes to links268Bandwidth control examples269Applications271Configuring Conference Factory272Presence274Presence Server274Presence User Agent (PUA)275Configuring Presence276B2BUA (back-to-back user agent) overview279Configuring B2BUA TURN servers279Microsoft Lync B2BUA280FindMe™287End-user FindMe account configuration287How are devices specified?287FindMe process overview288Recommendations when deploying FindMe288Configuring FindMe288Cisco TMS provisioning291VCS Provisioning Server292Starter Pack provisioning294Configuring Starter Pack provisioning294User accounts295About user accounts296Account authentication296Account types296Configuring password security298Configuring administrator accounts300Viewing active administrator sessions301Login history302Configuring remote account authentication using LDAP303Checking the LDAP server connection status305Configuring administrator groups306Configuring FindMe groups308Configuring FindMe accounts309Configuring a FindMe account's principal devices311Active FindMe sessions311Resetting forgotten passwords312Changing an administrator account password via GUI312Resetting root or admin password via serial connection312Resetting root or admin password via vSphere312Resetting FindMe account passwords313Using the root account314Changing the root account password314Accessing the root account over SSH314Managing SSO tokens315Maintenance316Enabling SSH access317Enabling maintenance mode318About upgrading software components319Upgrading VCS software320Upgrading using secure copy (SCP/PSCP)321Configuring logging322Changing Event log verbosity322Logging media statistics323Publishing logs to remote syslog servers323Managing option keys325About security certificates327Managing the trusted CA certificate list327Managing the VCS's server certificate328Managing certificate revocation lists (CRLs)331Configuring certificate-based authentication334Testing client certificates335Testing secure traversal337Advanced security338Configuring advanced account security mode338Configuring FIPS140-2 cryptographic mode339Configuring language settings342Changing the language342Installing language packs342Removing language packs343Backing up and restoring VCS data344When to create a backup344Content of the backup file344Limitations344Creating a system backup344Restoring a previous backup345Diagnostics tools346Configuring diagnostic logging346Creating a system snapshot347Configuring Network Log levels348Configuring Support Log levels348Incident reporting349Incident reporting caution: privacy-protected personal data349Enabling automatic incident reporting349Sending incident reports manually350Viewing incident reports350Incident report details351Checking the effect of a pattern352Locating an alias353Port usage354Local inbound ports354Local outbound ports354Remote listening ports355Network utilities356Ping356Traceroute356Tracepath357DNS lookup357Restarting, rebooting and shutting down360Developer resources362Debugging and system administration tools362Experimental menu362Overview and status information363Status overview364System information366Ethernet status367IP status368Resource usage369Registration status371Call status373Disconnecting calls374B2BUA calls375Viewing B2BUA call media details375Search history376Search details377Local Zone status378Zone status379Bandwidth380Link status380Pipe status380Policy server status and resiliency381Viewing policy server status via the VCS381TURN relay usage382TURN relay summary382Unified Communications status383Checking SSO statistics383Presence384Presence publishers384Presence presentities384Presence subscribers385Lync B2BUA386Lync user status386Lync B2BUA status386TMS Provisioning Extension service status387Provisioning Server device requests status (Cisco TMSPE)387User records provided by Cisco TMSPE services388FindMe records provided by Cisco TMSPE services389Phone book records provided by Cisco TMSPE services389Provisioned devices390Checking provisioned data390Starter Pack Provisioning Server status391Managing alarms392Logs393Event Log393Configuration Log394Network Log395Hardware status397Reference material398Performance capabilities399About Event Log levels400Event Log format400Administrator and FindMe user events401Message details field401Events and levels403CPL reference409CPL address-switch node409otherwise411not-present411location411rule-switch412proxy413reject413Unsupported CPL elements413CPL examples414LDAP server configuration for device authentication420Downloading the H.350 schemas420Configuring a Microsoft Active Directory LDAP server420Configuring an OpenLDAP server422DNS configuration examples426Verifying the SRV record426Microsoft DNS server426BIND 8 & 9426Changing the default SSH key428Restoring default configuration (factory reset)429Prerequisite files429Performing a reset to default configuration429Resetting via USB stick430Password encryption431Pattern matching variables432Port reference434Local VCS inbound/outbound ports434Remote listening ports438Mobile and remote access port reference440Microsoft Lync B2BUA port reference442Device authentication port reference444H.350 directory service444Active Directory (direct)444Regular expressions445Supported characters447Call types and licensing448Call types448What are traversal calls?448Alarms450Command reference — xConfiguration467Command reference — xCommand517Command reference — xStatus536External policy overview538Using an external policy server538External policy request parameters539Default CPL for policy services540Flash status word reference table541Supported RFCs542Software version history544X8.5.1544X8.5545Feature previews545Single sign-on over MRA545Improved line-side capabilities546Multiple deployments for partitioning mobile and remote access to Unified Com...547Serviceability improvements547Other changes548X8.2549X8.1.1551X8.1551X7.2.1556X7.2556X7.1559X7560Related documentation563Legal notices565Intellectual property rights565Copyright notice565Patent information566Size: 8.69 MBPages: 567Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction11About the Cisco TelePresence Video Communication Server (VCS)12VCS base applications13Standard features13Optional features14Appliance and virtual machine options16About this guide17Related documentation17Training17Glossary17Accessibility notice17Using the web interface18Using the command line interface (CLI)19Web page features and layout20What’s new in this version?22Feature previews22Improved line-side capabilities22Multiple deployments for partitioning mobile and remote access to Unified Com...22Serviceability improvements23Other changes24Network and system settings25Network settings26Configuring Ethernet settings26Configuring IP settings26Configuring DNS settings28Configuring Quality of Service settings30Static routes30Intrusion protection32Configuring firewall rules32Current active firewall rules34Configuring automated intrusion protection34Network services38Configuring system name and access settings38Configuring SNMP settings42Configuring time settings44Configuring the Login page45Configuring external manager settings47Configuring TMS Provisioning Extension services48Firewall traversal51About firewall traversal52The Expressway solution52How does it work?52Endpoint traversal technology requirements53H.323 firewall traversal protocols53SIP firewall traversal protocols53Media demultiplexing53Firewall traversal configuration overview55Configuring a traversal client and server57Configuring ports for firewall traversal58Configuring the firewall58Configuring traversal server ports58Configuring ports for connections from traversal clients59Firewall traversal and authentication62Authentication and NTP62Configuring Expressway and traversal endpoint communications63About ICE and TURN services64About ICE64About TURN64Configuring TURN services65Unified Communications68Unified Communications prerequisites69Configuring a secure traversal zone connection for Unified Communications69Server certificate requirements for Unified Communications71Mobile and remote access74Mobile and remote access overview74Configuring mobile and remote access on VCS75Using deployments to partition Unified Communications services81Single Sign-On (SSO) over the Collaboration Edge82Checking the status of Unified Communications services87Mobile and remote access port reference87External XMPP federation90Deploying VCS for external XMPP federation90Configuring VCS for external XMPP federation91DNS SRV records for XMPP federation95Port usage for XMPP federation96Checking XMPP federation status97Troubleshooting external XMPP federation97Cisco Jabber Guest101Jabber Guest services overview101Jabber Guest signaling and media flows in single-NIC deployment101Jabber Guest licensing and call capacity104Configuring Jabber Guest services on VCS104Configuring your firewall for Jabber Guest traffic108Troubleshooting Jabber Guest services on VCS110Protocols111About H.323112Using the VCS as an H.323 gatekeeper112H.323 endpoint registration112Configuring H.323113About SIP115VCS as a SIP registrar115VCS as a SIP proxy server116Proxying registration requests117VCS as a SIP Presence Server117Configuring SIP118SIP functionality and SIP-specific transport modes and ports118Certificate revocation checking modes119Registration controls119Authentication controls121Configuring domains122Configuring the supported services for Unified Communications (VCS Control only)122Configuring delegated credential checking (VCS Expressway only)122Configuring SIP and H.323 interworking124Registration control126About registrations127Finding a VCS with which to register127Registrations on a VCS Expressway127MCU, gateway and Content Server registration128Configuring registration restriction policy128Registering aliases128About Allow and Deny Lists131Configuring the registration Allow List131Configuring the registration Deny List132Configuring Registration Policy to use an external service133Device authentication135About device authentication136Configuring VCS authentication policy137Controlling system behavior for authenticated and non-authenticated devices138Authentication policy configuration options139SIP authentication trust142Configuring delegated credential checking (SIP only)143Device provisioning and authentication policy146Presence and authentication policy148Hierarchical dial plans and authentication policy149Practical configuration of authentication policy150Configuring VCS authentication methods150Configuring authentication to use the local database153Using an H.350 directory service lookup via LDAP154Using Active Directory database (direct)157Configuring the connection to Active Directory Service (ADS)158Authenticating with external systems163Zones and neighbors164About your video communications network165Structuring your dial plan166Flat dial plan166Structured dial plan166Hierarchical dial plan166About zones168Configuring media encryption policy169Configuring the B2BUA for media encryption169Configuring ICE messaging support170About the Local Zone and subzones171The Default Zone172Configuring the Default Zone172Configuring Default Zone access rules173Configuring zones174Configuring neighbor zones174Configuring traversal client zones177Configuring traversal server zones179Configuring ENUM zones182Configuring DNS zones183Zone configuration: advanced settings184Zone configuration: pre-configured profile settings187TLS certificate verification of neighbor systems188Configuring a zone for incoming calls only189Clustering and peers190About clusters191License usage within a cluster193Managing clusters and peers195Setting up a cluster195Maintaining a cluster196Specifying peer-specific items in clustered systems197Sharing registrations across peers199Sharing bandwidth across peers199Cluster upgrades, backup and restore200Clustering and Presence200Clustering and Cisco TMS201About the Cluster Subzone201Neighboring between VCS clusters202Troubleshooting cluster replication problems203Dial plan and call processing204Call routing process205Configuring hop counts207Configuring dial plan settings208About the fallback alias208About transforms and search rules209About pre-search transforms209Configuring pre-search transforms210Search and zone transform process211Configuring search rules212Example searches and transforms215Filter queries to a zone without transforming215Always query a zone with original alias (no transforms)216Query a zone for a transformed alias216Query a zone for original and transformed alias217Query a zone for two or more transformed aliases218Stripping @domain for dialing to H.323 numbers219Transforms for alphanumeric H.323 ID dial strings221Allowing calls to IP addresses only if they come from known zones223Configuring search rules to use an external service224About Call Policy227Configuring Call Policy227Configuring Call Policy rules using the web interface228Configuring Call Policy using a CPL script228Configuring Call Policy to use an external service230Supported address formats232Dialing by IP address232Dialing by H.323 ID or E.164 alias232Dialing by H.323 or SIP URI232Dialing by ENUM233Dialing by IP address234About URI dialing236URI dialing without DNS236URI dialing via DNS237URI resolution process using DNS237URI dialing via DNS for outgoing calls238URI dialing via DNS for incoming calls240URI dialing and firewall traversal242About ENUM dialing244ENUM dialing process244Enabling ENUM dialing244ENUM dialing for outgoing calls245Configuring zones and search rules for ENUM dialing246ENUM dialing for incoming calls248Configuring DNS servers for ENUM and URI dialing250Configuring call routing and signaling251Identifying calls252Disconnecting calls253Bandwidth control254About bandwidth control255Configuring bandwidth controls256About downspeeding256About subzones257About the Traversal Subzone257Configuring the Default Subzone259Configuring subzones259Configuring subzone membership rules260Applying bandwidth limitations to subzones262Links and pipes264Configuring links264Default links264Configuring pipes265Applying pipes to links266Bandwidth control examples267Applications269Configuring Conference Factory270Presence272Presence Server272Presence User Agent (PUA)273Configuring Presence274B2BUA (back-to-back user agent) overview277Configuring B2BUA TURN servers277Microsoft Lync B2BUA278FindMe™285End-user FindMe account configuration285How are devices specified?285FindMe process overview286Recommendations when deploying FindMe286Configuring FindMe286Cisco TMS provisioning289VCS Provisioning Server290Starter Pack provisioning292Configuring Starter Pack provisioning292User accounts293About user accounts294Account authentication294Account types294Configuring password security296Configuring administrator accounts297Viewing active administrator sessions298Login history299Configuring remote account authentication using LDAP300Checking the LDAP server connection status302Configuring administrator groups303Configuring FindMe groups305Configuring FindMe accounts306Configuring a FindMe account's principal devices308Active FindMe sessions308Resetting forgotten passwords309Changing an administrator account password via GUI309Resetting root or admin password via serial connection309Resetting root or admin password via vSphere309Resetting FindMe account passwords310Using the root account311Changing the root account password311Accessing the root account over SSH311Maintenance312Enabling SSH access313Enabling maintenance mode314About upgrading software components315Upgrading VCS software316Upgrading using secure copy (SCP/PSCP)317Configuring logging318Changing Event log verbosity318Logging media statistics319Publishing logs to remote syslog servers319Managing option keys321About security certificates323Managing the trusted CA certificate list323Managing the VCS's server certificate324Managing certificate revocation lists (CRLs)327Configuring certificate-based authentication329Testing client certificates331Testing secure traversal333Advanced security334Configuring advanced account security mode334Configuring FIPS140-2 cryptographic mode335Configuring language settings338Changing the language338Installing language packs338Removing language packs339Backing up and restoring VCS data340When to create a backup340Content of the backup file340Limitations340Creating a system backup340Restoring a previous backup341Diagnostics tools342Configuring diagnostic logging342Creating a system snapshot343Configuring Network Log levels344Configuring Support Log levels344Incident reporting345Incident reporting caution: privacy-protected personal data345Enabling automatic incident reporting345Sending incident reports manually346Viewing incident reports346Incident report details347Checking the effect of a pattern348Locating an alias349Port usage350Local inbound ports350Local outbound ports350Remote listening ports351Network utilities352Ping352Traceroute352Tracepath353DNS lookup353Restarting, rebooting and shutting down356Developer resources358Debugging and system administration tools358Experimental menu358Overview and status information359Status overview360System information362Ethernet status363IP status364Resource usage365Registration status367Call status369Disconnecting calls370B2BUA calls371Viewing B2BUA call media details371Search history372Search details373Local Zone status374Zone status375Bandwidth376Link status376Pipe status376Policy server status and resiliency377Viewing policy server status via the VCS377TURN relay usage378TURN relay summary378Unified Communications status379Presence380Presence publishers380Presence presentities380Presence subscribers381Lync B2BUA382Lync user status382Lync B2BUA status382TMS Provisioning Extension service status383Provisioning Server device requests status (Cisco TMSPE)383User records provided by Cisco TMSPE services384FindMe records provided by Cisco TMSPE services385Phone book records provided by Cisco TMSPE services385Provisioned devices386Checking provisioned data386Starter Pack Provisioning Server status387Managing alarms388Logs389Event Log389Configuration Log390Network Log391Hardware status393Reference material394Performance capabilities395About Event Log levels396Event Log format396Administrator and FindMe user events397Message details field397Events and levels399CPL reference405CPL address-switch node405otherwise407not-present407location407rule-switch408proxy409reject409Unsupported CPL elements409CPL examples410LDAP server configuration for device authentication416Downloading the H.350 schemas416Configuring a Microsoft Active Directory LDAP server416Configuring an OpenLDAP server418DNS configuration examples422Verifying the SRV record422Microsoft DNS server422BIND 8 & 9422Changing the default SSH key424Restoring default configuration (factory reset)425Prerequisite files425Performing a reset to default configuration425Resetting via USB stick426Password encryption427Pattern matching variables428Port reference430Local VCS inbound/outbound ports430Remote listening ports434Mobile and remote access port reference436Microsoft Lync B2BUA port reference438Device authentication port reference440H.350 directory service440Active Directory (direct)440Regular expressions441Supported characters443Call types and licensing444Call types444What are traversal calls?444Alarms446Command reference — xConfiguration463Command reference — xCommand513Command reference — xStatus532External policy overview534Using an external policy server534External policy request parameters535Default CPL for policy services536Flash status word reference table537Supported RFCs538Software version history540X8.2540X8.1.1542X8.1542X7.2.1547X7.2547X7.1550X7551Related documentation555Legal notices557Intellectual property rights557Copyright notice557Patent information558Size: 8.52 MBPages: 559Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction2About the Cisco TelePresence Video Communication Server (VCS)2VCS Base Applications4Standard Features4Optional Features5Appliance and Virtual Machine Options6About This Guide7Related Documentation7Training7Glossary7Accessibility Notice7Using the Web Interface8Using the Command Line Interface (CLI)9Web Page Features and Layout10What’s New in This Version?12Network and System Settings18Network Settings18Configuring Ethernet Settings18Configuring IP Settings18Configuring DNS Settings20Configuring Quality of Service Settings22Static Routes22Intrusion Protection23Configuring Firewall Rules23Current Active Firewall Rules25Configuring Automated Intrusion Protection25Network Services28Configuring System Name and Access Settings28Configuring SNMP Settings32Configuring Time Settings33Configuring the Login Page35Configuring External Manager Settings36Configuring TMS Provisioning Extension services36Firewall Traversal40About Firewall Traversal40The Expressway Solution40How Does it Work?40Endpoint Traversal Technology Requirements41H.323 Firewall Traversal Protocols41SIP Firewall Traversal Protocols41Media Demultiplexing41Firewall Traversal Configuration Overview42Configuring a Traversal Client and Server43Configuring Ports for Firewall Traversal44Configuring the Firewall45Configuring Traversal Server Ports45Configuring Ports for Connections From Traversal Clients45Firewall Traversal and Authentication48Authentication and NTP48Configuring Expressway and Traversal Endpoint Communications48About ICE and TURN Services49About ICE49About TURN49Configuring TURN Services50Unified Communications54Unified Communications Prerequisites54Configuring a Secure Traversal Zone Connection for Unified Communications54Server Certificate Requirements for Unified Communications56Mobile and Remote Access59Mobile and Remote Access Overview59Configuring Mobile and Remote Access on VCS60Using Deployments to Partition Unified Communications Services67Single Sign-On (SSO) over the Collaboration Edge68Checking the Status of Unified Communications Services73Mobile and Remote Access Port Reference73External XMPP Federation75Deploying VCS for External XMPP Federation75Configuring VCS for External XMPP Federation76DNS SRV Records for XMPP Federation82Port Usage for XMPP Federation83Checking XMPP Federation Status83Troubleshooting External XMPP Federation84Cisco Jabber Guest87Jabber Guest Services Overview87Jabber Guest Signaling and Media Flows in Single-NIC Deployment87Jabber Guest Licensing and Call Capacity90Configuring Jabber Guest Services on VCS90Configuring your Firewall for Jabber Guest Traffic94Troubleshooting Jabber Guest Services on VCS95Protocols98About H.32398Using the VCS as an H.323 Gatekeeper98H.323 Endpoint Registration98Configuring H.32399About SIP100VCS as a SIP Registrar100VCS as a SIP Proxy Server101Proxying Registration Requests102VCS as a SIP Presence Server102Configuring SIP103SIP Functionality and SIP-Specific Transport Modes and Ports103Certificate Revocation Checking Modes104Registration Controls104Authentication Controls106Advanced SIP Settings106Configuring Domains107Configuring the Supported Services for Unified Communications (VCS Control Only)107Configuring Delegated Credential Checking (VCS Expressway Only)107Configuring SIP and H.323 Interworking108Registration Control110About Registrations110Finding a VCS With Which to Register110Registrations on a VCS Expressway110MCU, Gateway and Content Server Registration111Configuring Registration Restriction Policy111Registering Aliases111About Allow and Deny Lists113Configuring the Registration Allow List113Configuring the Registration Deny List114Configuring Registration Policy to Use an External Service115Device Authentication118About Device Authentication118Configuring VCS Authentication Policy119Controlling System Behavior for Authenticated and Non-authenticated Devices120Authentication Policy Configuration Options121SIP Authentication Trust124Configuring Delegated Credential Checking (SIP Only)125Device Provisioning and Authentication Policy128Presence and Authentication Policy130Hierarchical Dial Plans and Authentication Policy131Practical Configuration of Authentication Policy132Configuring VCS Authentication Methods132Configuring Authentication to Use the Local Database135Using an H.350 Directory Service Lookup via LDAP136Using Active Directory Database (Direct)139Configuring the Connection to Active Directory Service (ADS)140Authenticating with External Systems145Zones and Neighbors146About your Video Communications Network146Structuring your Dial Plan147Flat Dial Plan147Structured Dial Plan147Hierarchical dial plan148About Zones148Configuring Media Encryption Policy149Configuring the B2BUA for Media Encryption150Configuring ICE Messaging Support150About the Local Zone and Subzones151The Default Zone152Configuring the Default Zone152Configuring Default Zone access rules153Configuring Zones153Configuring Neighbor Zones154Configuring Traversal Client Zones156Configuring Traversal Server Zones159Configuring ENUM Zones162Configuring DNS Zones162Zone Configuration: Advanced Settings163Zone Configuration: Pre-Configured Profile Settings167TLS Certificate Verification of Neighbor Systems167Configuring a Zone for Incoming Calls Only168Clustering and Peers170About Clusters170License Usage Within a Cluster172Managing Clusters and Peers173Setting Up a Cluster173Maintaining a Cluster174Specifying Peer-Specific Items in Clustered Systems175Sharing Registrations Across Peers176Sharing Bandwidth Across Peers177Cluster Upgrades, Backup and Restore177Clustering and Presence178Clustering and Cisco TMS178About the Cluster Subzone178Neighboring Between VCS Clusters179Troubleshooting cluster replication problems180Dial plan and call processing182Call Routing Process182Configuring Hop Counts184Configuring Dial Plan Settings185About the Fallback Alias185About Transforms and Search Rules186About Pre-Search Transforms187Configuring Pre-Search Transforms187Search and Zone Transform Process189Configuring Search Rules189Example Searches and Transforms192Filter Queries to a Zone Without Transforming192Always Query a Zone With Original Alias (No Transforms)193Query a Zone for a Transformed Alias193Query a Zone for Original and Transformed Alias194Query a Zone for Two or More Transformed Aliases194Stripping @domain for Dialing to H.323 Numbers196Transforms for Alphanumeric H.323 ID Dial Strings197Allowing Calls to IP Addresses Only if They Come From Known Zones199Configuring Search Rules to Use an External Service200About Call Policy203Configuring Call Policy203Configuring Call Policy Rules Using the Web Interface203Configuring Call Policy Using a CPL Script204Configuring Call Policy to Use an External Service205Supported Address Formats207Dialing by IP Address207Dialing by H.323 ID or E.164 Alias207Dialing by H.323 or SIP URI207Dialing by ENUM207Dialing by IP Address208About URI Dialing209URI Dialing Without DNS209URI Dialing With DNS210URI Resolution Process Using DNS210URI Dialing via DNS for Outgoing Calls211URI Dialing via DNS for Incoming Calls213URI Dialing and Firewall Traversal215About ENUM Dialing215ENUM Dialing Process215Enabling ENUM Dialing216ENUM Dialing for Outgoing Calls216Configuring Zones and Search Rules for ENUM Dialing217ENUM dialing for incoming calls219Configuring DNS Servers for ENUM and URI Dialing220Configuring Call Routing and Signaling220Identifying Calls221Disconnecting Calls222Bandwidth Control224About Bandwidth Control224Configuring Bandwidth Controls225About Downspeeding226About Subzones226About the Traversal Subzone226Configuring the Default Subzone228Configuring Subzones228Configuring Subzone Membership Rules229Applying Bandwidth Limitations to Subzones231Links and Pipes232Configuring Links232Default Links232Configuring Pipes233Applying Pipes to Links234Bandwidth Control Examples235Applications238Configuring Conference Factory239Presence241Presence Server241Presence User Agent (PUA)242Configuring Presence243B2BUA (Back-to-Back User Agent) Overview245Configuring B2BUA TURN Servers245Microsoft Lync B2BUA246FindMe™253End-User FindMe Account Configuration253How are Devices Specified?253FindMe Process Overview253Recommendations when Deploying FindMe254Configuring FindMe254Cisco TMS Provisioning257VCS Provisioning Server258Starter Pack Provisioning260Configuring Starter Pack Provisioning260Cloud Extensions and Connector Management260Connector Proxy261User Accounts264About User Accounts264Account Authentication264Account Types265Configuring Password Security266Configuring Administrator Accounts267Viewing Active Administrator Sessions268Login History269Configuring Remote Account Authentication Using LDAP269Checking the LDAP Server Connection Status272Configuring Administrator Groups273Configuring FindMe Groups274Configuring FindMe Accounts275Configuring a FindMe Account's Principal Devices277Active FindMe Sessions277Resetting Forgotten Passwords277Changing an Administrator Account Password via GUI277Resetting Root or Admin Password via Serial Connection278Resetting Root or Admin Password via vSphere278Resetting FindMe Account Passwords278Using the Root Account279Changing the Root Account Password279Accessing the Root Account Over SSH279Managing SSO tokens279Maintenance282Enabling SSH access282Enabling Maintenance Mode283About Upgrading Software Components283Upgrading VCS Software285Upgrading Using Secure Copy (SCP/PSCP)285Configuring Logging286Changing Event Log Verbosity286Logging Media Statistics287Call Detail Records (CDRs)288Publishing Logs to Remote Syslog Servers288Configure System Metrics Collection on VCS289Managing Option Keys290About Security Certificates291Managing the Trusted CA Certificate List292Managing the VCS's Server Certificate292Managing Certificate Revocation Lists (CRLs)295Configuring Certificate-Based Authentication297Testing Client Certificates299Testing Secure Traversal301Advanced Security301Configuring Advanced Account Security Mode301Configuring FIPS140-2 Cryptographic Mode302Configuring Language Settings304Changing the Language304Installing Language Packs305Removing Language Packs305Backing Up and Restoring VCS Data305When to Create a Backup306Content of the Backup File306Limitations306Creating a System Backup306Restoring a Previous Backup307Diagnostics Tools307Configuring Diagnostic Logging307Creating a System Snapshot309Configuring Network Log Levels309Configuring Support Log Levels309Incident Reporting310Incident Reporting Caution: Privacy-Protected Personal Data310Enabling Automatic Incident Reporting310Sending Incident Reports Manually311Viewing Incident Reports311Incident Report Details312Checking the Effect of a Pattern312Locating an Alias313Port Usage313Local Inbound Ports314Local Outbound Ports314Remote Listening Ports314Network Utilities315Ping315Traceroute315Tracepath316DNS Lookup316Restarting, Rebooting and Shutting Down317Developer Resources318Debugging and System Administration Tools319Experimental Menu319Overview and Status Information320Status Overview320System Information321Ethernet Status322IP Status323Resource Usage323Registration Status324Call Status326Disconnecting Calls327B2BUA Calls327Viewing B2BUA Call Media Details328Search History328Search Details329Local Zone Status329Zone Status329Bandwidth330Link Status330Pipe Status330Policy Server Status and Resiliency331Viewing Policy Server Status via the VCS331TURN Relay Usage332TURN Relay Summary332Unified Communications Status332Checking SSO Statistics333Presence333Presence Publishers333Presence Presentities333Presence Subscribers334Lync B2BUA334Lync User Status334Lync B2BUA Status335TMS Provisioning Extension Service Status335Provisioning Server Device Requests Status (Cisco TMSPE)335User Records Provided by Cisco TMSPE Services336FindMe Records Provided by Cisco TMSPE Services336Phone Book Records Provided by Cisco TMSPE Services337Provisioned Devices337Checking Provisioned Data338Starter Pack Provisioning Server Status338Managing Alarms338Logs339Event Log339Configuration Log341Network Log342Hardware Status343Reference Material344Performance Capabilities344About Event Log Levels346Event Log Format346Administrator and FindMe User Events347Message Details Field347Events and Levels349CPL Reference355CPL Address-Switch Node355Otherwise357Not-Present357Location357Rule-Switch358Proxy358Reject359Unsupported CPL Elements359CPL Examples359LDAP Server Configuration for Device Authentication365Downloading the H.350 Schemas365Configuring a Microsoft Active Directory LDAP Server365Configuring an OpenLDAP Server367DNS Configuration Examples370Verifying the SRV Record370Microsoft DNS Server370BIND 8 & 9370Changing the Default SSH Key371Restoring Default Configuration (Factory Reset)371Prerequisite Files371Performing a Reset to Default Configuration371Resetting via USB Stick372Password Encryption373Pattern Matching Variables374Port Reference375Local VCS Inbound/Outbound Ports375Remote Listening Ports380Mobile and Remote Access Port Reference380Microsoft Lync B2BUA Port Reference382Device Authentication Port Reference384H.350 Directory Service384Active Directory (Direct)384Regular expressions386Supported Characters388Call Types and Licensing389Call Types389License Bypass for Calls to Collaboration Meeting Rooms (CMRs)389What are Traversal Calls?389Alarms391Command Reference — xConfiguration408Command Reference — xCommand466Command Reference — xStatus490External Policy Overview491Using an External Policy Server492External Policy Request Parameters492Default CPL for Policy Services494Flash Status Word Reference Table495Supported RFCs495Software Version History498X8.5.3498X8.5.2499X8.5.1500X8.5501Feature previews501Single sign-on over MRA501Improved line-side capabilities502Multiple deployments for partitioning mobile and remote access to Unified Com...502Serviceability improvements503Other changes504X8.2504X8.1.1506X8.1506X7.2.1511X7.2511X7.1514X7514Related Documentation517Legal Notices519Intellectual Property Rights519Copyright Notice519Patent Information519Cisco Legal Information521Cisco Trademark521Size: 8.28 MBPages: 521Language: EnglishOpen manual
Maintenance ManualTable of ContentsPreface2Change History2Contents3Introduction8About the Cisco TelePresence Video Communication Server (VCS)8About This Guide14What’s New in This Version?19Network and System Settings20Network Settings20Intrusion Protection25Network Services30Configuring External Manager Settings38Configuring TMS Provisioning Extension services38Firewall Traversal42About Firewall Traversal42Configuring a Traversal Client and Server45Configuring Ports for Firewall Traversal46Firewall Traversal and Authentication50Configuring Expressway and Traversal Endpoint Communications50About ICE and TURN Services51Unified Communications56Unified Communications Prerequisites56Mobile and Remote Access61External XMPP Federation77Jabber Guest Services Overview89Protocols90About H.32390Configuring H.32391About SIP92Configuring SIP95Configuring Domains99Configuring SIP and H.323 Interworking100Registration Control102About Registrations102About Allow and Deny Lists105Configuring Registration Policy to Use an External Service107Device Authentication110About Device Authentication110Authenticating with External Systems136Zones and Neighbors138About your Video Communications Network138Structuring your Dial Plan139About Zones140Configuring Media Encryption Policy141Configuring ICE Messaging Support142About the Local Zone and Subzones143The Default Zone144Configuring Default Zone access rules145Configuring Zones145Clustering and Peers162About Clusters162License Usage Within a Cluster164Managing Clusters and Peers165Troubleshooting cluster replication problems172Dial Plan and Call Processing174Call Routing Process174Configuring Hop Counts176Configuring Dial Plan Settings177About Transforms and Search Rules178Example Searches and Transforms184Configuring Search Rules to Use an External Service192About Call Policy194Supported Address Formats198Dialing by IP Address199About URI Dialing200About ENUM Dialing207Configuring DNS Servers for ENUM and URI Dialing212Configuring Call Routing and Signaling212Identifying Calls213Disconnecting Calls214Bandwidth Control216About Bandwidth Control216Configuring Bandwidth Controls217About Subzones218Links and Pipes224Bandwidth Control Examples227Applications230Configuring Conference Factory231Presence233B2BUA (Back-to-Back User Agent) Overview237FindMe™246Cisco TMS Provisioning250Hybrid Services and Connector Management253User Accounts256About User Accounts256Configuring Password Security258Configuring Administrator Accounts259Configuring Remote Account Authentication Using LDAP261Configuring FindMe Accounts267Resetting Forgotten Passwords269Using the Root Account271Managing SSO tokens271Maintenance274Enabling SSH access274Enabling Maintenance Mode275About Upgrading Software Components275Configuring Logging278Managing Option Keys282About Security Certificates284Advanced Security294Configuring Language Settings297Backing Up and Restoring VCS Data298Diagnostics Tools300Incident Reporting302Checking the Effect of a Pattern305Locating an Alias305Port Usage306Network Utilities307Restarting, Rebooting and Shutting Down310Developer Resources311Overview and Status Information314Status Overview314System Information315Ethernet Status316IP Status317Resource Usage317Registration Status319Call Status320B2BUA Calls322Search History322Search Details323Local Zone Status324Zone Status324Bandwidth325Policy Server Status and Resiliency325TURN Relay Usage326Unified Communications Status327Presence327Lync B2BUA328TMS Provisioning Extension Service Status329Starter Pack Provisioning Server Status332Managing Alarms333Logs334Hardware Status337Reference Material338Performance Capabilities338About Event Log Levels340CPL Reference349LDAP Server Configuration for Device Authentication359DNS Configuration Examples364Changing the Default SSH Key365Restoring Default Configuration (Factory Reset)365Password Encryption367Pattern Matching Variables368Port Reference369Mobile and Remote Access Port Reference374Microsoft Lync B2BUA Port Reference376Device Authentication Port Reference378Regular expressions380Supported Characters382Call Types and Licensing383Alarms385Command Reference — xConfiguration402Command Reference — xCommand461Command Reference — xStatus485External Policy Overview486Flash Status Word Reference Table490Supported RFCs490Software Version History493Related Documentation519Legal Notices522Cisco Legal Information524Cisco Trademark524Size: 8.16 MBPages: 525Language: EnglishOpen manual
Maintenance ManualTable of ContentsPreface2Change History2Contents3Introduction17About the Cisco TelePresence Video Communication Server (VCS)17VCS Base Applications19Standard Features19Optional Features20Appliance and Virtual Machine Options21Software Versions Supported by Hardware Platforms22About This Guide23Related Documentation23Training23Glossary23Accessibility Notice23Using the Web Interface24Using the Command Line Interface (CLI)25Web Page Features and Layout26What’s New in This Version?28Network and System Settings29Network Settings29Configuring Ethernet Settings29Configuring IP Settings29Configuring DNS Settings31Configuring Quality of Service Settings33Static Routes33Intrusion Protection34Configuring Firewall Rules34Current Active Firewall Rules36Configuring Automated Intrusion Protection36Network Services39Configuring System Name and Access Settings39Configuring SNMP Settings43Configuring Time Settings44Configuring the Login Page46Configuring External Manager Settings47Configuring TMS Provisioning Extension services47Firewall Traversal51About Firewall Traversal51The Expressway Solution51How Does it Work?51Endpoint Traversal Technology Requirements52H.323 Firewall Traversal Protocols52SIP Firewall Traversal Protocols52Media Demultiplexing52Firewall Traversal Configuration Overview53Configuring a Traversal Client and Server54Configuring Ports for Firewall Traversal55Configuring the Firewall56Configuring Traversal Server Ports56Configuring Ports for Connections From Traversal Clients56Firewall Traversal and Authentication59Authentication and NTP59Configuring Expressway and Traversal Endpoint Communications59About ICE and TURN Services60About ICE60About TURN60Configuring TURN Services61Unified Communications65Unified Communications Prerequisites65Configuring a Secure Traversal Zone Connection for Unified Communications65Server Certificate Requirements for Unified Communications67Mobile and Remote Access70Mobile and Remote Access Overview70Configuring Mobile and Remote Access on VCS72Using Deployments to Partition Unified Communications Services77Single Sign-On (SSO) over the Collaboration Edge79Checking the Status of Unified Communications Services84Mobile and Remote Access Port Reference84External XMPP Federation86Deploying VCS for External XMPP Federation86Configuring VCS for External XMPP Federation87DNS SRV Records for XMPP Federation93Port Usage for XMPP Federation94Checking XMPP Federation Status94Troubleshooting External XMPP Federation95Jabber Guest Services Overview98Protocols99About H.32399Using the VCS as an H.323 Gatekeeper99H.323 Endpoint Registration99Configuring H.323100About SIP101VCS as a SIP Registrar102VCS as a SIP Proxy Server103Proxying Registration Requests103VCS as a SIP Presence Server104Configuring SIP104SIP Functionality and SIP-Specific Transport Modes and Ports104Certificate Revocation Checking Modes105Registration Controls106Authentication Controls108Advanced SIP Settings108Configuring Domains109Configuring the Supported Services for Unified Communications (VCS Control Only)109Configuring Delegated Credential Checking (VCS Expressway Only)109Configuring SIP and H.323 Interworking110Registration Control113About Registrations113Finding a VCS With Which to Register113Registrations on a VCS Expressway113MCU, Gateway and Content Server Registration114Configuring Registration Restriction Policy114Registering Aliases114About Allow and Deny Lists116Configuring the Registration Allow List116Configuring the Registration Deny List117Configuring Registration Policy to Use an External Service118Device Authentication121About Device Authentication121Configuring VCS Authentication Policy122Controlling System Behavior for Authenticated and Non-authenticated Devices123Authentication Policy Configuration Options124SIP Authentication Trust127Configuring Delegated Credential Checking (SIP Only)128Device Provisioning and Authentication Policy131Presence and Authentication Policy133Hierarchical Dial Plans and Authentication Policy134Practical Configuration of Authentication Policy135Configuring VCS Authentication Methods135Configuring Authentication to Use the Local Database138Using an H.350 Directory Service Lookup via LDAP139Using Active Directory Database (Direct)142Configuring the Connection to Active Directory Service (ADS)143Authenticating with External Systems147Zones and Neighbors149About your Video Communications Network149Structuring your Dial Plan150Flat Dial Plan150Structured Dial Plan150Hierarchical dial plan151About Zones151Configuring Media Encryption Policy152Configuring the B2BUA for Media Encryption153Configuring ICE Messaging Support153About the Local Zone and Subzones154The Default Zone155Configuring the Default Zone155Configuring Default Zone access rules156Configuring Zones157Configuring Neighbor Zones157Configuring Traversal Client Zones160Configuring Traversal Server Zones162Configuring ENUM Zones165Configuring DNS Zones166Zone Configuration: Advanced Settings168Zone Configuration: Pre-Configured Profile Settings171TLS Certificate Verification of Neighbor Systems172Configuring a Zone for Incoming Calls Only173Clustering and Peers175About Clusters175License Usage Within a Cluster177Managing Clusters and Peers178Setting Up a Cluster178Maintaining a Cluster179Peer-Specific Items in Clustered Systems181Sharing Registrations Across Peers182Sharing Bandwidth Across Peers183Cluster Upgrades, Backup and Restore183Clustering and Presence183Clustering and Cisco TMS184About the Cluster Subzone184Neighboring Between VCS Clusters185Troubleshooting cluster replication problems185Dial Plan and Call Processing187Call Routing Process187Configuring Hop Counts189Configuring Dial Plan Settings190About the Fallback Alias190About Transforms and Search Rules191About Pre-Search Transforms192Configuring Pre-Search Transforms192Search and Zone Transform Process194Configuring Search Rules194Example Searches and Transforms197Filter Queries to a Zone Without Transforming197Always Query a Zone With Original Alias (No Transforms)198Query a Zone for a Transformed Alias198Query a Zone for Original and Transformed Alias199Query a Zone for Two or More Transformed Aliases200Stripping @domain for Dialing to H.323 Numbers201Transforms for Alphanumeric H.323 ID Dial Strings203Allowing Calls to IP Addresses Only if They Come From Known Zones205Configuring Search Rules to Use an External Service205About Call Policy207Configuring Call Policy208Configuring Call Policy Rules Using the Web Interface208Configuring Call Policy Using a CPL Script209Configuring Call Policy to Use an External Service210Supported Address Formats211Dialing by IP Address212Dialing by H.323 ID or E.164 Alias212Dialing by H.323 or SIP URI212Dialing by ENUM212Dialing by IP Address212About URI Dialing213URI Dialing Without DNS214URI Dialing With DNS214URI Resolution Process Using DNS215URI Dialing via DNS for Outgoing Calls216URI Dialing via DNS for Incoming Calls218URI Dialing and Firewall Traversal220About ENUM Dialing220ENUM Dialing Process220Enabling ENUM Dialing221ENUM Dialing for Outgoing Calls221Configuring Zones and Search Rules for ENUM Dialing222ENUM dialing for incoming calls224Configuring DNS Servers for ENUM and URI Dialing225Configuring Call Routing and Signaling225Identifying Calls226Disconnecting Calls227Bandwidth Control229About Bandwidth Control229Configuring Bandwidth Controls230About Downspeeding231About Subzones231About the Traversal Subzone231Configuring the Default Subzone233Configuring Subzones234Configuring Subzone Membership Rules235Applying Bandwidth Limitations to Subzones236Links and Pipes237Configuring Links237Default Links238Configuring Pipes238Applying Pipes to Links239Bandwidth Control Examples240Applications243Configuring Conference Factory244Presence246Presence Server246Presence User Agent (PUA)247Configuring Presence248B2BUA (Back-to-Back User Agent) Overview250Configuring B2BUA TURN Servers250Microsoft Lync B2BUA251FindMe™259End-User FindMe Account Configuration259How are Devices Specified?259FindMe Process Overview259Recommendations when Deploying FindMe260Configuring FindMe260Cisco TMS Provisioning263VCS Provisioning Server264Starter Pack Provisioning266Configuring Starter Pack Provisioning266Hybrid Services and Connector Management266Connector Proxy267Collaboration Cloud CA Root Certificates on VCS Expressway268User Accounts269About User Accounts269Account Authentication269Account Types270Configuring Password Security271Configuring Administrator Accounts272Viewing Active Administrator Sessions274Login History274Configuring Remote Account Authentication Using LDAP274Checking the LDAP Server Connection Status277Configuring Administrator Groups278Configuring FindMe Groups279Configuring FindMe Accounts280Configuring a FindMe Account's Principal Devices282Active FindMe Sessions282Resetting Forgotten Passwords283Changing an Administrator Account Password via GUI283Resetting Root or Admin Password via Serial Connection283Resetting Root or Admin Password via vSphere283Resetting FindMe Account Passwords284Using the Root Account284Changing the Root Account Password284Accessing the Root Account Over SSH284Managing SSO tokens284Maintenance287Enabling SSH access287Enabling Maintenance Mode288About Upgrading Software Components288Upgrading VCS Software290Upgrading Using Secure Copy (SCP/PSCP)291Configuring Logging291Changing Event Log Verbosity291Logging Media Statistics292Call Detail Records (CDRs)293Publishing Logs to Remote Syslog Servers293Configure System Metrics Collection on VCS295Managing Option Keys295About Security Certificates297Managing the Trusted CA Certificate List297Managing the VCS's Server Certificate298Managing Certificate Revocation Lists (CRLs)301Configuring Certificate-Based Authentication303Testing Client Certificates305Testing Secure Traversal306Advanced Security307Configuring Advanced Account Security Mode307Configuring FIPS140-2 Cryptographic Mode308Configuring Language Settings310Changing the Language310Installing Language Packs310Removing Language Packs311Backing Up and Restoring VCS Data311When to Create a Backup311Content of the Backup File311Limitations312Creating a System Backup312Restoring a Previous Backup312Diagnostics Tools313Configuring Diagnostic Logging313Creating a System Snapshot314Configuring Network Log Levels315Configuring Support Log Levels315Incident Reporting315Incident Reporting Caution: Privacy-Protected Personal Data315Enabling Automatic Incident Reporting316Sending Incident Reports Manually316Viewing Incident Reports317Incident Report Details317Checking the Effect of a Pattern318Locating an Alias318Port Usage319Local Inbound Ports319Local Outbound Ports319Remote Listening Ports320Network Utilities320Ping320Traceroute320Tracepath321DNS Lookup321Restarting, Rebooting and Shutting Down323Developer Resources324Debugging and System Administration Tools324Experimental Menu324Overview and Status Information327Status Overview327System Information329Ethernet Status329IP Status330Resource Usage330Registration Status332Call Status333Disconnecting Calls335B2BUA Calls335Viewing B2BUA Call Media Details335Search History335Search Details336Local Zone Status337Zone Status337Bandwidth338Link Status338Pipe Status338Policy Server Status and Resiliency339Viewing Policy Server Status via the VCS339TURN Relay Usage339TURN Relay Summary340Unified Communications Status340Checking SSO Statistics341Presence341Presence Publishers341Presence Presentities341Presence Subscribers341Lync B2BUA342Lync User Status342Lync B2BUA Status342TMS Provisioning Extension Service Status343Provisioning Server Device Requests Status (Cisco TMSPE)343User Records Provided by Cisco TMSPE Services344FindMe Records Provided by Cisco TMSPE Services344Phone Book Records Provided by Cisco TMSPE Services345Provisioned Devices345Checking Provisioned Data346Starter Pack Provisioning Server Status346Managing Alarms346Logs347Event Log347Configuration Log349Network Log350Hardware Status350Reference Material353Performance Capabilities354About Event Log Levels355Event Log Format355Administrator and FindMe User Events356Message Details Field356Events and Levels358CPL Reference365CPL Address-Switch Node365Otherwise367Not-Present367Location367Rule-Switch368Proxy369Reject369Unsupported CPL Elements369CPL Examples370LDAP Server Configuration for Device Authentication375Downloading the H.350 Schemas375Configuring a Microsoft Active Directory LDAP Server375Configuring an OpenLDAP Server377DNS Configuration Examples380Verifying the SRV Record380Microsoft DNS Server380BIND 8 & 9380Changing the Default SSH Key381Restoring Default Configuration (Factory Reset)381Prerequisite Files381Performing a Reset to Default Configuration381Resetting via USB Stick382Password Encryption383Pattern Matching Variables384Port Reference385Local VCS Inbound/Outbound Ports385Remote Listening Ports390Mobile and Remote Access Port Reference391Microsoft Lync B2BUA Port Reference392Device Authentication Port Reference394H.350 Directory Service394Active Directory (Direct)394Regular expressions396Supported Characters398Call Types and Licensing399Call Types399License Bypass for Calls to Collaboration Meeting Rooms (CMRs)399What are Traversal Calls?399Alarms401Command Reference — xConfiguration419Command Reference — xCommand485Command Reference — xStatus511External Policy Overview512Using an External Policy Server513External Policy Request Parameters513Default CPL for Policy Services515Flash Status Word Reference Table516Supported RFCs516Software Version History519X8.7.1519X8.7519X8.6.1522X8.6522X8.5.3526X8.5.2527X8.5.1529X8.5529Feature previews529Single sign-on over MRA529Improved line-side capabilities530Multiple deployments for partitioning mobile and remote access to Unified Com...531Serviceability improvements532Other changes532X8.2533X8.1.1534X8.1535X7.2.1539X7.2539X7.1542X7543Related Documentation545Legal Notices548Intellectual Property Rights548Copyright Notice548Patent Information548Cisco Legal Information550Cisco Trademark550Size: 8.53 MBPages: 550Language: EnglishOpen manual
Maintenance ManualTable of ContentsIntroduction2About the Cisco TelePresence Video Communication Server (VCS)2VCS Base Applications4Standard Features4Optional Features5Appliance and Virtual Machine Options6Software Versions Supported by Hardware Platforms7About This Guide8Related Documentation8Training8Glossary8Accessibility Notice8Using the Web Interface9Using the Command Line Interface (CLI)10Web Page Features and Layout11What’s New in This Version?13Network and System Settings16Network Settings16Configuring Ethernet Settings16Configuring IP Settings16Configuring DNS Settings18Configuring Quality of Service Settings20Static Routes20Intrusion Protection21Configuring Firewall Rules21Current Active Firewall Rules23Configuring Automated Intrusion Protection23Network Services26Configuring System Name and Access Settings26Configuring SNMP Settings30Configuring Time Settings31Configuring the Login Page33Configuring External Manager Settings34Configuring TMS Provisioning Extension services34Firewall Traversal38About Firewall Traversal38The Expressway Solution38How Does it Work?38Endpoint Traversal Technology Requirements39H.323 Firewall Traversal Protocols39SIP Firewall Traversal Protocols39Media Demultiplexing39Firewall Traversal Configuration Overview40Configuring a Traversal Client and Server41Configuring Ports for Firewall Traversal42Configuring the Firewall43Configuring Traversal Server Ports43Configuring Ports for Connections From Traversal Clients43Firewall Traversal and Authentication46Authentication and NTP46Configuring Expressway and Traversal Endpoint Communications46About ICE and TURN Services47About ICE47About TURN47Configuring TURN Services48Unified Communications52Unified Communications Prerequisites52Configuring a Secure Traversal Zone Connection for Unified Communications52Server Certificate Requirements for Unified Communications54Mobile and Remote Access57Mobile and Remote Access Overview57Configuring Mobile and Remote Access on VCS59Using Deployments to Partition Unified Communications Services65Single Sign-On (SSO) over the Collaboration Edge66Checking the Status of Unified Communications Services71Mobile and Remote Access Port Reference71External XMPP Federation73Deploying VCS for External XMPP Federation73Configuring VCS for External XMPP Federation74DNS SRV Records for XMPP Federation80Port Usage for XMPP Federation81Checking XMPP Federation Status81Troubleshooting External XMPP Federation82Jabber Guest Services Overview85Information Scope85Protocols88About H.32388Using the VCS as an H.323 Gatekeeper88H.323 Endpoint Registration88Configuring H.32389About SIP90VCS as a SIP Registrar90VCS as a SIP Proxy Server91Proxying Registration Requests92VCS as a SIP Presence Server92Configuring SIP93SIP Functionality and SIP-Specific Transport Modes and Ports93Certificate Revocation Checking Modes94Registration Controls94Authentication Controls96Advanced SIP Settings96Configuring Domains97Configuring the Supported Services for Unified Communications (VCS Control Only)97Configuring Delegated Credential Checking (VCS Expressway Only)97Configuring SIP and H.323 Interworking98Registration Control100About Registrations100Finding a VCS With Which to Register100Registrations on a VCS Expressway100MCU, Gateway and Content Server Registration101Configuring Registration Restriction Policy101Registering Aliases101About Allow and Deny Lists103Configuring the Registration Allow List103Configuring the Registration Deny List104Configuring Registration Policy to Use an External Service105Device Authentication108About Device Authentication108Configuring VCS Authentication Policy109Controlling System Behavior for Authenticated and Non-authenticated Devices110Authentication Policy Configuration Options111SIP Authentication Trust114Configuring Delegated Credential Checking (SIP Only)115Device Provisioning and Authentication Policy118Presence and Authentication Policy120Hierarchical Dial Plans and Authentication Policy121Practical Configuration of Authentication Policy122Configuring VCS Authentication Methods122Configuring Authentication to Use the Local Database125Using an H.350 Directory Service Lookup via LDAP126Using Active Directory Database (Direct)129Configuring the Connection to Active Directory Service (ADS)130Authenticating with External Systems134Zones and Neighbors136About your Video Communications Network136Structuring your Dial Plan137Flat Dial Plan137Structured Dial Plan137Hierarchical dial plan138About Zones138Configuring Media Encryption Policy139Configuring the B2BUA for Media Encryption140Configuring ICE Messaging Support140About the Local Zone and Subzones141The Default Zone142Configuring the Default Zone142Configuring Default Zone access rules143Configuring Zones143Configuring Neighbor Zones144Configuring Traversal Client Zones146Configuring Traversal Server Zones149Configuring ENUM Zones152Configuring DNS Zones152Zone Configuration: Advanced Settings153Zone Configuration: Pre-Configured Profile Settings157TLS Certificate Verification of Neighbor Systems157Configuring a Zone for Incoming Calls Only158Clustering and Peers160About Clusters160License Usage Within a Cluster162Managing Clusters and Peers163Setting Up a Cluster163Maintaining a Cluster164Peer-Specific Items in Clustered Systems166Sharing Registrations Across Peers167Sharing Bandwidth Across Peers168Cluster Upgrades, Backup and Restore168Clustering and Presence168Clustering and Cisco TMS169About the Cluster Subzone169Neighboring Between VCS Clusters170Troubleshooting cluster replication problems170Dial Plan and Call Processing172Call Routing Process172Configuring Hop Counts174Configuring Dial Plan Settings175About the Fallback Alias175About Transforms and Search Rules176About Pre-Search Transforms177Configuring Pre-Search Transforms177Search and Zone Transform Process179Configuring Search Rules179Example Searches and Transforms182Filter Queries to a Zone Without Transforming182Always Query a Zone With Original Alias (No Transforms)183Query a Zone for a Transformed Alias183Query a Zone for Original and Transformed Alias184Query a Zone for Two or More Transformed Aliases184Stripping @domain for Dialing to H.323 Numbers186Transforms for Alphanumeric H.323 ID Dial Strings187Allowing Calls to IP Addresses Only if They Come From Known Zones189Configuring Search Rules to Use an External Service190About Call Policy192Configuring Call Policy193Configuring Call Policy Rules Using the Web Interface193Configuring Call Policy Using a CPL Script194Configuring Call Policy to Use an External Service195Supported Address Formats196Dialing by IP Address196Dialing by H.323 ID or E.164 Alias197Dialing by H.323 or SIP URI197Dialing by ENUM197Dialing by IP Address197About URI Dialing198URI Dialing Without DNS199URI Dialing With DNS199URI Resolution Process Using DNS200URI Dialing via DNS for Outgoing Calls201URI Dialing via DNS for Incoming Calls203URI Dialing and Firewall Traversal205About ENUM Dialing205ENUM Dialing Process205Enabling ENUM Dialing206ENUM Dialing for Outgoing Calls206Configuring Zones and Search Rules for ENUM Dialing207ENUM dialing for incoming calls209Configuring DNS Servers for ENUM and URI Dialing210Configuring Call Routing and Signaling210Identifying Calls211Disconnecting Calls212Bandwidth Control214About Bandwidth Control214Configuring Bandwidth Controls215About Downspeeding216About Subzones216About the Traversal Subzone216Configuring the Default Subzone218Configuring Subzones218Configuring Subzone Membership Rules219Applying Bandwidth Limitations to Subzones221Links and Pipes222Configuring Links222Default Links222Configuring Pipes223Applying Pipes to Links224Bandwidth Control Examples225Applications228Configuring Conference Factory229Presence231Presence Server231Presence User Agent (PUA)232Configuring Presence233B2BUA (Back-to-Back User Agent) Overview235Configuring B2BUA TURN Servers235Microsoft Lync B2BUA236FindMe™244End-User FindMe Account Configuration244How are Devices Specified?244FindMe Process Overview244Recommendations when Deploying FindMe245Configuring FindMe245Cisco TMS Provisioning248VCS Provisioning Server249Starter Pack Provisioning251Configuring Starter Pack Provisioning251Hybrid Services and Connector Management251Connector Proxy252Collaboration Cloud CA Root Certificates on VCS Expressway253User Accounts254About User Accounts254Account Authentication254Account Types255Configuring Password Security256Configuring Administrator Accounts257Viewing Active Administrator Sessions258Login History259Configuring Remote Account Authentication Using LDAP259Checking the LDAP Server Connection Status262Configuring Administrator Groups263Configuring FindMe Groups264Configuring FindMe Accounts265Configuring a FindMe Account's Principal Devices267Active FindMe Sessions267Resetting Forgotten Passwords267Changing an Administrator Account Password via GUI267Resetting Root or Admin Password via Serial Connection268Resetting Root or Admin Password via vSphere268Resetting FindMe Account Passwords268Using the Root Account269Changing the Root Account Password269Accessing the Root Account Over SSH269Managing SSO tokens269Maintenance272Enabling SSH access272Enabling Maintenance Mode273About Upgrading Software Components273Upgrading VCS Software275Upgrading Using Secure Copy (SCP/PSCP)275Configuring Logging276Changing Event Log Verbosity276Logging Media Statistics277Call Detail Records (CDRs)278Publishing Logs to Remote Syslog Servers278Configure System Metrics Collection on VCS280Managing Option Keys280About Security Certificates282Managing the Trusted CA Certificate List282Managing the VCS's Server Certificate283Managing Certificate Revocation Lists (CRLs)286Configuring Certificate-Based Authentication288Testing Client Certificates290Testing Secure Traversal291Advanced Security292Configuring Advanced Account Security Mode292Configuring FIPS140-2 Cryptographic Mode293Configuring Language Settings295Changing the Language295Installing Language Packs295Removing Language Packs296Backing Up and Restoring VCS Data296When to Create a Backup296Content of the Backup File296Limitations297Creating a System Backup297Restoring a Previous Backup297Diagnostics Tools298Configuring Diagnostic Logging298Creating a System Snapshot299Configuring Network Log Levels300Configuring Support Log Levels300Incident Reporting300Incident Reporting Caution: Privacy-Protected Personal Data300Enabling Automatic Incident Reporting301Sending Incident Reports Manually301Viewing Incident Reports302Incident Report Details302Checking the Effect of a Pattern303Locating an Alias303Port Usage304Local Inbound Ports304Local Outbound Ports304Remote Listening Ports305Network Utilities305Ping305Traceroute305Tracepath306DNS Lookup306Restarting, Rebooting and Shutting Down308Developer Resources309Debugging and System Administration Tools309Experimental Menu309Overview and Status Information312Status Overview312System Information313Ethernet Status314IP Status315Resource Usage315Registration Status317Call Status318Disconnecting Calls320B2BUA Calls320Viewing B2BUA Call Media Details320Search History320Search Details321Local Zone Status322Zone Status322Bandwidth323Link Status323Pipe Status323Policy Server Status and Resiliency323Viewing Policy Server Status via the VCS324TURN Relay Usage324TURN Relay Summary324Unified Communications Status325Checking SSO Statistics325Presence325Presence Publishers325Presence Presentities326Presence Subscribers326Lync B2BUA326Lync User Status326Lync B2BUA Status327TMS Provisioning Extension Service Status327Provisioning Server Device Requests Status (Cisco TMSPE)328User Records Provided by Cisco TMSPE Services328FindMe Records Provided by Cisco TMSPE Services329Phone Book Records Provided by Cisco TMSPE Services329Provisioned Devices330Checking Provisioned Data330Starter Pack Provisioning Server Status330Managing Alarms331Logs332Event Log332Configuration Log334Network Log334Hardware Status335Reference Material336Performance Capabilities336About Event Log Levels338Event Log Format338Administrator and FindMe User Events339Message Details Field339Events and Levels341CPL Reference347CPL Address-Switch Node347Otherwise349Not-Present349Location349Rule-Switch350Proxy350Reject351Unsupported CPL Elements351CPL Examples351LDAP Server Configuration for Device Authentication357Downloading the H.350 Schemas357Configuring a Microsoft Active Directory LDAP Server357Configuring an OpenLDAP Server359DNS Configuration Examples362Verifying the SRV Record362Microsoft DNS Server362BIND 8 & 9362Changing the Default SSH Key363Restoring Default Configuration (Factory Reset)363Prerequisite Files363Performing a Reset to Default Configuration363Resetting via USB Stick364Password Encryption365Pattern Matching Variables366Port Reference367Local VCS Inbound/Outbound Ports367Remote Listening Ports372Mobile and Remote Access Port Reference372Microsoft Lync B2BUA Port Reference374Device Authentication Port Reference376H.350 Directory Service376Active Directory (Direct)376Regular expressions378Supported Characters380Call Types and Licensing381Call Types381License Bypass for Calls to Collaboration Meeting Rooms (CMRs)381What are Traversal Calls?381Alarms383Command Reference — xConfiguration400Command Reference — xCommand459Command Reference — xStatus483External Policy Overview484Using an External Policy Server485External Policy Request Parameters485Default CPL for Policy Services487Flash Status Word Reference Table488Supported RFCs488Software Version History491X8.6.1491X8.6491X8.5.3495X8.5.2496X8.5.1497X8.5498Feature previews498Single sign-on over MRA498Improved line-side capabilities499Multiple deployments for partitioning mobile and remote access to Unified Com...499Serviceability improvements500Other changes501X8.2501X8.1.1503X8.1503X7.2.1508X7.2508X7.1511X7511Related Documentation514Legal Notices517Intellectual Property Rights517Copyright Notice517Patent Information517Cisco Legal Information519Cisco Trademark519Size: 8.01 MBPages: 519Language: EnglishOpen manual
Maintenance ManualTable of ContentsPreface2Change History2Contents3Introduction8About the Cisco TelePresence Video Communication Server (VCS)8About This Guide15What’s New in This Version?21Service Setup Wizard: Choose Services26Service Setup Wizard: Apply Options and Licenses27Service Setup Wizard: Review Networking Configuration28Network and System Settings30Network Settings30Intrusion Protection35Network Services41Configuring External Manager Settings49Configuring TMS Provisioning Extension services50Firewall Traversal54About Firewall Traversal54Firewall Traversal Configuration Overview56Configuring a Traversal Client and Server57Configuring Ports for Firewall Traversal59Firewall Traversal and Authentication62Configuring Expressway and Traversal Endpoint Communications62About ICE and TURN Services63Configuring TURN Services64Unified Communications68Unified Communications Prerequisites68Mobile and Remote Access73External XMPP Federation91Jabber Guest Services Overview103Protocols106About H.323106Configuring H.323107About SIP108Configuring SIP111Configuring Domains115Configuring SIP and H.323 Interworking116Registration Control118About Registrations118About Allow and Deny Lists121Configuring Registration Policy to Use an External Service123Device Authentication126About Device Authentication126Authenticating with External Systems151Zones and Neighbors152About your Video Communications Network152Structuring your Dial Plan153About Zones154Configuring Media Encryption Policy155Configuring ICE Messaging Support156About the Local Zone and Subzones157The Default Zone158Configuring Default Zone access rules159Zone List160Clustering and Peers180About Clusters180License Usage Within a Cluster182Managing Clusters and Peers183Troubleshooting Cluster Replication Problems191Dial Plan and Call Processing194Call Routing Process194Configuring Hop Counts197Configuring Dial Plan Settings197About Transforms and Search Rules198Example Searches and Transforms204Configuring Search Rules to Use an External Service212About Call Policy214Supported Address Formats219Dialing by IP Address220About URI Dialing221About ENUM Dialing227Configuring DNS Servers for ENUM and URI Dialing232Configuring Call Routing and Signaling232Identifying Calls233Disconnecting Calls234Bandwidth Control236About Bandwidth Control236Configuring Bandwidth Controls237About Subzones238Links and Pipes244Bandwidth Control Examples247Applications250Configuring Conference Factory251Presence253B2BUA (Back-to-Back User Agent) Overview257FindMe™266Cisco TMS Provisioning270Hybrid Services and Connector Management273User Accounts276About User Accounts276Configuring Password Security278Configuring Administrator Accounts279Configuring Remote Account Authentication Using LDAP281Configuring FindMe Accounts287Resetting Forgotten Passwords289Using the Root Account291Managing SSO tokens291Maintenance294Enabling SSH access294Enabling Maintenance Mode295About Upgrading Software Components295Configuring Logging298Managing Option Keys302About Security Certificates303Advanced Security314Configuring Language Settings317Backing Up and Restoring VCS Data318Diagnostics Tools320Incident Reporting322Checking the Effect of a Pattern325Locating an Alias325Port Usage326Network Utilities327Restarting, Rebooting and Shutting Down330Developer Resources331Overview and Status Information334Status Overview334System Information335Ethernet Status336IP Status337Resource Usage337Registration Status339Call Status340B2BUA Calls342Search History342Search Details343Local Zone Status344Zone Status344Bandwidth345Policy Server Status and Resiliency345TURN Relay Usage346Unified Communications Status347Presence347Lync B2BUA349TMS Provisioning Extension Service Status349Starter Pack Provisioning Server Status353Managing Alarms353Logs354Hardware Status357Reference Material358About Event Log Levels359CPL Reference369LDAP Server Configuration for Device Authentication379DNS Configuration Examples384Changing the Default SSH Key385Restoring Default Configuration (Factory Reset)385Password Encryption387Pattern Matching Variables388Port Reference389Mobile and Remote Access Port Reference394Microsoft Interoperability Port Reference396Device Authentication Port Reference398Regular expressions399Supported Characters401Call Types and Licensing402Product Identifiers and Corresponding Keys403Allow List Rules File Reference405Allow List Tests File Reference406Alarms408Command Reference — xConfiguration426Command Reference — xCommand494Command Reference — xStatus526External Policy Overview527Flash Status Word Reference Table531Supported RFCs531Software Version History534Related Documentation561Legal Notices564Cisco Legal Information566Cisco Trademark566Size: 9.09 MBPages: 567Language: EnglishOpen manual
Maintenance ManualTable of ContentsPreface2Change History2Contents3Introduction8About the Cisco TelePresence Video Communication Server (VCS)8About This Guide15What’s New in This Version?21Service Setup Wizard: Choose Services25Service Setup Wizard: Apply Options and Licenses26Service Setup Wizard: Review Networking Configuration27Network and System Settings28Network Settings28Intrusion Protection33Network Services39Configuring External Manager Settings48Configuring TMS Provisioning Extension services48Firewall Traversal52About Firewall Traversal52Firewall Traversal Configuration Overview54Configuring a Traversal Client and Server55Configuring Ports for Firewall Traversal56Firewall Traversal and Authentication60Configuring Expressway and Traversal Endpoint Communications60About ICE and TURN Services61Configuring TURN Services62Unified Communications66Unified Communications Prerequisites66Mobile and Remote Access71External XMPP Federation89Jabber Guest Services Overview101Protocols102About H.323102Configuring H.323103About SIP104Configuring SIP107Configuring Domains111Configuring SIP and H.323 Interworking112Registration Control114About Registrations114About Allow and Deny Lists117Configuring Registration Policy to Use an External Service119Device Authentication122About Device Authentication122Authenticating with External Systems148Zones and Neighbors150About your Video Communications Network150Structuring your Dial Plan151About Zones152Configuring Media Encryption Policy153Configuring ICE Messaging Support154About the Local Zone and Subzones155The Default Zone156Configuring Default Zone access rules157Configuring Zones158Clustering and Peers178About Clusters178License Usage Within a Cluster180Managing Clusters and Peers181Troubleshooting Cluster Replication Problems189Dial Plan and Call Processing192Call Routing Process192Configuring Hop Counts195Configuring Dial Plan Settings195About Transforms and Search Rules196Example Searches and Transforms202Configuring Search Rules to Use an External Service211About Call Policy213Supported Address Formats217Dialing by IP Address218About URI Dialing219About ENUM Dialing226Configuring DNS Servers for ENUM and URI Dialing231Configuring Call Routing and Signaling231Identifying Calls232Disconnecting Calls233Bandwidth Control236About Bandwidth Control236Configuring Bandwidth Controls237About Subzones238Links and Pipes244Bandwidth Control Examples247Applications250Configuring Conference Factory251Presence253B2BUA (Back-to-Back User Agent) Overview257FindMe™266Cisco TMS Provisioning270Hybrid Services and Connector Management273User Accounts276About User Accounts276Configuring Password Security278Configuring Administrator Accounts279Configuring Remote Account Authentication Using LDAP281Configuring FindMe Accounts287Resetting Forgotten Passwords290Using the Root Account291Managing SSO tokens292Maintenance294Enabling SSH access294Enabling Maintenance Mode295About Upgrading Software Components295Configuring Logging298Managing Option Keys302About Security Certificates304Advanced Security314Configuring Language Settings317Backing Up and Restoring VCS Data319Diagnostics Tools320Incident Reporting323Checking the Effect of a Pattern325Locating an Alias326Port Usage326Network Utilities328Restarting, Rebooting and Shutting Down330Developer Resources331Overview and Status Information334Status Overview334System Information335Ethernet Status336IP Status337Resource Usage337Registration Status339Call Status340B2BUA Calls342Search History342Search Details343Local Zone Status344Zone Status344Bandwidth345Policy Server Status and Resiliency346TURN Relay Usage346Unified Communications Status347Presence348Lync B2BUA349TMS Provisioning Extension Service Status350Starter Pack Provisioning Server Status353Managing Alarms353Logs354Hardware Status357Reference Material360About Event Log Levels361CPL Reference371LDAP Server Configuration for Device Authentication381DNS Configuration Examples386Changing the Default SSH Key387Restoring Default Configuration (Factory Reset)387Password Encryption389Pattern Matching Variables390Port Reference391Mobile and Remote Access Port Reference396Microsoft Interoperability Port Reference398Device Authentication Port Reference400Regular expressions401Supported Characters403Call Types and Licensing404Product Identifiers and Corresponding Keys405Allow List Rules File Reference407Allow List Tests File Reference408Alarms410Command Reference — xConfiguration428Command Reference — xCommand497Command Reference — xStatus529External Policy Overview530Flash Status Word Reference Table534Supported RFCs534Software Version History537Related Documentation563Legal Notices567Cisco Legal Information569Cisco Trademark569Size: 9.08 MBPages: 569Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history4Introduction5Upgrading to VCS X6.15Upgrading to X6.1 from X5.0 or earlier5Device authentication: provisioning of Movi and other devices5Upgrades from release X5.2 or earlier to X6.15Cisco VCS Starter Pack Express6Cisco VCS upgrades where authentication is already enabled6Recommendations6Device authentication6CPL modifications6New features in X6.17New feature descriptions7Session management7Client certificate-based authentication7Automatic updating of CRLs (certificate revocation lists)7Cisco AM GW available on VCS Expressway7Movi ClearPath provisioning7Improved cluster set-up process7Presence configuration7Device authentication using Active Directory Service and NTLM for Movi endpoints7Microsoft Lync 2010 support8New features in X6.09New feature descriptions9Enhanced authentication policy9External policy services9Secure communication between cluster peers9View registrations and calls across a cluster9Client-initiated connection management9Starter Pack enhancements9User interface language packs10Enhanced online help10Cisco VCS unit LCD panel10Multiple external syslog servers10SNMPv3 support10Cisco Unity integration10Factory reset command10Changes and improvements10Web interface10Setting the Caller ID to the FindMe ID for authenticated aliases only11CPL11Resolved caveats12Resolved in X6.112Resolved in X6.012CUCM interoperability12Other13Known limitations14Polycom14Linksys14Sony14Firefox14Open caveats15Interoperability16Gatekeepers / traversal servers16Gateway interoperability16MCU interoperability17Streaming servers17PC video interoperability17Endpoint interoperability17Firewall interoperability18Updating to X6.119Prerequisites and software dependencies19Cisco VCS and Cisco TMS software dependency19Basic VCS X6.1 upgrade procedure19Upgrading from older releases20Checking for updates and getting help21References and related documents22Appendix A — Supplemental notes23AES encryption support23Network support23SIP RFCs23Getting the software24Initial installation24Layer 4 ports used24Size: 372 KBPages: 26Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history4Introduction5Upgrading to VCS X65Upgrading to X6 from X5.0 or earlier5Device authentication: provisioning of Movi and other devices5Cisco VCS or VCS cluster with TMS Agent provisioning on that Cisco VCS6Cisco VCS Expressway or VCS Expressway cluster with provisioning on a Cisco VCS Control6Cisco VCS Starter Pack Express6Cisco VCS upgrades where authentication is already enabled6Recommendations7Device authentication7CPL modifications7Cisco TMS and Cisco VCS connectivity issues7Traversal links between Cisco VCSs (Controls and Expressways)7New features in X6.08New feature descriptions8Enhanced authentication policy8External policy services8Secure communication between cluster peers8View registrations and calls across a cluster8Client-initiated connection management8Starter Pack enhancements8User interface language packs9Enhanced online help9Cisco VCS unit LCD panel9Multiple external syslog servers9SNMPv3 support9Cisco Unity integration9Factory reset command9Changes and improvements9Web interface9Setting the Caller ID to the FindMe ID for authenticated aliases only10CPL10Resolved caveats11Resolved in X6.011CUCM interoperability11Other11Known limitations13Polycom13Linksys13Sony13Open caveats14Interoperability16Gatekeepers / traversal servers16Gateway interoperability16MCU interoperability17Streaming servers17PC video interoperability17Endpoint interoperability17Firewall interoperability18Updating to X619Prerequisites and software dependencies19Cisco VCS and Cisco TMS software dependency19Basic VCS X6.n or later upgrade procedure19Upgrading from older releases20Checking for updates and getting help21References and related documents22Appendix A — Supplemental notes23AES encryption support23Network support23SIP RFCs23Getting the software24Initial installation24Layer 4 ports used24Size: 371 KBPages: 26Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history4Introduction5Deployments with FindMe and MCUs5Upgrading to VCS X7.0.n5Upgrading a non-clustered Cisco VCS to X7.0.n from X5.0 or earlier5Device authentication6Upgrades from release X5.2 or earlier to X7.0.n6Cisco VCS Starter Pack Express6Cisco VCS upgrades where authentication is already enabled6Recommendations6Device authentication6CPL modifications6Upgrading from X6.1 to X7.n6New features in X78X7.0.18X7.08Device authentication using an Active Directory Service for Movi endpoints configurable via web interface8Shared cluster licenses8Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync8Presence User Agent8Enhanced SIP registration expiry controls8Improved diagnostics9Diagnostic logging9Network utilities9Alarms (warnings)9GRUU (Globally Routable User Agent URI) support9Improved DNS subsystem9Improved NTP synchronization10TMS Agent database credentials included within local authentication database lookups10Other enhancements and usability improvements10Resolved caveats11Resolved in X7.0.111Resolved in X7.011Security-related issues11Other12Known limitations14Polycom14Lifesize14Cisco TelePresence Content Server14TANDBERG Gatekeeper15TANDBERG Border Controller15Firefox15Open caveats16Interoperability18Gatekeepers / traversal servers18Gateways18MCUs18Streaming servers18PC video18Endpoints19Known limitations20Updating to X7.0.n21Prerequisites and software dependencies21Cisco VCS and Cisco TMS software dependency21Basic Cisco VCS X7.0.n upgrade procedure21Upgrading from older releases22Getting help23References and related documents24Appendix A — Supplemental notes25AES encryption support25Hardware shutdown procedure25Network support25Restricting access to ISDN gateways (toll-fraud prevention)25SIP RFCs25Getting the software26Initial installation26Layer 4 ports used27Size: 392 KBPages: 29Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history4Introduction5Upgrading to VCS X7.0.n5Upgrading a non-clustered Cisco VCS to X7.0.n from X5.0 or earlier5Device authentication5Upgrades from release X5.2 or earlier to X7.0.n5Cisco VCS Starter Pack Express6Cisco VCS upgrades where authentication is already enabled6Recommendations6Device authentication6CPL modifications6Upgrading from X6.1 to X7.n6New features in X78X7.0.28X7.0.18X7.08Device authentication using an Active Directory Service for Movi endpoints configurable via web interface8Shared cluster licenses8Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync8Presence User Agent8Enhanced SIP registration expiry controls8Improved diagnostics9Diagnostic logging9Network utilities9Alarms (warnings)9GRUU (Globally Routable User Agent URI) support9Improved DNS subsystem10Improved NTP synchronization10TMS Agent database credentials included within local authentication database lookups10Other enhancements and usability improvements10Resolved caveats11Resolved in X7.0.211Resolved in X7.0.112Resolved in X7.012Security-related issues12Other13Known limitations15Polycom15Lifesize15Cisco TelePresence Content Server15TANDBERG Gatekeeper16TANDBERG Border Controller16Firefox16Open caveats17Interoperability21Gatekeepers / traversal servers21Gateways21IP PBXs21MCUs21Streaming servers21PC video22Endpoints22Known limitations23Updating to X7.0.n24Prerequisites and software dependencies24Cisco VCS and Cisco TMS software dependency24Basic Cisco VCS X7.0.n upgrade procedure24Upgrading from older releases25Getting help26References and related documents27Appendix A — Supplemental notes28AES encryption support28Hardware shutdown procedure28Network support28Restricting access to ISDN gateways (toll-fraud prevention)28SIP RFCs28Getting the software29Initial installation29Layer 4 ports used30Size: 438 KBPages: 32Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history4Introduction5Upgrading to VCS X7.0.n5Upgrading a non-clustered Cisco VCS to X7.0.n from X5.0 or earlier5Device authentication5Upgrades from release X5.2 or earlier to X7.0.n5Cisco VCS Starter Pack Express6Cisco VCS upgrades where authentication is already enabled6Recommendations6Device authentication6CPL modifications6Upgrading from X6.1 to X7.n6New features in X78X7.0.38X7.0.28X7.0.18X7.08Device authentication using an Active Directory Service for Movi endpoints configurable via web interface8Shared cluster licenses8Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync8Presence User Agent8Enhanced SIP registration expiry controls9Improved diagnostics9Diagnostic logging9Network utilities9Alarms (warnings)9GRUU (Globally Routable User Agent URI) support9Improved DNS subsystem10Improved NTP synchronization10TMS Agent database credentials included within local authentication database lookups10Other enhancements and usability improvements10Resolved caveats11Resolved in X7.0.311Resolved in X7.0.211Resolved in X7.0.112Resolved in X7.013Security-related issues13Other14Open caveats15Interoperability19Gatekeepers / traversal servers19Gateways19IP PBXs19MCUs19Streaming servers19PC video20Endpoints20Known limitations21Updating to X7.0.n23Prerequisites and software dependencies23Cisco VCS and Cisco TMS software dependency23Basic Cisco VCS X7.0.n upgrade procedure23Upgrading from older releases24Getting help25References and related documents26Appendix A — Supplemental notes27AES encryption support27Hardware shutdown procedure27Network support27Restricting access to ISDN gateways (toll-fraud prevention)27SIP RFCs27Getting the software28Initial installation28Layer 4 ports used29Size: 423 KBPages: 31Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history4Introduction5Upgrading to VCS X7.15TMS Provisioning Extension mode5Upgrading a non-clustered Cisco VCS to X7.n from X5.0 or earlier5Device authentication6Upgrades from release X5.2 or earlier to X7.n6TMS Provisioning Extension mode / Cisco VCS Starter Pack Express6Presence and device authentication6CPL modifications7Hierarchical dial plan (directory VCS) deployments7Upgrading from X6.1 to X7.n8New features in X79X7.19TMS Provisioning Extension support9Call processing9Virtual appliance support9Other enhancements and usability improvements9X7.0.39X7.0.210X7.0.110X7.010Device authentication using an Active Directory Service for Movi endpoints configurable via web interface10Shared cluster licenses10Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync10Presence User Agent10Enhanced SIP registration expiry controls10Improved diagnostics11Diagnostic logging11Network utilities11Alarms (warnings)11GRUU (Globally Routable User Agent URI) support11Improved DNS subsystem11Improved NTP synchronization12TMS Agent database credentials included within local authentication database lookups12Other enhancements and usability improvements12Resolved caveats13Resolved in X7.113Resolved in X7.0.316Resolved in X7.0.217Resolved in X7.0.118Resolved in X7.018Security-related issues18Other19Open caveats20Interoperability23Gatekeepers / traversal servers23Gateways23IP PBXs23MCUs23Streaming servers23PC video24Endpoints24Known limitations25Planned changes for future releases27Upgrading to X7.128Prerequisites and software dependencies28Cisco VCS and Cisco TMS software dependency28Basic Cisco VCS X7.1 upgrade procedure28Upgrading from older releases29Installing language packs30Getting help31References and related documents32Appendix A — Supplemental notes33AES encryption support33Hardware shutdown procedure33Network support33Restricting access to ISDN gateways (toll-fraud prevention)33SIP RFCs33Getting the software34Initial installation34Virtual Machine34Layer 4 ports used35Size: 492 KBPages: 37Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history5Introduction6Upgrading to VCS X7.2.n6After upgrading to X7.26TMS Provisioning Extension mode7Upgrading a non-clustered VCS to X7.n from X5.1, X5.1.1 or X5.27Upgrading a non-clustered VCS to X7.n from X5.0 or earlier7Device authentication7Upgrades from release X5.2 or earlier to X7.n7TMS Provisioning Extension mode / Cisco VCS Starter Pack Express8Presence and device authentication8CPL modifications8Hierarchical dial plan (directory VCS) deployments8Upgrading from X6.1 to X7.n9New features in X710X7.2.110X7.210Controlled SIP TLS connections to the Default Zone10Device authentication10Enhanced account security10System security enhancements11Zone and subzone media encryption policy11Call processing11Improved interworking flow control12Enhanced diagnostics12Other enhancements and usability improvements12Support for some xConfiguration commands removed13X7.113TMS Provisioning Extension support13Call processing13Virtual appliance support13Other enhancements and usability improvements13X7.0.314X7.0.214X7.0.114X7.014Device authentication using an Active Directory Service for Movi endpoints configurable via web interface14Shared cluster licenses14Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync15Presence User Agent15Enhanced SIP registration expiry controls15Improved diagnostics15Diagnostic logging15Network utilities15Alarms (warnings)16GRUU (Globally Routable User Agent URI) support16Improved DNS subsystem16Improved NTP synchronization16TMS Agent database credentials included within local authentication database lookups16Other enhancements and usability improvements16Resolved caveats18Resolved in X7.2.118Resolved in X7.219Resolved in X7.123Resolved in X7.0.327Resolved in X7.0.228Resolved in X7.0.128Resolved in X7.029Security-related issues29Other30Open caveats31Interoperability33Gatekeepers / traversal servers33Gateways33IP PBXs33Conferencing33Streaming servers33PC video34Endpoints34Known limitations35Planned changes for future releases36Upgrading to X7.2.n37Prerequisites and software dependencies37Cisco VCS and Cisco TMS software dependency37Basic Cisco VCS X7.2 upgrade procedure37Upgrading from older releases38Installing language packs39Using the Bug Search Tool40Getting help41References and related documents42Appendix A — Supplemental notes43AES encryption support43Hardware shutdown procedure43Network support43Restricting access to ISDN gateways (toll-fraud prevention)43RFCs43Getting the software45Initial installation45Virtual machine45Layer 4 ports used45Third-party software47Size: 628 KBPages: 48Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history5Introduction6Upgrading to VCS X7.2.n6After upgrading to X7.26TMS Provisioning Extension mode7Upgrading a non-clustered VCS to X7.n from X5.1, X5.1.1 or X5.27Upgrading a non-clustered VCS to X7.n from X5.0 or earlier7Device authentication7Upgrades from release X5.2 or earlier to X7.n7TMS Provisioning Extension mode / Cisco VCS Starter Pack Express8Presence and device authentication8CPL modifications8Hierarchical dial plan (directory VCS) deployments8Upgrading from X6.1 to X7.n9New features in X710X7.2.210X7.2.110X7.210Controlled SIP TLS connections to the Default Zone10Device authentication10Enhanced account security11System security enhancements11Zone and subzone media encryption policy11Call processing11Improved interworking flow control12Enhanced diagnostics12Other enhancements and usability improvements12Support for some xConfiguration commands removed13X7.113TMS Provisioning Extension support13Call processing13Virtual appliance support13Other enhancements and usability improvements14X7.0.314X7.0.214X7.0.114X7.014Device authentication using an Active Directory Service for Movi endpoints configurable via web interface14Shared cluster licenses14Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync15Presence User Agent15Enhanced SIP registration expiry controls15Improved diagnostics15Diagnostic logging15Network utilities15Alarms (warnings)16GRUU (Globally Routable User Agent URI) support16Improved DNS subsystem16Improved NTP synchronization16TMS Agent database credentials included within local authentication database lookups16Other enhancements and usability improvements16Resolved caveats18Resolved in X7.2.218Resolved in X7.2.119Resolved in X7.221Resolved in X7.125Resolved in X7.0.329Resolved in X7.0.229Resolved in X7.0.130Resolved in X7.030Security-related issues30Other32Open caveats33Interoperability35Gatekeepers / traversal servers35Gateways35IP PBXs35Conferencing35Streaming servers35PC video36Endpoints36Known limitations37Planned changes for future releases38Upgrading to X7.2.n39Prerequisites and software dependencies39Cisco VCS and Cisco TMS software dependency39Basic Cisco VCS X7.2 upgrade procedure39Upgrading from older releases40Installing language packs41Using the Bug Search Tool42Getting help43References and related documents44Appendix A — Supplemental notes45AES encryption support45Secure communications45Hardware shutdown procedure45Network support45Restricting access to ISDN gateways (toll-fraud prevention)45RFCs46Getting the software47Initial installation47Virtual machine47Layer 4 ports used48Third-party software49Size: 683 KBPages: 50Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history5Introduction6Upgrading to VCS X7.2.n6After upgrading to X7.26TMS Provisioning Extension mode7Upgrading a non-clustered VCS to X7.n from X5.1, X5.1.1 or X5.27Upgrading a non-clustered VCS to X7.n from X5.0 or earlier7Device authentication7Upgrades from release X5.2 or earlier to X7.n7TMS Provisioning Extension mode / Cisco VCS Starter Pack Express8Presence and device authentication8CPL modifications8Hierarchical dial plan (directory VCS) deployments8Upgrading from X6.1 to X7.n9New features in X710X7.2.310X7.2.210X7.2.110X7.210Controlled SIP TLS connections to the Default Zone10Device authentication10Enhanced account security11System security enhancements11Zone and subzone media encryption policy11Call processing12Improved interworking flow control12Enhanced diagnostics12Other enhancements and usability improvements12Support for some xConfiguration commands removed13X7.113TMS Provisioning Extension support13Call processing13Virtual appliance support14Other enhancements and usability improvements14X7.0.314X7.0.214X7.0.114X7.014Device authentication using an Active Directory Service for Movi endpoints configurable via web interface14Shared cluster licenses14Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync15Presence User Agent15Enhanced SIP registration expiry controls15Improved diagnostics15Diagnostic logging15Network utilities16Alarms (warnings)16GRUU (Globally Routable User Agent URI) support16Improved DNS subsystem16Improved NTP synchronization16TMS Agent database credentials included within local authentication database lookups16Other enhancements and usability improvements16Resolved caveats18Resolved in X7.2.318Resolved in X7.2.218Resolved in X7.2.120Resolved in X7.221Resolved in X7.125Resolved in X7.0.329Resolved in X7.0.229Resolved in X7.0.130Resolved in X7.031Security-related issues31Other32Open caveats33Interoperability35Gatekeepers / traversal servers35Gateways35IP PBXs35Conferencing35Streaming servers35PC video36Endpoints36Known limitations37Planned changes for future releases38Upgrading to X7.2.n39Prerequisites and software dependencies39Cisco VCS and Cisco TMS software dependency39Basic Cisco VCS X7.2 upgrade procedure39Upgrading from older releases40Installing language packs41Using the Bug Search Tool42Getting help43References and related documents44Appendix A — Supplemental notes45AES encryption support45Secure communications45Hardware shutdown procedure45Network support45Restricting access to ISDN gateways (toll-fraud prevention)45RFCs46Getting the software47Initial installation47Virtual machine47Layer 4 ports used48Third-party software49Size: 645 KBPages: 50Language: EnglishOpen manual
Release NotesTable of ContentsContents2Document revision history5Introduction6Upgrading to VCS X7.2.n6After upgrading to X7.26TMS Provisioning Extension mode7Upgrading a non-clustered VCS to X7.n from X5.1, X5.1.1 or X5.27Upgrading a non-clustered VCS to X7.n from X5.0 or earlier7Device authentication7Upgrades from release X5.2 or earlier to X7.n7TMS Provisioning Extension mode / Cisco VCS Starter Pack Express8Presence and device authentication8CPL modifications8Hierarchical dial plan (directory VCS) deployments8Upgrading from X6.1 to X7.n9New features in X710X7.2.410X7.2.310X7.2.210X7.2.110X7.210Controlled SIP TLS connections to the Default Zone10Device authentication10Enhanced account security11System security enhancements11Zone and subzone media encryption policy11Call processing12Improved interworking flow control12Enhanced diagnostics12Other enhancements and usability improvements12Support for some xConfiguration commands removed13X7.113TMS Provisioning Extension support13Call processing14Virtual appliance support14Other enhancements and usability improvements14X7.0.314X7.0.214X7.0.114X7.014Device authentication using an Active Directory Service for Movi endpoints configurable via web interface14Shared cluster licenses15Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync15Presence User Agent15Enhanced SIP registration expiry controls15Improved diagnostics15Diagnostic logging15Network utilities16Alarms (warnings)16GRUU (Globally Routable User Agent URI) support16Improved DNS subsystem16Improved NTP synchronization16TMS Agent database credentials included within local authentication database lookups16Other enhancements and usability improvements17Resolved caveats18Resolved in X7.2.418Resolved in X7.2.318Resolved in X7.2.218Resolved in X7.2.120Resolved in X7.222Resolved in X7.126Resolved in X7.0.329Resolved in X7.0.230Resolved in X7.0.131Resolved in X7.031Security-related issues31Other32Open caveats34Interoperability35Gatekeepers / traversal servers35Gateways35IP PBXs35Conferencing35Streaming servers35PC video36Endpoints36Known limitations37Planned changes for future releases38Upgrading to X7.2.n39Prerequisites and software dependencies39Cisco VCS and Cisco TMS software dependency39Basic Cisco VCS X7.2 upgrade procedure39Upgrading from older releases40Installing language packs41Using the Bug Search Tool42Getting help43References and related documents44Appendix A — Supplemental notes45AES encryption support45Secure communications45Hardware shutdown procedure45Network support45Restricting access to ISDN gateways (toll-fraud prevention)45RFCs46Getting the software47Initial installation47Virtual machine47Layer 4 ports used48Third-party software49Size: 1.02 MBPages: 50Language: EnglishOpen manual
Release NotesTable of ContentsDocument revision history5Introduction6Upgrading to VCS X7.26After upgrading to X7.26TMS Provisioning Extension mode7Upgrading a non-clustered VCS to X7.n from X5.1, X5.1.1 or X5.27Upgrading a non-clustered VCS to X7.n from X5.0 or earlier7Device authentication7Upgrades from release X5.2 or earlier to X7.n7TMS Provisioning Extension mode / Cisco VCS Starter Pack Express8Presence and device authentication8CPL modifications8Hierarchical dial plan (directory VCS) deployments8Upgrading from X6.1 to X7.n9New features in X710X7.210Controlled SIP TLS connections to the Default Zone10Device authentication10Enhanced account security10System security enhancements11Zone and subzone media encryption policy11Call processing11Improved interworking flow control11Enhanced diagnostics11Other enhancements and usability improvements12Support for some xConfiguration commands removed12X7.113TMS Provisioning Extension support13Call processing13Virtual appliance support13Other enhancements and usability improvements13X7.0.314X7.0.214X7.0.114X7.014Device authentication using an Active Directory Service for Movi endpoints configurable via web interface14Shared cluster licenses14Microsoft Edge Server support via B2BUA for Microsoft OCS/Lync14Presence User Agent15Enhanced SIP registration expiry controls15Improved diagnostics15Diagnostic logging15Network utilities15Alarms (warnings)15GRUU (Globally Routable User Agent URI) support16Improved DNS subsystem16Improved NTP synchronization16TMS Agent database credentials included within local authentication database lookups16Other enhancements and usability improvements16Resolved caveats17Resolved in X7.217Resolved in X7.121Resolved in X7.0.324Resolved in X7.0.225Resolved in X7.0.126Resolved in X7.026Security-related issues26Other27Open caveats29Interoperability31Gatekeepers / traversal servers31Gateways31IP PBXs31Conferencing31Streaming servers31PC video32Endpoints32Known limitations33Planned changes for future releases34Upgrading to X7.235Prerequisites and software dependencies35Cisco VCS and Cisco TMS software dependency35Basic Cisco VCS X7.2 upgrade procedure35Upgrading from older releases36Installing language packs37Using the Bug Search Tool38Getting help39References and related documents40Appendix A — Supplemental notes41AES encryption support41Hardware shutdown procedure41Network support41Restricting access to ISDN gateways (toll-fraud prevention)41RFCs41Getting the software43Initial installation43Virtual machine43Layer 4 ports used43Third-party software45Size: 612 KBPages: 46Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1Changes in X8.1.21Changes in X8.1.12New features in X8.12Resolved issues7Resolved in X8.1.27Resolved in X8.1.18Resolved in X8.19Open issues13Limitations13Unsupported features (general)13Unsupported Jabber features when using mobile and remote access13Unsupported features and limitations when using mobile and remote access14Supported clients when using mobile and remote access14Interoperability14Updating to X8.1.214Prerequisites and software dependencies14Existing TMS Agent (legacy mode) provisioning deployments14Existing OCS Relay deployments14Existing non-AES build installations15Firewall ports configuration changes15Upgrade instructions15Installing language packs16Port reference17Local VCS inbound/outbound ports18Remote listening ports21Additional information22Software filenames22Secure communications22Hardware shutdown procedure22Network support22Restricting access to ISDN gateways (toll-fraud prevention)22Supported RFCs22Initial installation24Virtual machine24Third-party software24Using the Bug Search Tool25Technical support25Document revision history25Size: 439 KBPages: 27Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1New features in X8.12Resolved issues7Resolved in X8.17Open issues11Limitations12Unsupported features (general)12Unsupported features and limitations when using mobile and remote access12Planned changes for future releases13Interoperability13Updating to X8.114Prerequisites and software dependencies14Existing TMS Agent (legacy mode) provisioning deployments14Existing OCS Relay deployments14Existing non-AES build installations14Firewall ports configuration changes14Upgrade instructions14Installing language packs16Port reference17Local VCS inbound/outbound ports17Remote listening ports19Additional information20Software filenames20Secure communications21Hardware shutdown procedure21Network support21Restricting access to ISDN gateways (toll-fraud prevention)21Supported RFCs21Initial installation23Virtual machine23Third-party software23Using the Bug Search Tool24Getting help24Document revision history24Size: 424 KBPages: 25Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1Changes in X8.2.12New features in X8.22Changes in X8.1.14New features in X8.14Resolved issues9Resolved in X8.2.19Resolved in X8.211Resolved in X8.1.112Resolved in X8.113Open issues17Limitations19Unsupported features (general)19Unsupported Jabber features when using mobile and remote access19Unsupported features and limitations when using mobile and remote access19Supported clients when using mobile and remote access20Interoperability20Updating to X8.2.120Prerequisites and software dependencies20Existing TMS Agent (legacy mode) provisioning deployments20Existing OCS Relay deployments20Existing non-AES build installations20Firewall ports configuration changes20Upgrade instructions21Installing language packs22Port reference23Local VCS inbound/outbound ports23Remote listening ports26Additional information27Software filenames27Secure communications27Hardware shutdown procedure28Network support28Restricting access to ISDN gateways (toll-fraud prevention)28Supported RFCs28Initial installation30Virtual machine30Third-party software30Using the Bug Search Tool30Technical support31Document revision history31Size: 506 KBPages: 32Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1Changes in X8.2.22Changes in X8.2.12New features in X8.22Changes in X8.1.14New features in X8.14Resolved issues9Resolved in X8.2.29Resolved in X8.2.19Resolved in X8.211Resolved in X8.1.112Resolved in X8.113Open issues17Limitations17Unsupported features (general)17Unsupported Jabber features when using mobile and remote access17Unsupported features and limitations when using mobile and remote access18Supported clients when using mobile and remote access18Interoperability18Updating to X8.2.218Prerequisites and software dependencies18Existing TMS Agent (legacy mode) provisioning deployments18Existing OCS Relay deployments18Existing non-AES build installations19Firewall ports configuration changes19Upgrade instructions19Installing language packs20Port reference21Local VCS inbound/outbound ports22Remote listening ports25Additional information26Software filenames26Secure communications26Hardware shutdown procedure26Network support26Restricting access to ISDN gateways (toll-fraud prevention)26Supported RFCs26Initial installation28Virtual machine28Third-party software28Using the Bug Search Tool29Technical support29Document revision history29Size: 491 KBPages: 31Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1New features in X8.22Changes in X8.1.14New features in X8.14Resolved issues9Resolved in X8.29Resolved in X8.1.110Resolved in X8.111Open issues15Limitations16Unsupported features (general)16Unsupported Jabber features when using mobile and remote access16Unsupported features and limitations when using mobile and remote access17Supported clients when using mobile and remote access17Interoperability17Updating to X8.217Prerequisites and software dependencies17Existing TMS Agent (legacy mode) provisioning deployments17Existing OCS Relay deployments17Existing non-AES build installations18Firewall ports configuration changes18Upgrade instructions18Installing language packs19Port reference20Local VCS inbound/outbound ports21Remote listening ports24Additional information25Software filenames25Secure communications25Hardware shutdown procedure25Network support25Restricting access to ISDN gateways (toll-fraud prevention)25Supported RFCs25Initial installation27Virtual machine27Third-party software27Using the Bug Search Tool28Technical support28Document revision history28Size: 472 KBPages: 30Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1X8.5.n Feature support history2Changes in X8.5.12Features in X8.5.n3Feature previews3Single sign-on over MRA3Improved line-side capabilities4Multiple deployments for partitioning mobile and remote access to Unified Com...5Serviceability improvements6Other changes6Open and Resolved Issues7Limitations7Unsupported features (general)7Unsupported endpoint features when using mobile and remote access7Unsupported VCS features and limitations when using mobile and remote access8Supported clients when using mobile and remote access9Interoperability9Updating to X8.5.19Prerequisites and software dependencies9Existing TMS Agent (legacy mode) provisioning deployments9Existing OCS Relay deployments9Existing non-AES build installations9Upgrade instructions9Installing language packs11Port reference12Local VCS inbound/outbound ports12Remote listening ports17Additional information18Software filenames18Secure communications18Hardware shutdown procedure18Network support18Restricting access to ISDN gateways (toll-fraud prevention)18Supported RFCs18Initial installation20Virtual machine20Third-party software21Using the Bug Search Tool21Technical support21Document revision history22Size: 524 KBPages: 23Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1X8.5.n Feature support history2Changes in X8.5.32Changes in X8.5.22Changes in X8.5.14Features in X8.5.n5Feature previews5Single sign-on over MRA5Improved line-side capabilities6Multiple deployments for partitioning mobile and remote access to Unified Com...7Serviceability improvements8Other changes8Open and Resolved Issues9Notable open issues9Limitations10Unsupported features (general)10Unsupported endpoint features when using mobile and remote access10Unsupported VCS features and limitations when using mobile and remote access11Supported clients when using mobile and remote access11Interoperability12Updating to X8.5.312Prerequisites and software dependencies12Existing TMS Agent (legacy mode) provisioning deployments12Existing OCS Relay deployments12Existing non-AES build installations12Upgrade instructions13Installing language packs14Port Reference15Local VCS Inbound/Outbound Ports15Remote Listening Ports20Additional information21Software filenames21Secure communications21Hardware shutdown procedure21Network support21Restricting access to ISDN gateways (toll-fraud prevention)21Supported RFCs21Initial installation23Virtual machine23Third-party software24Using the Bug Search Tool24Technical support24Document revision history25Size: 574 KBPages: 26Language: EnglishOpen manual
Release NotesTable of ContentsProduct documentation1New features in X8.52Feature previews2Improved line-side capabilities2Multiple deployments for partitioning mobile and remote access to Unified Com...2Serviceability improvements3Other changes4Changes in X8.2.24Changes in X8.2.14New features in X8.25Changes in X8.1.26Changes in X8.1.17New features in X8.17Open and Resolved Issues12Resolved in X8.2.212Resolved in X8.2.113Resolved in X8.215Resolved in X8.1.215Resolved in X8.1.115Resolved in X8.117Limitations20Unsupported features (general)20Unsupported endpoint features when using mobile and remote access20Unsupported VCS features and limitations when using mobile and remote access21Supported clients when using mobile and remote access21Interoperability21Updating to X8.522Prerequisites and software dependencies22Existing TMS Agent (legacy mode) provisioning deployments22Existing OCS Relay deployments22Existing non-AES build installations22Upgrade instructions22Installing language packs24Port reference25Local VCS inbound/outbound ports25Remote listening ports30Additional information31Software filenames31Secure communications31Hardware shutdown procedure31Network support31Restricting access to ISDN gateways (toll-fraud prevention)31Supported RFCs31Initial installation33Virtual machine33Third-party software34Using the Bug Search Tool34Technical support34Document revision history35Size: 655 KBPages: 36Language: EnglishOpen manual
Release NotesTable of ContentsProduct Documentation1Features in X8.6.11Support for Desktop Sharing from Lync2Cloud Extensions / Hybrid Services2License Bypass for Calls to Collaboration Meeting Rooms (CMRs)3New Codec Support4System Metrics Collection4MRA Support for New Endpoints4(Preview) Multiple Presence Domains / Multiple IM Address Domains via MRA5Updated Language Packs5Changes and Minor Enhancements5Open and Resolved Issues6Notable Issues in this Version6Limitations6Unsupported Features (General)6Unsupported Endpoint Features When Using Mobile and Remote Access7Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...7MRA Preview of Cisco IP Phone 78/8800 Series8Interoperability8Upgrade to X8.6.18Prerequisites and Software Dependencies8Existing TMS Agent (Legacy Mode) Provisioning Deployments8Existing OCS Relay Deployments8Existing Non-AES Build Installations8Upgrade Instructions8Install Language Packs10Use the Bug Search Tool11Obtain Documentation and Submit a Service Request11Document Revision History11Cisco Legal Information13Cisco Trademark13Size: 258 KBPages: 13Language: EnglishOpen manual
Release NotesTable of ContentsProduct Documentation1New Features in X8.61Support for Desktop Sharing from Lync2Cloud Extensions2License Bypass for Calls to Collaboration Meeting Rooms (CMRs)3New Codec Support4System Metrics Collection4MRA Support for New Endpoints4(Preview) Multiple Presence Domains / Multiple IM Address Domains via MRA5Updated Language Packs5Changes and Minor Enhancements5Open and Resolved issues6Notable Issues in this Version6Limitations6Unsupported Features (General)6Unsupported Endpoint Features When Using Mobile and Remote Access6Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...7Supported Clients When Using Mobile and Remote Access7MRA Support for New Endpoints8Interoperability8Upgrade to X8.68Prerequisites and Software Dependencies8Existing TMS Agent (Legacy Mode) Provisioning Deployments8Existing OCS Relay Deployments8Existing Non-AES Build Installations8Upgrade Instructions8Install Language Packs10Use the Bug Search Tool11Obtain Documentation and Submit a Service Request11Document revision history11Cisco Legal Information12Cisco Trademark12Size: 258 KBPages: 12Language: EnglishOpen manual
Release NotesTable of ContentsPreface1Change History1Supported Platforms1Product Documentation2Changes in X8.7.13New Features in X8.73Dial via Office-Reverse through MRA3Lync Screen Sharing Through a Gateway Cluster4Mobile and Remote Access with Cisco IP Phone 78/8800 Series4Hybrid Services and Expressway/VCS Rebranding5Hosting on VMWare vSphere 6.05Keyword Filter for Syslog Output5Changes and Minor Enhancements6Open and Resolved Issues6Notable Issues in this Version6Limitations7Unsupported Features (General)7Unsupported Endpoint Features When Using Mobile and Remote Access7Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...7Interoperability8Upgrading to X8.7.18Prerequisites and Software Dependencies8Hybrid Services8Existing TMS Agent (Legacy Mode) Provisioning Deployments8Existing OCS Relay Deployments8Existing Non-AES Build Installations8Upgrade Instructions9Using the Bug Search Tool10Obtaining Documentation and Submitting a Service Request11Cisco Legal Information12Cisco Trademark12Size: 165 KBPages: 12Language: EnglishOpen manual
Release NotesTable of ContentsPreface1Change History1Supported Platforms1Product Documentation2Changes in X8.7.23Changes in X8.7.13New Features in X8.73Dial via Office-Reverse through MRA4Lync Screen Sharing Through a Gateway Cluster4Mobile and Remote Access with Cisco IP Phone 78/8800 Series4Hybrid Services and Expressway/VCS Rebranding5Hosting on VMWare vSphere 6.05Keyword Filter for Syslog Output6Changes and Minor Enhancements6Open and Resolved Issues6Notable Issues in this Version6Limitations7Unsupported Features (General)7Unsupported Endpoint Features When Using Mobile and Remote Access7Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...8Interoperability8Upgrading to X8.7.28Prerequisites and Software Dependencies8Hybrid Services8Existing TMS Agent (Legacy Mode) Provisioning Deployments8Existing OCS Relay Deployments9Existing Non-AES Build Installations9Upgrade Instructions9Using the Bug Search Tool11Obtaining Documentation and Submitting a Service Request11Cisco Legal Information12Cisco Trademark12Size: 169 KBPages: 12Language: EnglishOpen manual
Release NotesTable of ContentsPreface1Change History1Supported Platforms2Product Documentation2Changes in X8.7.33Changes in X8.7.23Changes in X8.7.13New Features in X8.73Dial via Office-Reverse through MRA4Lync Screen Sharing Through a Gateway Cluster4Mobile and Remote Access with Cisco IP Phone 78/8800 Series5Hybrid Services and Expressway/VCS Rebranding5Hosting on VMWare vSphere 6.06Keyword Filter for Syslog Output6Changes and Minor Enhancements6Open and Resolved Issues7Notable Issues in this Version7Limitations7Unsupported Features (General)7Unsupported Endpoint Features When Using Mobile and Remote Access8Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...8Interoperability9Upgrading to X8.7.39Prerequisites and Software Dependencies9Hybrid Services9Existing TMS Agent (Legacy Mode) Provisioning Deployments9Existing OCS Relay Deployments9Existing Non-AES Build Installations9Upgrade Instructions10Using the Bug Search Tool11Obtaining Documentation and Submitting a Service Request12Cisco Legal Information13Cisco Trademark13Size: 183 KBPages: 13Language: EnglishOpen manual
Release NotesTable of ContentsSupported Platforms1Product Documentation2New Features in X8.72Dial via Office-Reverse through MRA2Lync Screen Sharing Through a Gateway Cluster3Mobile and Remote Access with Cisco IP Phone 78/8800 Series3Hybrid Services and Expressway/VCS Rebranding3Hosting on VMWare vSphere 6.04Keyword Filter for Syslog Output4Changes and Minor Enhancements4Open and Resolved Issues5Notable Issues in this Version5Limitations6Unsupported Features (General)6Unsupported Endpoint Features When Using Mobile and Remote Access6Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...6Interoperability7Upgrading to X8.77Prerequisites and Software Dependencies7Existing TMS Agent (Legacy Mode) Provisioning Deployments7Existing OCS Relay Deployments7Existing Non-AES Build Installations7Upgrade Instructions8Using the Bug Search Tool9Obtaining Documentation and Submitting a Service Request9Document Revision History10Cisco Legal Information11Cisco Trademark11Size: 152 KBPages: 11Language: EnglishOpen manual
Release NotesTable of ContentsPreface4Change History4Supported Platforms4Product Documentation5Changes in X8.8.16Features in X8.86Skype for Business 2016 and Skype for Business Mobile Support6Broker for Microsoft SIP Traffic7Multistream Support7Service Setup Wizard7MRA Allow List Improvements9API for Remote Configuration of MRA10Large VM CPU Reservation Reduced10Security Improvements10Changes and Minor Enhancements11Open and Resolved Issues12Notable Issues in this Version12Limitations12Unsupported Features (General)12Unsupported Endpoint Features When Using Mobile and Remote Access12Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...13Interoperability14Notable Interoperability Concerns14Upgrading to X8.8.115Prerequisites and Software Dependencies15Upgrade Instructions16Using the Bug Search Tool18Obtaining Documentation and Submitting a Service Request18Size: 360 KBPages: 19Language: EnglishOpen manual
Release NotesTable of ContentsPreface4Change History4Supported Platforms4Product Documentation5Changes in X8.8.26Changes in X8.8.16Features in X8.86Skype for Business 2016 and Skype for Business Mobile Support6Broker for Microsoft SIP Traffic7Multistream Support7Service Setup Wizard7MRA Allow List Improvements9API for Remote Configuration of MRA10Large VM CPU Reservation Reduced10Security Improvements10Changes and Minor Enhancements11Open and Resolved Issues12Notable Issues in this Version12Limitations12Unsupported Features (General)12Unsupported Endpoint Features When Using Mobile and Remote Access12Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...13Interoperability13Notable Interoperability Concerns13Upgrading to X8.8.215Prerequisites and Software Dependencies15Upgrade Instructions16Using Collaboration Solutions Analyzer18Using the Bug Search Tool19Obtaining Documentation and Submitting a Service Request19Size: 366 KBPages: 20Language: EnglishOpen manual
Release NotesTable of ContentsPreface5Change History5Supported Platforms5Product Documentation6Changes in X8.8.38Changes in X8.8.28Changes in X8.8.18Features in X8.88Skype for Business 2016 and Skype for Business Mobile Support9Broker for Microsoft SIP Traffic9Multistream Support9Service Setup Wizard10MRA Allow List Improvements11API for Remote Configuration of MRA12Large VM CPU Reservation Reduced12Security Improvements12Changes and Minor Enhancements13Open and Resolved Issues14Notable Issues in this Version14Limitations14Unsupported Features (General)14Unsupported Endpoint Features When Using Mobile and Remote Access14Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...15Interoperability15Notable Interoperability Concerns15Upgrading to X8.8.317Prerequisites and Software Dependencies17Upgrade Instructions18Using Collaboration Solutions Analyzer20Using the Bug Search Tool21Obtaining Documentation and Submitting a Service Request21Size: 384 KBPages: 22Language: EnglishOpen manual
Release NotesTable of ContentsPreface4Change History4Supported Platforms4Product Documentation5New Features in X8.86Skype for Business 2016 and Skype for Business Mobile Support6Broker for Microsoft SIP Traffic6Multistream Support7Service Setup Wizard7MRA Allow List Improvements8API for Remote Configuration of MRA9Large VM CPU Reservation Reduced9Security Improvements9Changes and Minor Enhancements10Open and Resolved Issues11Notable Issues in this Version11Limitations11Unsupported Features (General)11Unsupported Endpoint Features When Using Mobile and Remote Access12Unsupported Cisco VCS Features and Limitations When Using Mobile and Remote A...12Interoperability13Notable Interoperability Concerns13Upgrading to X8.814Prerequisites and Software Dependencies14Upgrade Instructions15Using the Bug Search Tool17Obtaining Documentation and Submitting a Service Request17Size: 357 KBPages: 18Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3Installing a VM4Recommended platform4Co-residency support4Installation process4Configuring the VM host4Deploying ova to host using vCenter5Deploying ova to host using vSphere client9Configuring the VM guest (vSphere clients)11Ordering and entering release and option keys13Taking and restoring snapshots14Creating a VMware snapshot14Restoring a VMware snapshot14Incremental VMware backups14Hardware references15Serial interface15Ethernet interfaces (NICs)15Allocating a virtual NIC to a physical NIC interface15Additional information17Upgrading a VM VCS17Clustering for resilience and capacity17Migrating from a physical appliance to a VM17Supported features17vMotion17SAN with Fibre interconnect17Unsupported features18VMware fault tolerant mode18Licensing18Appendix 1: Troubleshooting19Checking VMware compatibility19VMware checklist19Isolating a possible root cause19Possible issues20Analyzing the cause of VMware issues21Active Options only indicates '150 traversal calls' or '3750 registrations' f...21Restoring default configuration (factory reset)21Prerequisite files21Performing a reset to default configuration21Appendix 2: VM VCS activation process23Appendix 3: Deploying multiple datastores24Document revision history29Size: 750 KBPages: 30Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3About this document3About the Cisco VCS appliance3Related documents4Training4Glossary4Preparing to install5Environmental and power specifications5Unpacking the unit and preparing the installation5Locating serial numbers5Installing6Installing the unit in a rack6Inserting the SFPs6Connecting and powering on the unit6Configuring7Connecting to the Cisco VCS7Connecting via the serial port8Connecting via the KVM port9Configuring the Cisco VCS9Using the web interface10Using the Command Line Interface (CLI)10Changing the admin account password10Changing the root account password11Changing other system settings11Checking for updates and upgrading11Troubleshooting12Locating LEDs and components12Specific issues13Document revision history14Notices15Technical support15Accessibility notice15Size: 263 KBPages: 16Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3Installing a VM4Recommended platform4Co-residency support4Installation process4Configuring the VM host4Deploying ova to host using vCenter5Deploying ova to host using vSphere client9Configuring the VM guest (vSphere clients)11Ordering and entering release and option keys13Taking and restoring snapshots14Creating a VMware snapshot14Restoring a VMware snapshot14Incremental VMware backups14Hardware references15Serial interface15Ethernet interfaces (NICs)15Allocating a virtual NIC to a physical NIC interface15Additional information17Upgrading a VM VCS17Clustering for resilience and capacity17Migrating from a physical appliance to a VM17Supported features17vMotion17SAN with Fibre interconnect17Unsupported features18VMware fault tolerant mode18Licensing18Security hardening18Appendix 1: Troubleshooting19Checking VMware compatibility19VMware checklist19Isolating a possible root cause19Possible issues20Analyzing the cause of VMware issues21Active Options only indicates '150 traversal calls' or '3750 registrations' f...21Restoring default configuration (factory reset)21Prerequisite files21Performing a reset to default configuration21Appendix 2: VM VCS activation process23Appendix 3: Deploying multiple datastores24Document revision history29Size: 752 KBPages: 30Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction4Installing a VM5Recommended platform5Co-residency support5Installation process6Configuring the VM host6Deploying ova to host using vCenter6Deploying ova to host using vSphere client10Configuring the VM guest (vSphere clients)13Ordering and entering release and option keys14Taking and restoring snapshots15Creating a VMware snapshot15Restoring a VMware snapshot15Incremental VMware backups15Hardware references16Serial interface16Ethernet interfaces (NICs)16Allocating a virtual NIC to a physical NIC interface16Additional information18Upgrading a VM VCS18Clustering for resilience and capacity18Migrating from a physical appliance to a VM18Supported features18vMotion18SAN with Fibre interconnect18Unsupported features19VMware fault tolerant mode19Licensing19Security hardening19Appendix 1: Troubleshooting20Checking VMware compatibility20VMware checklist20Isolating a possible root cause20Possible issues21Analyzing the cause of VMware issues22Active Options only indicates '150 traversal calls' or '3750 registrations' f...22Restoring Default Configuration (Factory Reset)23Prerequisite Files23Performing a Reset to Default Configuration23Resetting your administrator password or root password24Appendix 2: VM VCS activation process25Appendix 3: Deploying multiple datastores26Document revision history31Size: 757 KBPages: 32Language: EnglishOpen manual
Installation GuideTable of ContentsPreface3Change History3Introduction5Installing a Virtual Machine5Recommended Platform5Co-residency Support6Installation Process6Configuring the VM Host6Deploying OVA to Host Using vCenter7Deploying OVA to Host Using vSphere Client11Configuring the VM Guest (vSphere Clients)14Ordering and Entering Release and Option Keys14Taking and Restoring Snapshots15Creating a VMware Snapshot15Restoring a VMware Snapshot16Incremental VMware Backups16Hardware References16Serial Interface16Ethernet Interfaces (NICs)16Allocating a Virtual NIC to a Physical NIC Interface16Additional Information18Upgrading a VM VCS18Clustering for Resilience and Capacity19Migrating from a Physical Appliance to a VM19Supported Features19vMotion19SAN with Fibre Interconnect19Unsupported Features19VMware Fault Tolerant Mode19Licensing19Security Hardening19Appendix 1: Troubleshooting19Checking VMware Compatibility20VMware Checklist20Isolating a Possible Root Cause20Possible Issues21Analyzing the Cause of VMware Issues22Active Options Only Indicates '150 Traversal Calls' or '3750 Registrations' f...22Restoring Default Configuration (Factory Reset)22Prerequisite Files22Performing a Reset to Default Configuration23Resetting Your Administrator Password or Root Password23Appendix 2: VM VCS Activation Process23Appendix 3: Deploying Multiple Datastores24Cisco Legal Information30Cisco Trademark30Size: 730 KBPages: 30Language: EnglishOpen manual
Installation GuideTable of ContentsPreface5Change History5Introduction7Installing a Virtual Machine7Recommended Platform7Co-residency Support8Note: CPU Reservation Requirement Change in X8.88Installation Process8Configuring the VM Host8Deploying OVA to Host Using vCenter9Deploying OVA to Host Using vSphere Client13Configuring the VM Guest (vSphere Clients)16Ordering and Entering Release and Option Keys16Hardware References17Serial Interface17Ethernet Interfaces (NICs)17Allocating a Virtual NIC to a Physical NIC Interface18Additional Information19Upgrading a VM VCS19Clustering for Resilience and Capacity20Migrating from a Physical Appliance to a VM20Supported Features20vMotion20SAN with Fibre Interconnect20Unsupported Features20Licensing20Security Hardening20Appendix 1: Troubleshooting20Checking VMware Compatibility21VMware Checklist21Isolating a Possible Root Cause21Possible Issues22Analyzing the Cause of VMware Issues23Active Options Only Indicates '150 Traversal Calls' or '3750 Registrations' f...23Restoring Default Configuration (Factory Reset)23Prerequisite Files23Performing a Reset to Default Configuration24Resetting Your Administrator Password or Root Password24Appendix 2: VM VCS Activation Process24Appendix 3: Deploying Multiple Datastores25Cisco Legal Information31Cisco Trademark31Size: 762 KBPages: 32Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3About this document3About the Cisco VCS appliance3Related documents4Training4Glossary4Preparing to install5Environmental and power specifications5Unpacking the unit and preparing the installation5Locating serial numbers5Installing6Installing the unit in a rack6Connecting and powering on the unit6Configuring7Connecting to the Cisco VCS7Connecting via the serial port8Connecting via the KVM port9Configuring the Cisco VCS9Using the web interface10Using the Command Line Interface (CLI)10Changing the admin account password10Changing the root account password11Changing other system settings11Checking for updates and upgrading11Troubleshooting12Locating LEDs and components12Document revision history14Notices15Technical support15Accessibility notice15Size: 259 KBPages: 16Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3About this document3About the Cisco VCS appliance3Related documents4Training4Glossary4Preparing to install5Environmental and power specifications5Unpacking the unit and preparing the installation5Locating serial numbers5Installing6Installing the unit in a rack6Connecting and powering on the unit6Configuring7Connecting to the Cisco VCS7Connecting via the serial port8Connecting via the KVM port9Configuring the Cisco VCS9Using the web interface10Using the Command Line Interface (CLI)10Changing the admin account password10Changing the root account password11Changing other system settings11Checking for updates and upgrading11Troubleshooting12Locating LEDs and components12Document revision history14Notices15Technical support15Accessibility notice15Size: 257 KBPages: 16Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3About this document3About the Cisco VCS appliance3Related documents4Training4Glossary4Preparing to install5Environmental and power specifications5Unpacking the unit and preparing the installation5Locating serial numbers5Installing6Installing the unit in a rack6Connecting and powering on the unit6Configuring7Connecting to the Cisco VCS7Connecting via the serial port8Connecting via the KVM port9Configuring the Cisco VCS9Using the web interface10Using the Command Line Interface (CLI)10Changing the admin account password10Changing the root account password11Changing other system settings11Checking for updates and upgrading11Troubleshooting12Locating LEDs and components12Document revision history14Notices15Technical support15Accessibility notice15Size: 256 KBPages: 16Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction2About This Document2About the Cisco VCS Appliance2Related Documents3Training3Glossary3Preparing to Install4Environmental and Power Specifications4Unpacking the Unit and Preparing the Installation4Locating Serial Numbers4Installation5Install the Unit in a Rack5Connect and Power on the Unit5Configure6Connect to the Cisco VCS6Connect Using the Serial Port7Connect Using the KVM Port8Configure the Cisco VCS8Use the Web Interface9Use the Command Line Interface (CLI)9Change the Admin Account Password9Change the Root Account Password9Change Other System Settings9Check for Updates and Upgrading10Troubleshooting11Locating LEDs and Components11Document Revision History12Notices14Technical Support14Accessibility Notice14Cisco Legal Information14Cisco Trademark15Size: 243 KBPages: 15Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3About this document3About the Cisco VCS appliance3Related documents4Training4Glossary4Preparing to install5Environmental and power specifications5Unpacking the unit and preparing the installation5Locating serial numbers5Installing6Installing the unit in a rack6Inserting the SFPs6Connecting and powering on the unit6Configuring7Connecting to the Cisco VCS7Connecting via the serial port8Connecting via the KVM port9Configuring the Cisco VCS9Using the web interface10Using the Command Line Interface (CLI)10Changing the admin account password10Changing the root account password11Changing other system settings11Checking for updates and upgrading11Troubleshooting12Locating LEDs and components12Specific issues13Document revision history14Notices15Technical support15Accessibility notice15Size: 260 KBPages: 16Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction3About this document3About the Cisco VCS appliance3Related documents4Training4Glossary4Preparing to install5Environmental and power specifications5Unpacking the unit and preparing the installation5Locating serial numbers5Installing6Installing the unit in a rack6Inserting the SFPs6Connecting and powering on the unit6Configuring7Connecting to the Cisco VCS7Connecting via the serial port8Connecting via the KVM port9Configuring the Cisco VCS9Using the web interface10Using the Command Line Interface (CLI)10Changing the admin account password10Changing the root account password11Changing other system settings11Checking for updates and upgrading11Troubleshooting12Locating LEDs and components12Specific issues13Document revision history14Notices15Technical support15Accessibility notice15Size: 260 KBPages: 16Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction2About This Document2About the Cisco VCS Appliance2Related Documents3Training3Glossary3Preparing to Install4Environmental and Power Specifications4Unpacking the Unit and Preparing the Installation4Locating Serial Numbers4Installation5Install the Unit in a Rack5Inserting the SFPs5Connect and Power on the Unit5Configure6Connect to the Cisco VCS6Connect Using the Serial Port7Connect Using the KVM Port8Configure the Cisco VCS8Use the Web Interface9Use the Command Line Interface (CLI)9Change the Admin Account Password9Change the Root Account Password9Change Other System Settings9Check for Updates and Upgrading10Troubleshooting11Locating LEDs and Components11Specific Issues12Document Revision History12Notices14Technical Support14Accessibility Notice14Cisco Legal Information14Cisco Trademark15Size: 246 KBPages: 15Language: EnglishOpen manual
Installation GuideTable of ContentsPreface2Change History2Introduction5About This Document5About the Cisco VCS Appliance5Related Documents6Training6Glossary6Preparing to Install7Environmental and Power Specifications7Unpacking the Unit and Preparing the Installation7Locating Serial Numbers7Installation8Install the Unit in a Rack8How to Insert the SFPs8Connect and Power on the Unit8Configure10Connect to the Cisco VCS10Connect Using the Serial Port11Connect Using the KVM Port12Connect Using the CIMC Port12Remotely Connect to Serial Using the CIMC13Configure the Cisco VCS13Use the Web Interface14Use the Command Line Interface (CLI)14Change the Admin Account Password14Change the Root Account Password14Change Other System Settings14Check for Updates and Upgrading15Troubleshooting16Locating LEDs and Components16Front View16Rear View17Definitions of LED States17Reset from the Internal Recovery Partition (IRP)17Reset the SD Card and Enable the Virtual Drive18Factory Reset Using the KVM Console18Disable the Virtual Drive After the Factory Reset18Remove Alarms Caused by the Factory Reset18Specific Issues19Active Options Only Indicates ‘150 traversal calls’ or ‘3750 registrations’ f...19Lag During Boot up Due to Power Characterization Check19Notices20Technical Support20Accessibility Notice20Cisco Legal Information20Cisco Trademark21Size: 1.02 MBPages: 21Language: EnglishOpen manual
Installation GuideTable of ContentsPreface2Change History2Introduction5About This Document5About the Cisco VCS Appliance5Related Documents6Training6Glossary6Preparing to Install7Environmental and Power Specifications7Unpacking the Unit and Preparing the Installation7Locating Serial Numbers7Installation8Install the Unit in a Rack8How to Insert the SFPs8Connect and Power on the Unit8Configure10Connect to the Cisco VCS10Connect Using the Serial Port11Connect Using the KVM Port12Connect Using the CIMC Port12Remotely Connect to Serial Using the CIMC13Configure the Cisco VCS13Use the Web Interface14Use the Command Line Interface (CLI)14Change the Admin Account Password14Change the Root Account Password14Change Other System Settings14Check for Updates and Upgrading15Troubleshooting16Locating LEDs and Components16Front View16Rear View17Definitions of LED States17Reset from the Internal Recovery Partition (IRP)17Reset the SD Card and Enable the Virtual Drive18Factory Reset Using the KVM Console18Disable the Virtual Drive After the Factory Reset18Remove Alarms Caused by the Factory Reset18Specific Issues19Active Options Only Indicates ‘150 traversal calls’ or ‘3750 registrations’ f...19Lag During Boot up Due to Power Characterization Check19Notices20Technical Support20Accessibility Notice20Cisco Legal Information20Cisco Trademark21Size: 1.01 MBPages: 21Language: EnglishOpen manual
Installation GuideTable of ContentsContents2General information3About the Cisco TelePresence Video Communication Server (Cisco VCS)3Installing the Cisco VCS4Package contents4Before you start4Preparing the installation site4Preparing the unit4Connecting the cables4Powering on the VCS5Initial configuration6Configuration using a serial cable6Configuration using the front panel8Using the Cisco VCS9Changing the admin account password9Changing the root account password9Other recommended configuration9Using the web interface10Using the Command Line Interface (CLI)10Documentation and training11Disclaimers and notices12Size: 753 KBPages: 12Language: EnglishOpen manual
Installation GuideTable of ContentsContents2General information3About the Cisco TelePresence Video Communication Server (Cisco VCS)3Installing the Cisco VCS4Package contents4Before you start4Preparing the installation site4Preparing the unit4Connecting the cables4Powering on the Cisco VCS5Initial configuration6Configuration using a serial cable6Configuration using the front panel8Using the Cisco VCS9Changing the admin account password9Changing the root account password9Other recommended configuration9Using the web interface10Using the Command Line Interface (CLI)10Documentation and training11Disclaimers and notices12Size: 701 KBPages: 12Language: EnglishOpen manual
Installation GuideTable of ContentsСодержание2Общие сведения3Сведения о Cisco TelePresence Video Communication Server (Cisco VCS)3Установка Cisco VCS4Комплект поставки4Перед началом работы4Подготовка места для установки4Подготовка устройства5Подключение кабелей5Включение Cisco VCS5Исходная конфигурация6Конфигурация с использованием кабеля для последовательной передачи данных6Конфигурация с использованием лицевой панели9Использование Cisco VCS11Изменение пароля учетной записи admin11Изменение пароля учетной записи root11Прочая рекомендуемая конфигурация11Использование веб-интерфейса12Использование интерфейса командной строки (CLI)12Документация и обучение13Уведомления и отказ от ответственности14Size: 825 KBPages: 14Language: РусскийOpen manual
Installation GuideTable of Contents目录2一般信息3关于 Cisco TelePresence 视频通信服务器 (Cisco VCS)3安装 Cisco VCS4包装内容4开始之前4准备安装站点4准备设备4连接缆线5开启 Cisco VCS5初始配置6使用串联缆线进行配置6使用前面板进行配置8使用 Cisco VCS9更改管理帐户密码9更改根帐户密码9其他建议配置9使用 Web 界面10使用命令行接口 (CLI)10文档和培训11免责声明和通告12Size: 310 KBPages: 12Language: 中文(zhōngwén)Open manual
Installation GuideTable of ContentsContents2General information3About the Cisco TelePresence Video Communication Server (Cisco VCS)3Installing the Cisco VCS4Package contents4Before you start4Preparing the installation site4Preparing the unit4Connecting the cables5Powering on the Cisco VCS5Initial configuration6Configuration using a serial cable6Configuration using the front panel8Using the Cisco VCS9Changing the admin account password9Changing the root account password9Other recommended configuration9Using the web interface10Using the Command Line Interface (CLI)10Documentation and training11Disclaimers and notices12Size: 728 KBPages: 12Language: EnglishOpen manual
Installation GuideTable of ContentsContents2General information3About the Cisco TelePresence Video Communication Server (Cisco VCS)3Installing the Cisco VCS4Package contents4Before you start4Preparing the installation site4Preparing the unit4Connecting the cables4Powering on the Cisco VCS5Initial configuration6Configuration using a serial cable6Configuration using the front panel8Using the Cisco VCS9Changing the admin account password9Changing the root account password9Other recommended configuration9Using the web interface10Using the Command Line Interface (CLI)10Documentation and training11Disclaimers and notices12Size: 713 KBPages: 12Language: EnglishOpen manual
Installation GuideTable of ContentsContents2General information3About the Cisco TelePresence Video Communication Server (Cisco VCS)3Installing the Cisco VCS4Package contents4Before you start4Preparing the installation site4Preparing the unit4Connecting the cables5Powering on the Cisco VCS5Initial configuration6Configuration using a serial cable6Configuration using the front panel8Using the Cisco VCS9Changing the admin account password9Changing the root account password9Other recommended configuration9Using the web interface10Using the Command Line Interface (CLI)10Documentation and training11Disclaimers and notices12Size: 786 KBPages: 12Language: EnglishOpen manual
/en/manuals/1621686/Table of ContentsExternal policy overview3Using an external policy server3Configuring VCS to use an external policy server6Configuring Registration Policy to use an external service6Configuring Call Policy to use an external service7Configuring search rules to use an external service8Default CPL for policy services10Policy server status and resiliency11Viewing policy server status via the VCS11External policy request parameters12Appendix 1 – Design examples14Call Policy design examples14Using a policy service to allow or deny calls14Using a policy service to route calls17Using a policy service to implement FindMe (User Policy)20Search rule design examples21Round-robin routing to a member of a group21Forwarding calls to other members of a group in a round-robin style21Registration Policy design examples22Allowing or denying registrations based on protocol22Appendix 2 – CPL snippet examples23CPL snippets for call processing23Allow CPL23Reject CPL23Route CPL23Forking CPL24Conditional routing CPL24CPL snippets for registration requests24Registration allow CPL25Registration reject CPL25Appendix 3 – Message logging26Trace example: Call Policy request and response26Trace example: Registration Policy request and response26Document revision history28Size: 550 KBPages: 29Language: EnglishOpen manual
/en/manuals/1621682/Table of ContentsIntroduction3Installing a VM4Requirements4Recommended platform4Co-residency support4Installation process4Configuring the VM host4Deploying OVA to host5Configuring the VM guest9Snapshot and restore using VM snapshot13Creating a VMware snapshot13Restoring a VMware snapshot13Incremental VMware backups13Hardware references14Serial interface14Ethernet interfaces (NICs)14Allocating a virtual NIC to a physical NIC interface14Additional information16Upgrading a VM VCS16Clustering for resilience and capacity16Migrating from a physical appliance to a VM16Supported features16vMotion16SAN with Fibre interconnect16Unsupported features17VMware fault tolerant mode17Licensing17Appendix 1 — Troubleshooting18Checking VMware compatibility18VMware checklist18Isolating a possible root cause19Possible issues19Analyzing the cause of VMware issues20Restoring default configuration (factory reset)20Prerequisite files20Performing a reset to default configuration20Appendix 2 — VM Cisco TelePresence Video Communication Server activation process22Appendix 3 — Deploying multiple datastores23Appendix 4 — Ensuring that 6GB of memory is allocated for the VM VCS28Document revision history29Size: 829 KBPages: 30Language: EnglishOpen manual
/en/manuals/1621679/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing4Deployment scenario5Summary of configuration process5Prerequisites for system configuration6Cisco VCS configuration7Cisco VCS and H.323 MCU9Cisco VCS and SIP MCU10Cisco VCS and MCU supporting both H.323 and SIP10Cisco VCS with H.323 endpoints initiating a Multiway conference11SIP endpoints with SIP MCU11SIP endpoints with H.323 MCU11H.323 endpoints with H.323 MCU11H.323 endpoints with SIP MCU11Cisco VCS configuration: in a cluster11Cisco VCS configuration: in a network of VCSs12Cisco VCS configuration: with OCS12OCS R112OCS R212Cisco VCS configuration: with CUCM12Cisco TelePresence MCU configuration13H.32313SIP14Endpoint configuration(those that can initiate a Multiway conference)16Cisco IP Video Phone E2016Cisco TelePresence System EX Series16Cisco TelePresence System Profiles using C Series codecs16Cisco TelePresence System MXP Series16TANDBERG MXP – L Series17Endpoint requirements (those that can be joined to a Multiway conference)18H.32318SIP18Other devices (IP PBXs, gateways and so on)18Appendix 1 - Troubleshooting19Problems connecting Cisco VCS Control local calls19Check for errors20Tracing calls20My MXP will not create a Multiway call20Appendix 2 – Known interworking limitations21Multiple MCUs for capacity and resilience21Appendix 3 – Call flows for Multiway22Overview of Multiway call flow22SIP22H.32325Appendix 4 – Multiway Beta on TANDBERG Gatekeeper28Appendix 5 – Cisco TelePresence product integration29Using Cisco TelePresence Conductor and Multiway29Using Cisco ISDN gateway with Multiway29Size: 602 KBPages: 30Language: EnglishOpen manual
Installation GuideTable of ContentsPrerequisites and recommendations6Estimating your deployment size6Hardware requirements6Regular deployment7Large deployment7Recommended hardware and virtualization for large deployments8Cisco TMSPE server software and configuration requirements9SMTP server requirements9SQL Server software and permission requirements10Cisco VCS requirements10WebEx Enabled TelePresence requirements10Collaboration Meeting Room requirements11Cisco TelePresence Conductor11Required security permissions11For installation11For operation11Information needed during installation11Cisco TMS username and password11Database information12Database location12User import requirements12Service account12Secure connection12Active Directory13LDAP13Browser requirements13Administrator interface13User portal13Best practices for deployment13Upgrade endpoints to the latest software13Automate user creation and management with AD/LDAP14Use secure communication14Synchronize time in Cisco VCS and Cisco TMS14Configuring Cisco VCS for provisioning15Provisioning within your network15Setting up DNS for the Cisco VCS15Installing the Device Provisioning option key16Enabling SIP16Configuring how Cisco VCS handles calls to unknown IP addresses17Adding Cisco VCS to Cisco TMS17Enabling provisioning on the Cisco VCS19Setting up a cluster name19Enabling Presence on the Cisco VCS19Presence on VCS Control19Presence on VCS Expressway20Verifying device authentication21Installing Cisco TMSPE22Installing Cisco TMSPE with a redundant Cisco TMS setup22Upgrading from previous versions22If the server is running Java 722If the server is running Java 622Performing a new installation23Enabling Cisco TMSPE23Setting up communication between Cisco TMS and Cisco VCS24Setting up users and provisioning26Creating groups and adding users26Setting up groups26Importing users from external directories26Adding users manually29Creating address patterns30Address pattern types30Adding the patterns30Example patterns32Setting up configurations for provisioned devices33Obtaining template schemas33Uploading the schema to Cisco TMS33Adding configuration templates35Assigning configuration templates to groups38Provisioning phone books39Creating and configuring provisioning phone book sources39Associating phone book access to groups41Configuring and sending account information42Configuring email settings42Sending account information to a single user43Sending account information to all users in a group44Deploying Smart Scheduler45Best practices and limitations45Booking limitations45User access to Smart Scheduler46Access rights and permissions46Time zone display47WebEx booking47How Smart Scheduler works48Deploying Collaboration Meeting Rooms49What are Collaboration Meeting Rooms?49Room size and quality49PIN protection49How Collaboration Meeting Rooms are created49Differences from TelePresence Conductor-created conferences49Setting up Collaboration Meeting Room50Before you start50Connecting to TelePresence Conductor50Creating templates51Applying templates to groups53Making changes that affect Collaboration Meeting Room54Modifying or replacing the template for a group54Deleting templates55Deleting users55Moving users between groups55Touch tones and DTMF55Deploying FindMe56FindMe basics56Deploying FindMe without provisioning56Defining caller ID patterns56Assigning a caller ID pattern to imported accounts56Enabling FindMe in Cisco TMSPE58Manually adding FindMe accounts and groups58Setting up FindMe locations and devices59Suggested minimum setup59Adding FindMe device templates60Adding FindMe location templates61Associating device templates with location templates62Assigning location templates to groups63Setting up FindMe on Cisco VCS64Check FindMe option key64Set up a cluster name65Enable and configure FindMe settings65Sending and returning calls via ISDN gateways65Using FindMe to convert E.164 Alias’s to FindMe IDs66Using ENUM to convert E.164 Alias’s to FindMe IDs66Including the ISDN gateway prefix in the caller ID66Regenerating FindMe locations and devices67Accounts and groups67Location templates68Device templates68Modifying a user's FindMe locations and devices68Additional information69Determining how to overwrite a caller ID with a FindMe ID69FindMe in a Cisco VCS cluster69FindMe accounts hosted on different Cisco VCSs in a network70FindMe and Presence70Individual and group FindMe types70Characters allowed in SIP URIs71FindMe limitations71Microsoft Lync device IDs as FindMe devices71Phone numbers from Active Directory (AD)71Maintaining users and devices72Synchronizing user data72Mapping of LDAP and AD fields72Testing a manual synchronization73Running a manual synchronization73Moving users and groups73Moving user accounts imported from external sources73Moving groups between clusters73Searching for user accounts74Renaming groups and user accounts74Upgrading software on provisioned devices75Upgrading configurations75Upgrading devices75Updating Cisco TMS connection details76Maintaining the databases77Backing up the databases77Restoring the databases from backup77Moving or renaming the databases77Troubleshooting78Running Cisco TMSPE diagnostics78Running a health check78Viewing system status79Viewing Cisco VCS communication history79Restarting the TMS Provisioning Extension Windows service79Logs80Cisco TMSPE and Cisco TMS logs80Cisco VCS logs80Endpoint logs80Troubleshooting the installation80Checking the installation log80Unable to establish SQL connection through Java runtime...80Unable to find valid certification path to requested target81Provisioning problem scenarios81Database connection failure81AD import with Kerberos fails81User import fails82Email sending failure82Cisco VCS reports data import failure82Users get Out of licenses message83Signing in fails when no template available83Warning displayed when uploading configuration schema84No phone books received84Portal troubleshooting84Cannot access FindMe or Smart Scheduler84Using search history to diagnose FindMe issues84Uninstalling Cisco TMSPE85Removing provisioning from a Cisco VCS85Document revision history86Notices87Accessibility notice87Technical support87Size: 1.8 MBPages: 88Language: EnglishOpen manual
/en/manuals/1621670/Table of ContentsMobile and remote access overview4Jabber client connectivity without VPN5Related documentation5Deployment scenarios7Single network elements7Single clustered network elements7Multiple clustered network elements8Hybrid deployment8Configuration overview9Prerequisites9Supported clients when using mobile and remote access9Configuration summary9EX/MX/SX Series endpoints (running TC software)9Jabber clients9DNS records10Firewall11Unified CM11IM and Presence Service12VCS13Configuring mobile and remote access on VCS14Installing VCS security certificates and setting up a secure traversal zone14Setting up the VCS Control14Configuring DNS and NTP settings14Enabling the VCS Control for mobile and remote access14Discovering Unified Communications servers and services16Trusting the certificates presented to the VCS Control16Discovering IM and Presence Servers17Discovering Unified CM servers17Automatically generated zones and search rules18Configuring the HTTP server allow list (whitelist) on VCS Control18Setting up the VCS Expressway19Configuring DNS and NTP settings19Enabling the VCS Expressway for mobile and remote access19Ensuring that TURN services are disabled on VCS Expressway20Checking the status of Unified Communications services20Configuring a secure traversal zone connection for Unified Communications21Installing VCS security certificates21Configuring encrypted VCS traversal zones22Server certificate requirements for Unified Communications24Mobile and remote access port reference27Additional information29Unified CM dial plan29VCS call types and licensing29Deploying Unified CM and VCS in different domains29SIP trunks between Unified CM and VCS Control30Configuring secure communications30VCS automated intrusion protection31Unified CM denial of service threshold31Limitations31Unsupported Jabber features when using mobile and remote access32Unsupported features and limitations when using mobile and remote access32Protocol summary32Clustered VCS systems and failover considerations33Media encryption33Advanced VCS Control configuration33Credential caching intervals33Appendix 1: Troubleshooting34General troubleshooting techniques34Checking alarms and status34Checking and taking diagnostic logs34Checking DNS records35Checking reachability of the VCS Expressway35Checking call status35Checking devices registered to Unified CM via VCS36Ensuring that VCS Control is synchronized to Unified CM36VCS certificate / TLS connectivity issues36VCS returns 401 unauthorized failure messages37Call failures due to 407 proxy authentication required or 500 Internal Server...37Call bit rate is restricted to 384 kbps / video issues when using BFCP (prese...37Endpoints cannot register to Unified CM37Jabber cannot sign in due to XMPP bind failure37No voicemail service (403 Forbidden response)38403 Forbidden responses for any service requests38Client HTTPS requests are dropped by VCS38Unable to configure IM&P servers for remote access38'Failed: <address> is not a IM and Presence Server'38Jabber cannot sign in due to SSH tunnels failure38Document revision history39Size: 999 KBPages: 40Language: EnglishOpen manual
/en/manuals/1621667/Table of ContentsMobile and remote access4Jabber client connectivity without VPN5Related documentation5Deployment scenarios7Single network elements7Single clustered network elements7Multiple clustered network elements8Hybrid deployment8Configuration overview9Prerequisites9Supported clients when using mobile and remote access9Configuration summary9EX/MX/SX Series endpoints (running TC software)9Jabber clients9DNS records10Firewall10Unified CM11IM and Presence12VCS12Configuring mobile and remote access on VCS14Setting up the VCS Control14Configuring DNS and NTP settings14Configuring the VCS Control for Unified Communications14Discovering IM&P and Unified CM servers15Setting up the VCS Expressway18Configuring DNS and NTP settings18Configuring the VCS Expressway for Unified Communications18Ensuring that TURN services are disabled on VCS Expressway18Setting up VCS security certificates18Setting up secure VCS traversal zones20Checking the status of Unified Communications services21Additional configuration21Configuring the HTTP server allow list (whitelist) on VCS Control21Unified Communications port reference23Additional information25Unified CM dial plan25VCS call types and licensing25Deploying Unified CM and VCS in different domains25SIP trunks between Unified CM and VCS Control26Configuring secure communications26VCS automated intrusion protection27Unified CM denial of service threshold27Limitations27Unsupported Jabber features when using mobile and remote access27Unsupported features and limitations when using mobile and remote access28Protocol summary28Clustered VCS systems and failover considerations29Media encryption29Advanced VCS Control configuration29Credential caching intervals29Appendix 1: Troubleshooting30General troubleshooting techniques30Checking alarms and status30Checking and taking diagnostic logs30Checking DNS records31Checking call status31Checking devices registered to Unified CM via VCS32Ensuring that VCS Control is synchronized to Unified CM32VCS certificate / TLS connectivity issues32VCS returns 401 unauthorized failure messages33Call failures due to 407 proxy authentication required or 500 Internal Server...33Call bit rate is restricted to 384 kbps / video issues when using BFCP (prese...33Endpoints cannot register to Unified CM33Jabber cannot sign in due to XMPP bind failure33No voicemail service (403 Forbidden response)34403 Forbidden responses for any service requests34Client HTTPS requests are dropped by VCS34Unable to configure IM&P servers for remote access34'Failed: <address> is not a IM and Presence Server'34Jabber cannot sign in due to SSH tunnels failure34Document revision history35Size: 922 KBPages: 36Language: EnglishOpen manual
/en/manuals/1621664/Table of ContentsMobile and remote access overview4Jabber client connectivity without VPN5Related documentation5Deployment scenarios7Single network elements7Single clustered network elements7Multiple clustered network elements8Hybrid deployment8Unsupported deployments9Configuration overview10Prerequisites10Supported clients when using mobile and remote access10Configuration summary10EX/MX/SX Series endpoints (running TC software)10Jabber clients11DNS records11Firewall12Unified CM12IM and Presence Service13VCS14Unified Communications prerequisites15Configuring a secure traversal zone connection for Unified Communications15Installing VCS security certificates15Configuring encrypted VCS traversal zones16Server certificate requirements for Unified Communications17Configuring mobile and remote access on VCS20Installing VCS security certificates and setting up a secure traversal zone20Setting up the VCS Control20Configuring DNS and NTP settings20Enabling the VCS Control for mobile and remote access20Discovering Unified Communications servers and services22Trusting the certificates presented to the VCS Control22Discovering IM and Presence Service nodes22Discovering Unified CM servers23Discovering Cisco Unity Connection servers24Automatically generated zones and search rules24Configuring the HTTP server allow list (whitelist) on VCS Control25Setting up the VCS Expressway25Configuring DNS and NTP settings25Enabling the VCS Expressway for mobile and remote access26Ensuring that TURN services are disabled on VCS Expressway26Using deployments to partition Unified Communications services27Single Sign-On (SSO) over the Collaboration Edge29Single Sign-On prerequisites30High level task list31Importing the SAML metadata from the IdP32Associating domains with an IdP32Exporting the SAML metadata from the VCS Control32Configuring IDPs33Active Directory Federation Services 2.033Enabling Single Sign-On at the edge33Checking the status of Unified Communications services35Mobile and remote access port reference36Additional information38Unified CM dial plan38VCS call types and licensing38Deploying Unified CM and VCS in different domains38SIP trunks between Unified CM and VCS Control39Configuring secure communications39VCS automated intrusion protection40Unified CM denial of service threshold40Limitations40Unsupported Jabber features when using mobile and remote access41Unsupported features and limitations when using mobile and remote access41Protocol summary41Clustered VCS systems and failover considerations42Media encryption42Advanced VCS Control configuration42Credential caching intervals42Appendix 1: Troubleshooting43General troubleshooting techniques43Checking alarms and status43Checking and taking diagnostic logs43Checking DNS records44Checking reachability of the VCS Expressway44Checking call status44Checking devices registered to Unified CM via VCS45Ensuring that VCS Control is synchronized to Unified CM45VCS certificate / TLS connectivity issues46VCS returns 401 unauthorized failure messages46Call failures due to 407 proxy authentication required or 500 Internal Server...46Call bit rate is restricted to 384 kbps / video issues when using BFCP (prese...46Endpoints cannot register to Unified CM46IM and Presence Service realm changes47Jabber cannot sign in due to XMPP bind failure47No voicemail service (403 Forbidden response)47403 Forbidden responses for any service requests47Client HTTPS requests are dropped by VCS47Unable to configure IM&P servers for remote access48'Failed: <address> is not a IM and Presence Server'48Jabber cannot sign in due to SSH tunnels failure48Document revision history49Size: 1.3 MBPages: 50Language: EnglishOpen manual
/en/manuals/1621661/Table of ContentsMobile and remote access overview5Jabber client connectivity without VPN6Related documentation6Deployment scenarios8Single network elements8Single clustered network elements8Multiple clustered network elements9Hybrid deployment9Unsupported deployments10Configuration overview11Prerequisites11Supported clients when using mobile and remote access11Configuration summary11EX/MX/SX Series endpoints (running TC software)11Jabber clients12DNS records12Firewall13Unified CM13IM and Presence Service14VCS15Unified Communications prerequisites16Configuring a secure traversal zone connection for Unified Communications16Installing VCS security certificates16Configuring encrypted VCS traversal zones17Server certificate requirements for Unified Communications18Cisco Unified Communications Manager certificates18VCS certificates18Configuring mobile and remote access on VCS21Installing VCS security certificates and setting up a secure traversal zone21Setting up the VCS Control21Configuring DNS and NTP settings21Enabling the VCS Control for mobile and remote access21Discovering Unified Communications servers and services23Trusting the certificates presented to the VCS Control23Discovering IM and Presence Service nodes23Discovering Unified CM servers24Discovering Cisco Unity Connection servers25Automatically generated zones and search rules25Why should I refresh the discovered nodes?26Configuring the HTTP server allow list (whitelist) on VCS Control26Setting up the VCS Expressway27Configuring DNS and NTP settings27Enabling the VCS Expressway for mobile and remote access27Ensuring that TURN services are disabled on VCS Expressway28Using deployments to partition Unified Communications services29Single Sign-On (SSO) over the Collaboration Edge31Single Sign-On prerequisites32High level task list33Importing the SAML metadata from the IdP34Associating domains with an IdP34Exporting the SAML metadata from the VCS Control34Configuring IDPs35Active Directory Federation Services 2.035Enabling Single Sign-On at the edge35Checking the status of Unified Communications services37Mobile and remote access port reference38Additional information40Unified CM dial plan40VCS call types and licensing40Deploying Unified CM and VCS in different domains40SIP trunks between Unified CM and VCS Control41Configuring secure communications41Media encryption42Limitations42Unsupported Jabber features when using mobile and remote access42Unsupported features and limitations when using mobile and remote access43Protocol summary43Clustered VCS systems and failover considerations43Authorization rate control44Credential caching44Unified CM denial of service threshold44VCS automated intrusion protection45Appendix 1: Troubleshooting46General troubleshooting techniques46Checking alarms and status46Checking and taking diagnostic logs47Checking DNS records47Checking reachability of the VCS Expressway48Checking call status48Checking devices registered to Unified CM via VCS49Ensuring that VCS Control is synchronized to Unified CM49Checking SSO status and tokens49VCS certificate / TLS connectivity issues49Cisco Jabber sign in issues50Jabber cannot sign in due to XMPP bind failure50Jabber cannot sign in due to SSH tunnels failure50Jabber cannot sign in when connecting to different peers in a cluster of VCS ...50VCS returns 401 unauthorized failure messages50Call failures due to 407 proxy authentication required or 500 Internal Server...50Call bit rate is restricted to 384 kbps / video issues when using BFCP (prese...51Endpoints cannot register to Unified CM51IM and Presence Service realm changes51No voicemail service (403 Forbidden response)51403 Forbidden responses for any service requests51Client HTTPS requests are dropped by VCS52Unable to configure IM&P servers for remote access52'Failed: <address> is not a IM and Presence Server'52Document revision history53Size: 1.37 MBPages: 54Language: EnglishOpen manual
/en/manuals/1621658/Table of ContentsMobile and remote access overview5Jabber client connectivity without VPN6Related documentation6Deployment scenarios8Single network elements8Single clustered network elements8Multiple clustered network elements9Hybrid deployment9Unsupported deployments10Configuration overview11Prerequisites11Supported clients when using mobile and remote access11Configuration summary11EX/MX/SX Series endpoints (running TC software)11Jabber clients12DNS records12Firewall13Unified CM13IM and Presence Service14VCS15Unified Communications prerequisites16Configuring a secure traversal zone connection for Unified Communications16Installing VCS security certificates16Configuring encrypted VCS traversal zones17Server certificate requirements for Unified Communications18Cisco Unified Communications Manager certificates18VCS certificates18Configuring mobile and remote access on VCS21Installing VCS security certificates and setting up a secure traversal zone21Setting up the VCS Control21Configuring DNS and NTP settings21Enabling the VCS Control for mobile and remote access21Discovering Unified Communications servers and services23Trusting the certificates presented to the VCS Control23Discovering IM and Presence Service nodes23Discovering Unified CM servers24Discovering Cisco Unity Connection servers25Automatically generated zones and search rules25Why should I refresh the discovered nodes?26Configuring the HTTP server allow list (whitelist) on VCS Control26Setting up the VCS Expressway27Configuring DNS and NTP settings27Enabling the VCS Expressway for mobile and remote access27Ensuring that TURN services are disabled on VCS Expressway28Using deployments to partition Unified Communications services29Single Sign-On (SSO) over the Collaboration Edge31Single Sign-On prerequisites32High level task list33Importing the SAML metadata from the IdP34Associating domains with an IdP34Exporting the SAML metadata from the VCS Control34Configuring IDPs35Active Directory Federation Services 2.035Enabling Single Sign-On at the edge35Checking the status of Unified Communications services37Mobile and remote access port reference38Additional information40Unified CM dial plan40VCS call types and licensing40Deploying Unified CM and VCS in different domains40SIP trunks between Unified CM and VCS Control41Configuring secure communications41Media encryption42Limitations42Unsupported Jabber features when using mobile and remote access42Unsupported features and limitations when using mobile and remote access43Protocol summary43Clustered VCS systems and failover considerations43Authorization rate control44Credential caching44Unified CM denial of service threshold44VCS automated intrusion protection45Appendix 1: Troubleshooting46General troubleshooting techniques46Checking alarms and status46Checking and taking diagnostic logs47Checking DNS records47Checking reachability of the VCS Expressway48Checking call status48Checking devices registered to Unified CM via VCS49Ensuring that VCS Control is synchronized to Unified CM49Checking SSO status and tokens49VCS certificate / TLS connectivity issues49Cisco Jabber sign in issues50Jabber cannot sign in due to XMPP bind failure50Jabber cannot sign in due to SSH tunnels failure50Jabber cannot sign in when connecting to different peers in a cluster of VCS ...50VCS returns 401 unauthorized failure messages50Call failures due to 407 proxy authentication required or 500 Internal Server...50Call bit rate is restricted to 384 kbps / video issues when using BFCP (prese...51Endpoints cannot register to Unified CM51IM and Presence Service realm changes51No voicemail service (403 Forbidden response)51403 Forbidden responses for any service requests51Client HTTPS requests are dropped by VCS52Unable to configure IM&P servers for remote access52'Failed: <address> is not a IM and Presence Server'52Document revision history53Size: 1.37 MBPages: 54Language: EnglishOpen manual
/en/manuals/1621656/Table of ContentsMobile and Remote Access Overview2Deployment Scope3Jabber Client Connectivity Without VPN3Related Documentation4Deployment Scenarios4Single Network Elements4Single Clustered Network Elements5Multiple Clustered Network Elements5Hybrid Deployment6Unsupported Deployments6Configuration Overview7Prerequisites7Supported Clients when Using Mobile and Remote Access7Configuration Summary8EX/MX/SX Series Endpoints (Running TC Software)8Jabber Clients8DNS Records9Firewall9Unified CM10IM and Presence Service11VCS12Unified Communications Prerequisites12Configuring a Secure Traversal Zone Connection for Unified Communications12Installing VCS Security Certificates12Configuring Encrypted VCS Traversal Zones13Server Certificate Requirements for Unified Communications14Cisco Unified Communications Manager Certificates14VCS Certificates15Configuring Mobile and Remote Access on VCS17Installing VCS Security Certificates and Setting Up a Secure Traversal Zone17Setting Up the VCS Control17Configuring DNS and NTP Settings17Enabling the VCS Control for Mobile and Remote Access17Discover Unified Communications Servers and Services19Trust the Certificates Presented to the VCS Control19Discover Unified CM Servers19Discover IM and Presence Service Nodes20Discover Cisco Unity Connection Servers21Automatically Generated Zones and Search Rules22Why Should I Refresh the Discovered Nodes?22Configuring the HTTP Server Allow List on VCS Control23Setting Up the VCS Expressway23Configuring DNS and NTP Settings23Enabling the VCS Expressway for Mobile and Remote Access24Ensuring That TURN Services Are Disabled on VCS Expressway24Using Deployments to Partition Unified Communications Services24Single Sign-On (SSO) over the Collaboration Edge26Single Sign-On Prerequisites27High Level Task List28Importing the SAML Metadata from the IdP28Associating Domains with an IdP29Exporting the SAML Metadata from the VCS Control29Configuring IDPs30Active Directory Federation Services 2.030Enabling Single Sign-On at the Edge30Dial via Office-Reverse through MRA31Checking the Status of Unified Communications Services34Mobile and Remote Access Port Reference34Additional Information36Unified CM Dial Plan36VCS Call Types and Licensing36Deploying Unified CM and VCS in Different Domains37SIP Trunks Between Unified CM and VCS Control37Configuring Secure Communications37Media Encryption38Limitations38Unsupported Endpoint Features when Using Mobile and Remote Access38VCS Limitations and Unsupported Features when Using Mobile and Remote Access39Protocol Summary39Clustered VCS Systems and Failover Considerations39Authorization Rate Control40Credential Caching40Unified CM Denial of Service Threshold40VCS Automated Intrusion Protection40Appendix 1: Troubleshooting41General Techniques41Checking Alarms and Status41Taking Diagnostic Logs42Checking DNS Records42Checking Reachability of the VCS Expressway43Checking Call Status43Checking Devices Registered to Unified CM via VCS43Ensuring that VCS Control is Synchronized to Unified CM44Checking SSO Status and Tokens44VCS Certificate / TLS Connectivity Issues44Cisco Jabber Sign In Issues44Jabber Cannot Sign In due to XMPP Bind Failure44Jabber Cannot Sign In due to SSH Tunnels Failure45Jabber Cannot Sign In When Connecting to Different Peers in a Cluster of VCS ...45VCS Returns 401 Unauthorized Failure Messages45Call Failures due to 407 Proxy Authentication Required or 500 Internal Server...45Call Bit Rate is Restricted to 384 kbps / Video Issues when Using BFCP (Prese...45Endpoints Cannot Register to Unified CM45IM and Presence Service Realm Changes46No Voicemail Service (403 Forbidden Response)46403 Forbidden Responses for Any Service Requests46Client HTTPS Requests are Dropped by VCS46Unable to Configure IM&P Servers for Remote Access46'Failed: <address> is not a IM and Presence Server'46Invalid SAML Assertions46Document Revision History46Cisco Legal Information48Cisco Trademark48Size: 1.8 MBPages: 48Language: EnglishOpen manual
/en/manuals/1621653/Table of ContentsPreface5Change History5Related Documentation5Mobile and Remote Access Overview7Deployment Scope8Jabber Client Connectivity Without VPN8Deployment Scenarios8Single Network Elements9Single Clustered Network Elements10Multiple Clustered Network Elements10Hybrid Deployment11Unsupported Deployments11Configuration Overview13Prerequisites13Configuration Summary14Unified Communications Prerequisites18Configuring a Secure Traversal Zone Connection for Unified Communications18Server Certificate Requirements for Unified Communications20Configuring Mobile and Remote Access on VCS23Installing VCS Security Certificates and Setting Up a Secure Traversal Zone23Setting Up the VCS Control23Discover Unified Communications Servers and Services25About the HTTP Server Allow List on VCS Control29Setting Up the VCS Expressway31Using Deployments to Partition Unified Communications Services32Single Sign-On (SSO) over the Collaboration Edge34Single Sign-On Prerequisites35High Level Task List36Importing the SAML Metadata from the IdP36Associating Domains with an IdP37Exporting the SAML Metadata from the VCS Control37Configuring IDPs38Enabling Single Sign-On at the Edge38Dial via Office-Reverse through MRA39Checking the Status of Unified Communications Services42Mobile and Remote Access Port Reference42Additional Information44Unified CM Dial Plan44Deploying Unified CM and VCS in Different Domains44SIP Trunks Between Unified CM and VCS Control44Configuring Secure Communications45Media Encryption45Limitations45Protocol Summary46Clustered VCS Systems and Failover Considerations47Authorization Rate Control47Credential Caching47Unified CM Denial of Service Threshold47VCS Automated Intrusion Protection48Appendix 1: Troubleshooting48General Techniques48VCS Certificate / TLS Connectivity Issues51Cisco Jabber Sign In Issues51VCS Returns 401 Unauthorized Failure Messages52Call Failures due to 407 Proxy Authentication Required or 500 Internal Server...52Call Bit Rate is Restricted to 384 kbps / Video Issues when Using BFCP (Prese...52Endpoints Cannot Register to Unified CM53IM and Presence Service Realm Changes53No Voicemail Service (403 Forbidden Response)53403 Forbidden Responses for Any Service Requests53Client HTTPS Requests are Dropped by VCS53Unable to Configure IM&P Servers for Remote Access53Invalid SAML Assertions54Allow List Rules File Reference54Allow List Tests File Reference55Size: 2.04 MBPages: 56Language: EnglishOpen manual
/en/manuals/1621650/Table of ContentsMobile and Remote Access Overview5Jabber Client Connectivity Without VPN6Related documentation6Deployment scenarios8Single network elements8Single clustered network elements8Multiple clustered network elements9Hybrid deployment9Unsupported deployments10Configuration overview11Prerequisites11Supported clients when using Mobile and Remote Access11Configuration summary12EX/MX/SX Series endpoints (running TC software)12Jabber clients12DNS records12Firewall13Unified CM14IM and Presence Service15VCS15Unified Communications prerequisites17Configuring a Secure Traversal Zone Connection for Unified Communications17Installing VCS Security Certificates17Configuring Encrypted VCS Traversal Zones18Server Certificate Requirements for Unified Communications19Cisco Unified Communications Manager Certificates19VCS Certificates19Configuring Mobile and Remote Access on VCS22Installing VCS Security Certificates and Setting Up a Secure Traversal Zone22Setting Up the VCS Control22Configuring DNS and NTP Settings22Enabling the VCS Control for Mobile and Remote Access22Discovering Unified Communications Servers and Services24Trusting the Certificates Presented to the VCS Control24Discovering IM and Presence Service Nodes24Discovering Unified CM Servers25Discovering Cisco Unity Connection Servers26Automatically Generated Zones and Search Rules26Why Should I Refresh the Discovered Nodes?27Configuring the HTTP Server Allow List (Whitelist) on VCS Control27Setting Up the VCS Expressway28Configuring DNS and NTP Settings28Enabling the VCS Expressway for Mobile and Remote Access28Ensuring That TURN Services Are Disabled on VCS Expressway29Using Deployments to Partition Unified Communications Services30Single Sign-On (SSO) over the Collaboration Edge32Single Sign-On Prerequisites33High Level Task List34Importing the SAML Metadata from the IdP35Associating Domains with an IdP35Exporting the SAML Metadata from the VCS Control35Configuring IDPs36Active Directory Federation Services 2.036Enabling Single Sign-On at the Edge37Checking the Status of Unified Communications Services38Mobile and Remote Access Port Reference39Additional information41Unified CM dial plan41VCS call types and licensing41Deploying Unified CM and VCS in different domains41SIP trunks between Unified CM and VCS Control42Configuring secure communications42Media encryption43Limitations43Unsupported Jabber features when using mobile and remote access43Unsupported features and limitations when using mobile and remote access44Protocol summary44Clustered VCS systems and failover considerations44Authorization rate control45Credential caching45Unified CM denial of service threshold45VCS automated intrusion protection46Appendix 1: Troubleshooting47General troubleshooting techniques47Checking alarms and status47Checking and taking diagnostic logs48Checking DNS records48Checking reachability of the VCS Expressway49Checking call status49Checking devices registered to Unified CM via VCS50Ensuring that VCS Control is synchronized to Unified CM50Checking SSO status and tokens50VCS certificate / TLS connectivity issues50Cisco Jabber sign in issues51Jabber cannot sign in due to XMPP bind failure51Jabber cannot sign in due to SSH tunnels failure51Jabber cannot sign in when connecting to different peers in a cluster of VCS ...51VCS returns 401 unauthorized failure messages51Call failures due to 407 proxy authentication required or 500 Internal Server...51Call bit rate is restricted to 384 kbps / video issues when using BFCP (prese...52Endpoints cannot register to Unified CM52IM and Presence Service realm changes52No voicemail service (403 Forbidden response)52403 Forbidden responses for any service requests52Client HTTPS requests are dropped by VCS53Unable to configure IM&P servers for remote access53'Failed: <address> is not a IM and Presence Server'53Invalid SAML assertions53Document revision history54Size: 1.38 MBPages: 55Language: EnglishOpen manual
/en/manuals/1621645/Table of ContentsIntroduction4Prerequisites5Required configuration information5Configuring the Cisco VCS6Configure neighbor zone to Cisco AM GW6Configure Cisco VCS’s Advanced Media Gateway settings8Identify Cisco AM GW zone and configure Cisco AM GW policy8Cisco AM GW routing policy9What should I allow?10Configuring the Cisco AM GW11Network port A settings11Network services12System settings12Resource settings13Time13Proxies14Shut down and restart Cisco AM GW14Requirements and usage of MOC15PC requirements15Increasing resolution of MOC call15Appendix 1 – Troubleshooting17Cisco VCS / OCS17Cisco VCS search history and Status > Calls17MOC debug17OCS debug17Cisco VCS / Cisco AM GW17Cisco VCS search history and Status > Calls17Cisco AM GW Event log17Cisco AM GW SIP log18Cisco AM GW CDRs18Appendix 2 – Known limitations19Call transfer19Multiway19Duo Video19Simultaneous answer19OCS Edge Server19Encrypted calls19AVMCU / livemeeting calls19Appendix 3 – Reaching Cisco AM GW capacity20Appendix 4 – Bandwidth control21Appendix 5 – Call license usage22Appendix 6 – Endpoint specific configuration23Size: 1.18 MBPages: 24Language: EnglishOpen manual
/en/manuals/1604000/Table of ContentsIntroduction4Prerequisites to setting up a Cisco AM GW5Required configuration information5Configuring the Cisco VCS6Enable transcoders (Cisco AM GWs) for the B2BUA6Specify the Cisco AM GWs6Configure the Cisco AM GWs as trusted hosts7Specify the Cisco AM GW routing policy7Configuring the Cisco AM GW9Network port A settings9DNS settings9Network services10System settings10Resource settings11Time12Proxies12Shut down and restart the Cisco AM GW13Requirements and usage of Lync client14PC requirements14Increasing the resolution of a Lync client call14Appendix 1 – Troubleshooting15Cisco VCS and Lync15Cisco VCS search history and Status > Calls15Lync client debug15Lync debug15Cisco VCS / Cisco AM GW15Cisco VCS search history and Status > Calls15Cisco AM GW Event log15Cisco AM GW SIP log16Cisco AM GW CDRs16Check Cisco AM GW proxy configuration16Appendix 2 – Known limitations17Restrictions17Duo Video17Simultaneous answer17AVMCU / livemeeting calls17Removed restrictions17Lync Edge Server17Encrypted calls17Appendix 3 – Additional information18Reaching Cisco AM GW capacity18Bandwidth control18Call license usage18Endpoint specific configuration18Communicator for MAC18Document revision history19Size: 505 KBPages: 20Language: EnglishOpen manual
/en/manuals/1621640/Table of ContentsIntroduction4Prerequisites to setting up a Cisco AM GW5Required configuration information5Configuring the VCS6Enable transcoders (Cisco AM GWs) for the B2BUA6Specify the Cisco AM GWs6Configure the Cisco AM GWs as trusted hosts7Specify the Cisco AM GW routing policy7Configuring the Cisco AM GW9Network port A settings9DNS settings9Network services10System settings10Resource settings11Time12Proxies12Shut down and restart the Cisco AM GW13Lync client requirements and usage14PC requirements14Increasing the resolution of a Lync client call14Appendix 1: Troubleshooting15VCS and Lync15VCS search history and current calls15Lync client debug15Lync debug15VCS / Cisco AM GW15Cisco AM GW Event log15Cisco AM GW SIP log16Cisco AM GW CDRs16Check Cisco AM GW proxy configuration16Lync 2010 client receives VGA (640x480) rather than 720p resolution16Appendix 2: Known limitations17Restrictions17Duo Video17Simultaneous answer17AVMCU / livemeeting calls17Removed restrictions17Lync Edge Server17Encrypted calls17Appendix 3: Additional information18Reaching Cisco AM GW capacity18Bandwidth control18Call license usage18Endpoint specific configuration18Communicator for MAC18Document revision history19Size: 663 KBPages: 20Language: EnglishOpen manual
/en/manuals/1621635/Table of ContentsIntroduction4Prerequisites5Required configuration information5Configuring the Cisco VCS6Configure the neighbor zone to the Cisco AM GW6Configure Cisco VCS’s Advanced Media Gateway settings8Identify the Cisco AM GW zone and configure the Cisco AM GW policy8Cisco AM GW routing policy9What should I allow?10Configuring the Cisco AM GW11Network port A settings11Network services12System settings12Resource settings13Time13Proxies14Shut down and restart the Cisco AM GW14Requirements and usage of MOC15PC requirements15Increasing the resolution of a MOC call15Appendix 1 – Troubleshooting17Cisco VCS / OCS17Cisco VCS search history and Status > Calls17MOC debug17OCS debug17Cisco VCS / Cisco AM GW17Cisco VCS search history and Status > Calls17Cisco AM GW Event log17Cisco AM GW SIP log18Cisco AM GW CDRs18Appendix 2 – Known limitations19Call transfer19Multiway19Duo Video19Simultaneous answer19OCS Edge Server19Encrypted calls19AVMCU / livemeeting calls19Appendix 3 – Reaching Cisco AM GW capacity20Appendix 4 – Bandwidth control21Appendix 5 – Call license usage22Appendix 6 – Endpoint specific configuration23Size: 848 KBPages: 24Language: EnglishOpen manual
/en/manuals/1609741/Table of ContentsIntroduction4Prerequisites to setting up a Cisco AM GW5Required configuration information5Configuring the VCS6Enable transcoders (Cisco AM GWs) for the B2BUA6Specify the Cisco AM GWs6Configure the Cisco AM GWs as trusted hosts7Specify the Cisco AM GW routing policy7Configuring the Cisco AM GW9Network port A settings9DNS settings9Network services10System settings10Resource settings11Time12Proxies12Shut down and restart the Cisco AM GW13Lync client requirements and usage14PC requirements14Increasing the resolution of a Lync client call14Appendix 1: Troubleshooting15VCS and Lync15VCS search history and current calls15Lync client debug15Lync debug15VCS / Cisco AM GW15Cisco AM GW Event log15Cisco AM GW SIP log16Cisco AM GW CDRs16Check Cisco AM GW proxy configuration16Lync 2010 client receives VGA (640x480) rather than 720p resolution16Appendix 2: Known limitations17Restrictions17Duo Video17Simultaneous answer17AVMCU / livemeeting calls17Removed restrictions17Lync Edge Server17Encrypted calls17Appendix 3: Additional information18Reaching Cisco AM GW capacity18Bandwidth control18Call license usage18Endpoint specific configuration18Communicator for MAC18Document revision history19Size: 662 KBPages: 20Language: EnglishOpen manual
/en/manuals/1621633/Table of ContentsIntroduction4Prerequisites to setting up a Cisco AM GW5Required configuration information5Configuring the VCS6Enable transcoders (Cisco AM GWs) for the B2BUA6Specify the Cisco AM GWs6Configure the Cisco AM GWs as trusted hosts7Specify the Cisco AM GW routing policy7Configuring the Cisco AM GW9Network port A settings9DNS settings9Network services10System settings10Resource settings11Time12Proxies12Shut down and restart the Cisco AM GW13Lync client requirements and usage14PC requirements14Increasing the resolution of a Lync client call14Appendix 1: Troubleshooting15VCS and Lync15VCS search history and current calls15Lync client debug15Lync debug15VCS / Cisco AM GW15Cisco AM GW Event log15Cisco AM GW SIP log16Cisco AM GW CDRs16Check Cisco AM GW proxy configuration16Lync 2010 client receives VGA (640x480) rather than 720p resolution16Appendix 2: Known limitations17Restrictions17Duo Video17Simultaneous answer17AVMCU / livemeeting calls17Removed restrictions17Lync Edge Server17Encrypted calls17Appendix 3: Additional information18Reaching Cisco AM GW capacity18Bandwidth control18Call license usage18Endpoint specific configuration18Communicator for MAC18Document revision history19Size: 661 KBPages: 20Language: EnglishOpen manual
/en/manuals/1621631/Table of ContentsIntroduction3Prerequisites to Configuring a Cisco AM GW3Required Configuration Information4Configuring the VCS4Enable External Transcoders (Cisco AM GWs) for the B2BUA4Specify the Cisco AM GWs5Configure the Cisco AM GWs as Trusted Hosts5Define the Cisco AM GW Routing Policy6Configuring the Cisco AM GW7Network Port A Settings7DNS Settings7Network Services8System Settings9Resource Settings10Time11Proxies11Shut Down and Restart the Cisco AM GW12Media Paths and License Usage13Lync Client Call to a SIP Video Endpoint Through Cisco AM GW13Lync Client Call to H.323 Video Endpoint Through Cisco AM GW14Appendix 1: Troubleshooting15VCS and Lync15VCS / Cisco AM GW15Cisco AM GW Event Log15Cisco AM GW SIP Log15Cisco AM GW CDRs15Check Cisco AM GW Proxy Configuration15Lync 2010 Client Receives VGA (640x480) Rather than 720p Resolution16Appendix 2: Known Limitations16Restrictions16Removed Restrictions16Appendix 3: Additional Information16Reaching Cisco AM GW Capacity16Bandwidth Control16Call License Usage17Endpoint Specific Configuration17Communicator for Mac17Document Revision History17Cisco Legal Information19Cisco Trademark19Size: 650 KBPages: 20Language: EnglishOpen manual
/en/manuals/1621627/Table of ContentsIntroduction6Objectives and intended audience6Deployment scenario6Prerequisites8Clustered “OCS/Lync Gateway” VCS Control8Why add an “OCS/Lync Gateway” VCS Control?9“OCS/Lync gateway” and multiple OCS/Lync domains9Multiple “OCS/Lync gateway” per OCS/Lync domain10MCUs for ad-hoc conferences from OCS/Lync10Small test/demo networks10Scaling up from a small test/demo network10Features and capabilities with different versions of software10Cisco VCS X5.x, X6.x and X7.x (non-B2BUA mode) and OCS R2 and Lync 201011VCS X7.0 or later with B2BUA enabled and OCS R2 / Lync 201012Configuring VCS versions prior to X7.013Summary of configuration process13Different structures for OCS/Lync13Prerequisites prior to configuring Cisco VCS and OCS/Lync to interoperate18Video network: Enabling calls between endpoints registered on Cisco VCS Controls in the video network19Video network Cisco VCS Control configuration summary19Ensure that the SIP domain of VCS Control(s) in the video network are configured19OCS/Lync configuration19Registering endpoints to the video network19Endpoint configuration19Confirming registrations20Testing the configuration20Lync: Enabling calls between Lync clients registered on Lync Server21Lync: Cisco VCS Control configuration21Lync: Enabling users for Lync21Lync: Registering Lync clients to the Lync Server23Lync: Lync client configuration23Lync: Testing the configuration25OCS: Enabling calls between MOC clients registered on OCS26OCS: Cisco VCS Control configuration26OCS: OCS configuration summary26OCS: Create new users in Active Directory26OCS: Edit user properties to allow MOC usage28OCS: Registering MOC clients to the OCS28OCS: MOC client configuration28OCS: Testing the configuration31Enabling endpoints registered on the video network to call MOC/Lync clients registered on OCS/Lync32Video network: Cisco VCS Control configuration32Video network: Set up a neighbor zone to the “OCS/Lync gateway” VCS (cluster)32Video network: Set up a search rule to route calls to the OCS/Lync domain to the “OCS/Lync gateway” VCS (cluster)33Video network: Set up search rules to route calls to any domains supported on OCS/Lync (but not in the video network) to the “OCS/Lync gateway” VCS (cluster)34“OCS/Lync gateway”: VCS Control configuration (1)34“OCS/Lync gateway”: Generate and load private key, root certificate, and server certificate onto “OCS/Lync gateway” VCS Control (not needed if using a TCP connection)35“OCS/Lync gateway”: Set up the SIP domain of the “OCS/Lync gateway” VCS36“OCS/Lync gateway”: Configure DNS and local hostname36Configure the DNS server details36Ensure that Local hostname and DNS domain are configured37“OCS/Lync gateway”: Ensure that cluster name is configured38“OCS/Lync gateway”: Configure an NTP server38“OCS/Lync gateway”: Switch on TLS in SIP configuration38Lync: Lync Server configuration40Lync: Trust an “OCS/Lync Gateway” VCS (cluster)40Lync: configure Lync Server media encryption capabilities42OCS: OCS configuration43OCS: Allow (M)TLS or TCP connection to OCS43OCS: Configure OCS to trust the “OCS/Lync gateway” VCS(s)45OCS: Configure OCS media encryption capabilities47“OCS/Lync gateway” VCS Control configuration (2)49Configure the B2BUA on the “OCS/Lync gateway” VCS49Configure the B2BUA trusted hosts on the “OCS/Lync gateway” VCS52Set up a search rule to route calls to the shared OCS/Lync domain to OCS/Lync (via the B2BUA)52Set up a search rules to route calls to any other domains supported on OCS/Lync (but not in the video network) to OCS/Lync (via the B2BUA)53Testing the configuration54Enabling MOC/Lync clients registered on OCS/Lync Server to call endpoints registered on the video network55“OCS/Lync gateway” VCS Control configuration55Configure the “OCS/Lync gateway” VCS with a neighbor zone that contains the video network55Set up search rules to route calls with video network domains to the video network56OCS/Lync Active Directory configuration for FindMe users57Lync: Enable user for Lync58OCS: Enable for User OCS60“OCS/Lync gateway” VCS FindMe configuration61Login to each OCS/Lync client62Verify FindMe accounts are registered62Testing the configuration63Enabling MOC/Lync clients to see the presence status of endpoints registered on VCS Control64Cisco VCS configuration64Log in to the OCS/Lync client65Testing the configuration66Optional: MCUs67Configuration of Cisco VCS and Cisco MCUs67Adding a directly callable MCU67Adding an MCU using just the Autoattendant67Lync: Configure static routes to route MCU calls to the “OCS/Lync gateway” VCS67OCS: Configure static routes to route MCU calls to the “OCS/Lync gateway” VCS69Enabling Microsoft Edge Server and VCS TURN capabilities72Appendix 1 – Troubleshooting73Troubleshooting checklist for X7.x73Problems connecting Cisco VCS Control local calls73Check for errors74Tracing calls74Presence not observed as expected74Video endpoint reports that it does not support the MOC/Lync client SDP75TLS neighbor zone to OCS/Lync server is active, and messaging gets sent from VCS to OCS/Lync server, but OCS/Lync debug says OCS/Lync fails to open a connection to VCS75MOC/Lync client initiated call fails to connect75OCS/Lync responds to INVITE with ‘488 Not acceptable here’75Call connects but clears after about 30 seconds76Cisco VCS to OCS/Lync server calls fail – DNS server76Cisco VCS to OCS/Lync calls fail – Hardware Load Balancer76Media problems in calls involving external MOC/Lync clients connecting via an Edge server76RTP over TCP/UDP76ICE negotiation failure76One way media: MOC/Lync client ( endpoint registered to VCS77When using Microsoft Edge Server77X7.0 and later using B2BUA77X7.0 and earlier, non-B2BUA77When using a Hardware Load Balancer in front of OCS/Lync78OCS/Lync rejects VCS zone alive OPTIONS checks with ‘401 Unauthorized’ and INFO messages with ‘400 Missing Correct Via Header'78MOC/Lync client stays in ‘Connecting …’ state78Call to PSTN (via OCS/Lync PSTN gateway) or other devices requiring caller to be authorized fails with 404 not found78MOC/Lync clients try to register with VCS Expressway79B2BUA problems79B2BUA registration problems users fail to register79OCS/Lync problems79OCS running on Microsoft Server 2008 R279Problems with certificates79Appendix 2 – Debugging on OCS/Lync81Lync: Use of Lync Logging tool81OCS: Use of OCS Logging tool82Appendix 3 – Enable debug on MOC/Lync client84Enable debug on Lync client84Enable Debug on MOC84Appendix 4 – Known interoperating capabilities86SIP and H.323 endpoints making basic calls86Upspeeding from a voice call to a video call86Multiway generation of ad hoc conferences86MOC/Lync client accessing OCS/Lync server through Microsoft Edge Server86Appendix 5 – Known interoperating limitations87Video codecs87Video codec selection87B2BUA87Non-B2BUA87Changing the “pre-configured” SDP87Joining a MOC/Lync conference (AV MCU)87Upspeeding from a voice call to a video call88Microsoft Mediation Server88B2BUA88Non-B2BUA88VCS cluster calls to endpoints not registered using FindMe – such as MCU calls where MCU is in its own dedicated domain88OCS88Lync88Lync clients may lose or fail to receive video if B2BUA is not used89MOC/Lync client reports no audio device89Microsoft Server89OCS89Lync89Call forward from MOC/Lync to a VCS FindMe or endpoint results in a ‘loop detected’ call89FindMe Caller ID set to FindMe ID causes calls from MOC/Lync client to fail90Appendix 6 – B2BUA registration on “OCS/Lync gateway” VCSs91What does “Register FindMe users as clients” in OCS/Lync do?91Registered users with a cluster of Cisco VCSs92Configuring domains92Appendix 7 – B2BUA and AM GW integration93VCS configuration93Known limitations93Appendix 8 – TEL URI handling for Cisco VCS to OCS/Lync calls94Appendix 9 – Upgrading from non-B2BUA mode to B2BUA mode95Appendix 10 – IP port numbers96IP port numbers used between the B2BUA and OCS/Lync96IP port numbers used between the B2BUA and VCS Expressway hosting the TURN server96Appendix 11 – Media paths and license usage for calls through B2BUA97MOC/Lync client call to SIP video endpoint97MOC/Lync client call to H.323 video endpoint98MOC/Lync client call to a SIP video endpoint via AM gateway99MOC/Lync client call to H.323 video endpoint via AM gateway100An external MOC/Lync client calls an external video endpoint101An external MOC/Lync client calls an internal SIP video endpoint102Appendix 12 - Federation103Size: 2.92 MBPages: 104Language: EnglishOpen manual
/en/manuals/1621624/Table of ContentsIntroduction6Objectives and intended audience6Deployment scenario6Why add an “OCS Gateway” Cisco VCS Control?8Small test and demo networks?8Scaling up from a small test and demo network8Features and capabilities with different versions of software9Cisco VCS X4.2 or X4.3 and OCS R19Cisco VCS X4.2 or X4.3 and OCS R210Cisco VCS X5 or later and OCS R111As in X4:11Plus:11Cisco VCS X5 or later and OCS R211As in X4:11Plus:12Plus with X5.2:12Summary of configuration process12Different structures for OCS14Prerequisites prior to configuring Cisco VCS and OCS to interoperate16Enabling calls between endpoints registered on Cisco VCS Controls in the video network17Video network Cisco VCS Control configuration summary17Ensure that the SIP domain of Cisco VCS Control(s) in the video network are configured17Ensure that default links between the Cisco VCS Control’s zones are set up17OCS configuration18Registering endpoints to the Video Network18Endpoint configuration.18Confirming registrations18Testing the configuration18Enabling calls between MOC clients registered on OCS19Cisco VCS Control configuration19OCS configuration summary19Create new users in Active Directory19Edit user properties to allow MOC usage21Registering MOC clients to the OCS23MOC client configuration23Testing the configuration25Enabling endpoints registered on the video network to call MOC clients registered on OCS26Video network Cisco VCS Control configuration26Set up a neighbor zone to the “OCS gateway” Cisco VCS (cluster)26Set up a search rule to route calls with the OCS domain to the “OCS gateway” Cisco VCS (cluster).28“OCS gateway” Cisco VCS Control configuration (1)28Generate and load private key, root certificate, and server certificate onto “OCS gateway” Cisco VCS Control (Not needed if TCP connection is to be used)29Single server certificate that can be loaded into each cluster peer:29Server certificate for each Cisco VCS:29Load the certificates:29Set up the SIP domain of the “OCS gateway” Cisco VCS30Ensure that default links between the “OCS gateway” Cisco VCS Control’s zones are set up30Configure DNS details31Configure the DNS Server details31Ensure that Local hostname and DNS domain are configured31Ensure that cluster name is configured32Configure an NTP server33Switch on TLS in SIP configuration (not needed if TCP connection is to be used)33Set up H.323 (( SIP interworking33Set Call routed mode to Always34OCS configuration35Allow (M)TLS or TCP connection to OCS35Configure OCS to trust the “OCS gateway” Cisco VCS(s)38Configure static route(s) to route calls to the “OCS gateway” Cisco VCS(s)42Configure OCS to make media encryption optional44“OCS gateway” Cisco VCS Control configuration (2)46Configure the “OCS gateway” Cisco VCS with a neighbor zone that contains OCS46Set up a Search rule to select what gets routed to the OCS zone47If Hardware Load Balancers are used, set up neighbor zones on the “OCS gateway” Cisco VCS(s) to receive calls from OCS49Testing the configuration50Enabling MOC clients registered on OCS to call endpoints registered on the video network51”OCS gateway” Cisco VCS Control configuration51Configure the “OCS gateway” Cisco VCS with a neighbor zone that contains the video network51Set up one or more search rules to route calls with video network domains to the video network53OCS configuration53Testing the configuration54Enabling MOC clients to see the presence status of endpoints registered on Cisco VCS Control55Cisco VCS configuration55OCS configuration56Testing the configuration56OCS Relay configuration of “OCS gateway” Cisco VCS(s)57In which versions can I use OCS Relay?57What does OCS Relay do?57OCS Relay and a cluster of Cisco VCSs58Configure OCS Relay and FindMe™58Active Directory configuration58“OCS gateway” Cisco VCS Configuration60Verify FindMe™ accounts are registered63Testing the Configuration63Appendix 1 - Troubleshooting64Problems connecting Cisco VCS Control local calls64Look at Search History to check the applied transforms.64Look at ‘Call History’ to check how the call progressed64Check for errors65Event log65Real time detailed event log65Tracing calls65Tracing calls at SIP / H.323 level65Presence not observed as expected65Presence Server status65No presence being observed65MOC client fails to update status information66Check for errors66TLS Neighbor zone to OCS is active, and messaging gets sent from Cisco VCS to OCS, but OCS debug says OCS fails to open a connection to Cisco VCS.66OCS initiated call fails to connect66Call connects but clears after about 25 seconds66Cisco VCS to OCS calls fail – DNS Server66Cisco VCS to OCS calls fail - HLB66Calls between MOC and an endpoint that is not registered to the OCS gateway Cisco VCS clear shortly after connecting66One way media: MOC ( endpoint registered to Cisco VCS67When using Microsoft Edge Server67When using a Hardware Load Balancer in front of OCS67OCS rejects Cisco VCS zone alive OPTIONS checks with ‘401 Unauthorized’ and INFO messages with ‘400 Missing Correct Via Header'67MOC stays in ‘Connecting …’ state67No audio on audio call through an ISDN gateway67No video through an ISDN gateway68Call to PSTN or other device requiring caller to be authorized fails with 404 not found.68MOC endpoints try to register with Cisco VCS Expressway.68OCS Relay problems68OCS Relay FindMe™ users take a long time to register.68OCS Relay FindMe™ users fail to register.69Troubleshooting OCS Relay69OCS problems69OCS running on Microsoft Server 2008 R269OCS stops running after an upgrade69Problems with certificates69Appendix 2 – Known interoperating capabilities70SIP and H.323 endpoints making basic calls70Upspeeding from a voice call to a video call70Multiway™ generation of ad hoc conferences70Cisco VCS Cluster and OCS Relay70Appendix 3 – Benefits of using Cisco VCS with OCS71Separate management of video systems and PC based systems71Cisco VCS brings H.323 integration to OCS71Duo Video71Bandwidth management71FindMe™71Appendix 4 – Known interoperating limitations72Video codecs72Video codec selection72Joining a MOC conference (AV MCU)72Up-speeding from a voice call to a video call72MOC accessing OCS through Microsoft Edge Server72Microsoft Mediation Server73Using OCS R173Using OCS R273Cisco VCS Cluster without OCS Relay73No audio on audio call through an ISDN gateway73No video through an ISDN gateway73MOC receives no video if it holds and then resumes a call73DTMF74Microsoft Server74Call forward from MOC to a Cisco VCS FindMe™ or endpoint results in a ‘loop detected’ call.74FindMe™ Caller ID set to FindMeID causes calls from MOC to fail74Appendix 5 – Advanced parameters set by selecting zone profile ‘Microsoft Office Communications Server 2007’75Appendix 6 – Setting default codecs for H.323 to SIP calls76Codecs to be offered76Appendix 7 – Presence with and without transforms77OCS receiving Presence from non-OCS Relay FindMe™ entries, where there is no transform for Cisco VCS devices accessing OCS77OCS receiving Presence from non-OCS Relay FindMe™ entries, where there is a transform for Cisco VCS devices accessing OCS77Appendix 8 – TEL URI handling for Cisco VCS to OCS calls79Appendix 9 – Debugging on OCS80Use of OCS Logging tool80Appendix 10 – Enable Debug on MOC82Appendix 11 – Endpoint specific configuration83T15083MXP 1000, MXP 1700 and MXP 600083C20, C60 and C90 (including T1 and T3 systems)83E2083Cisco TelePresence Movi83Movi 283Movi 383Cisco TelePresence IP GW83Cisco TelePresence ISDN gateway83Other endpoints84Appendix 12 – Cisco TelePresence MCU configuration85MCU connectivity with OCS R1, OCS R2 and Cisco VCS85OCS Relay85Configuration of Cisco VCS and MCUs registered to Cisco VCS85Configuration of OCS to support MOC clients creating / joining ad hoc conferences85Appendix 13 – Cisco VCS and hardware load balancers in front of a bank of FEPS86Background86TLS connection87Responses directly from devices behind a Hardware Load Balancer88Authentication with TCP88Appendix 14 – Cisco VCS and Microsoft OCS Director89Background89Configuration90Configure the “OCS gateway” Cisco VCS(s)90Configure OCS Director90Configure OCS with an Edge Server90Appendix 15 – Cisco VCS and OCS voicemail91Video endpoints picking up voicemail from OCS91Size: 2.19 MBPages: 92Language: EnglishOpen manual
/en/manuals/1621621/Table of ContentsContents2Introduction6Objectives and intended audience6Deployment scenario6Clustered “OCS/Lync Gateway” VCS Control8Why add an “OCS/Lync Gateway” VCS Control?8“OCS/Lync gateway” and multiple OCS/Lync domains9Multiple “OCS/Lync gateway” per OCS/Lync domain9MCUs for ad-hoc conferences from OCS/Lync9Small test/demo networks10Scaling up from a small test/demo network10Features and capabilities with different versions of software10Cisco VCS X5.x, X6.x and X7.x (non-B2BUA mode) and OCS R2 and Lync 201010VCS X7.0 or later with B2BUA enabled and OCS R2 / Lync 201011Configuring VCS versions prior to X7.012Summary of configuration process12Different structures for OCS/Lync13Prerequisites prior to configuring Cisco VCS and OCS/Lync to interoperate17Video network: Check that calls between endpoints registered on VCS Controls in the video network operate as expected19Video network VCS Control configuration summary19Ensure that the SIP domain of video network endpoints is configured in the VCS Control(s) in the video network19OCS/Lync configuration19Registering video endpoints to the video network19Video endpoint configuration19Confirming registrations20Testing the configuration20Lync: Check that calls between Lync clients registered on Lync Server operate as expected21Lync: Cisco VCS Control configuration21Lync: Enabling users for Lync21Lync: Registering Lync clients to the Lync Server23Lync: Lync client configuration23Lync: Testing the configuration25OCS: Check that calls between MOC clients registered on OCS operate as expected26OCS: Cisco VCS Control configuration26OCS: OCS configuration summary26OCS: Create new users in Active Directory26OCS: Edit user properties to allow MOC usage28OCS: Registering MOC clients to the OCS28OCS: MOC client configuration28OCS: Testing the configuration31Enabling endpoints registered on the video network to call MOC/Lync clients registered on OCS/Lync32Video network: Cisco VCS Control configuration32Video network: Set up a neighbor zone to the “OCS/Lync gateway” VCS (cluster)32Video network: Set up a search rule to route calls to the OCS/Lync domain to the “OCS/Lync gateway” VCS (cluster)33Video network: Set up search rules to route calls to any domains supported on OCS/Lync (but not in the video network) to the “OCS/Lync gateway” VCS (cluster)34“OCS/Lync gateway” VCS Control configuration (part 1)34“OCS/Lync gateway”: Generate and load private key, CA certificate, and server certificate onto “OCS/Lync gateway” VCS Control (not needed if using a TCP connection)35“OCS/Lync gateway”: Set up the SIP domain of the “OCS/Lync gateway” VCS36“OCS/Lync gateway”: Configure DNS and local hostname36Configure the DNS server details36Ensure that Local hostname and DNS domain are configured37“OCS/Lync gateway”: Ensure that cluster name is configured38“OCS/Lync gateway”: Configure an NTP server38“OCS/Lync gateway”: Switch on TLS in SIP configuration38Lync: Lync Server configuration40Lync: Trust an “OCS/Lync Gateway” VCS (cluster)40Lync: configure Lync Server media encryption capabilities42OCS: OCS configuration43OCS: Allow (M)TLS or TCP connection to OCS43OCS: Configure OCS to trust the “OCS/Lync gateway” VCS(s)45OCS: Configure OCS media encryption capabilities47“OCS/Lync gateway” VCS Control configuration (part 2)49Configure the B2BUA on the “OCS/Lync gateway” VCS49Configure the B2BUA trusted hosts on the “OCS/Lync gateway” VCS52Set up a search rule to route calls to the shared OCS/Lync domain to OCS/Lync (via the B2BUA)52Set up a search rules to route calls to any other domains supported on OCS/Lync (but not in the video network) to OCS/Lync (via the B2BUA)53Testing the configuration54Enabling MOC/Lync clients registered on OCS/Lync Server to call endpoints registered on the video network55“OCS/Lync gateway” VCS Control configuration55Configure the “OCS/Lync gateway” VCS with a neighbor zone that contains the video network55Set up search rules to route calls with video network domains to the video network56OCS/Lync Active Directory configuration for FindMe users57Lync: Enable user for Lync58OCS: Enable for User OCS60“OCS/Lync gateway” VCS FindMe configuration61Login to each OCS/Lync client62Verify FindMe accounts are registered62Testing the configuration63Enabling MOC/Lync clients to see the presence status of endpoints registered on VCS Control64Cisco VCS configuration64Log in to the OCS/Lync client65Testing the configuration66Optional: MCUs67Configuration of Cisco VCS and Cisco MCUs67Adding a directly callable MCU67Adding an MCU using just the Autoattendant67Lync: Configure static routes to route MCU calls to the “OCS/Lync gateway” VCS67OCS: Configure static routes to route MCU calls to the “OCS/Lync gateway” VCS69Enabling Microsoft Edge Server and VCS TURN capabilities72Appendix 1 – Troubleshooting73Troubleshooting checklist for X7.x73Problems connecting Cisco VCS Control local calls73Check for errors74Tracing calls74Presence not observed as expected74Video endpoint reports that it does not support the MOC/Lync client SDP75TLS neighbor zone to OCS/Lync server is active, and messaging gets sent from VCS to OCS/Lync server, but OCS/Lync debug says OCS/Lync fails to open a connection to VCS75MOC/Lync client initiated call fails to connect75OCS/Lync responds to INVITE with ‘488 Not acceptable here’75From IP address76Encryption mismatch76Call connects but clears after about 30 seconds76Cisco VCS to OCS/Lync server calls fail – DNS server76Cisco VCS to OCS/Lync calls fail – Hardware Load Balancer76Media problems in calls involving external MOC/Lync clients connecting via an Edge server76RTP over TCP/UDP76ICE negotiation failure76One way media: MOC/Lync client ( endpoint registered to VCS77When using Microsoft Edge Server77X7.0 and later using B2BUA77X7.0 and earlier, non-B2BUA78When using a Hardware Load Balancer in front of OCS/Lync78OCS/Lync rejects VCS zone alive OPTIONS checks with ‘401 Unauthorized’ and INFO messages with ‘400 Missing Correct Via Header'78MOC/Lync client stays in ‘Connecting …’ state78Call to PSTN (via OCS/Lync PSTN gateway) or other devices requiring caller to be authorized fails with 404 not found79MOC/Lync clients try to register with VCS Expressway79B2BUA problems79B2BUA registration problems users fail to register79OCS/Lync problems79OCS running on Microsoft Server 2008 R280Problems with certificates80Appendix 2 – Debugging on OCS/Lync81Lync: Use of Lync Logging tool81OCS: Use of OCS Logging tool82Appendix 3 – Enable debug on MOC/Lync client84Enable debug on Lync client84Enable Debug on MOC84Appendix 4 – Known interoperating capabilities86SIP and H.323 endpoints making basic calls86Upspeeding from a voice call to a video call86Multiway generation of ad hoc conferences86MOC/Lync client accessing OCS/Lync server through Microsoft Edge Server86Appendix 5 – Known interoperating limitations87Video codecs87Video codec selection87B2BUA87Non-B2BUA87Changing the “pre-configured” SDP87Joining a MOC/Lync conference (AV MCU)87Upspeeding from a voice call to a video call88Microsoft Mediation Server88B2BUA88Non-B2BUA88VCS cluster calls to endpoints not registered using FindMe – such as MCU calls where MCU is in its own dedicated domain88OCS88Lync88Lync clients may lose or fail to receive video if B2BUA is not used89MOC/Lync client reports no audio device89Microsoft Server89OCS89Lync89Call forward from MOC/Lync to a VCS FindMe or endpoint results in a ‘loop detected’ call89FindMe Caller ID set to FindMe ID causes calls from MOC/Lync client to fail90Appendix 6 – B2BUA registration on “OCS/Lync gateway” VCSs91What does “Register FindMe users as clients” in OCS/Lync do?91Registered users with a cluster of Cisco VCSs92Configuring domains92Appendix 7 – B2BUA and AM GW integration93VCS configuration93Known limitations93Appendix 8 – TEL URI handling for Cisco VCS to OCS/Lync calls94Appendix 9 – Upgrading from non-B2BUA mode to B2BUA mode95Appendix 10 – IP port numbers96IP port numbers used between B2BUA and OCS/Lync96IP port numbers used between B2BUA and VCS Expressway hosting the TURN server96IP port numbers used with external Lync client96Appendix 11 – Media paths and license usage for calls through B2BUA97MOC/Lync client call to SIP video endpoint97MOC/Lync client call to H.323 video endpoint98MOC/Lync client call to a SIP video endpoint via AM gateway99MOC/Lync client call to H.323 video endpoint via AM gateway100An external MOC/Lync client calls an external video endpoint101An external MOC/Lync client calls an internal SIP video endpoint102Appendix 12 - Federation103Size: 3.01 MBPages: 104Language: EnglishOpen manual
/en/manuals/1621618/Table of ContentsIntroduction5Objectives and intended audience5Deployment scenario5Clustered “Lync gateway” VCS7Why add a “Lync gateway” VCS?7Features and capabilities8Summary of configuration objectives9Lync environments10Prerequisites prior to configuring VCS and Lync to interoperate14Benefits of using the B2BUA over legacy OCS Relay14Video network: check that calls between endpoints registered to VCS Controls ...15VCS Control configuration summary15Ensure SIP domain of video network endpoints is configured in the VCS Control15Optional. Configuring interworking for H.323 endpoints registered to other sy...15Lync configuration15Registering video endpoints to the video network16Video endpoint configuration16Confirming registrations16Testing the configuration16Check that calls between Lync clients registered on Lync Server operate as ex...17VCS Control configuration17Enabling users for Lync17Registering Lync clients to the Lync Server19Lync client configuration19Testing the configuration20Enabling endpoints registered on the video network to call clients registered...21Video network: VCS Control configuration21Video network: Set up a neighbor zone to the “Lync gateway” VCS21Video network: Set up a search rule to route calls to the Lync domain to the ...22Video network: Set up search rules to route calls to the “Lync gateway” VCS f...23“Lync gateway” VCS configuration (part 1)24“Lync gateway” VCS: Load CA certificate and server certificate (if using TLS ...24“Lync gateway” VCS: Configure DNS and local hostname25“Lync gateway” VCS: Ensure that cluster name is configured26“Lync gateway” VCS: Configure an NTP server26“Lync gateway” VCS: Ensure that TLS is enabled in SIP configuration26Lync Server configuration26Trust a “Lync gateway” VCS27Configure Lync Server media encryption capabilities29“Lync gateway” VCS configuration (part 2)29Configure the B2BUA on the “Lync gateway” VCS30Set up a search rule to route calls to the Lync domain to Lync31Set up search rules to route calls to any other domains supported on Lync (bu...32Testing the configuration33Enabling Lync clients registered on Lync Server to call endpoints registered ...34“Lync gateway” VCS configuration34Configuring the B2BUA trusted hosts on the “Lync gateway” VCS34Configuring the “Lync gateway” VCS with a neighbor zone that contains the vid...35Setting up search rules to route calls with video network domains to the vide...37Configuring Lync Server domain static routes38Configuring static routes to route calls to the “Lync gateway” VCS38Testing the configuration39Enabling Lync clients to see the presence of endpoints registered on VCS Control40VCS Control configuration40Lync gateway VCS configuration41Testing the configuration41Enabling Microsoft Edge Server and VCS TURN capabilities42Using FindMe for enhanced deployments43Deployment information43Prerequisites45Configuring the Lync gateway VCS for FindMe45Configure all the required SIP domains45Configure the B2BUA to register FindMe users to Lync45Enable FindMe and create FindMe user accounts for each user that is to share ...46Configuring Lync Active Directory for FindMe users47Testing the configuration50Enabling Lync clients to see the presence of endpoints registered on VCS Control50VCS Control configuration50“Lync gateway” VCS configuration52Lync client configuration53Log in to the Lync client53Appendix 1: Troubleshooting54Troubleshooting checklist54Problems connecting VCS Control local calls54Check for errors in the Event Log55Tracing calls55Presence not observed as expected55Video endpoint reports that it does not support the Lync client SDP56TLS neighbor zone to Lync Server is active and messaging is sent from VCS to ...56Lync client initiated call fails to connect56Lync responds to INVITE with ‘488 Not acceptable here’56Call connects but clears after about 30 seconds57Media problems in calls involving external Lync clients connecting via an Edg...57One way media: Lync client to VCS-registered endpoint58Lync rejects VCS zone OPTIONS checks with ‘401 Unauthorized’ and INFO message...59Lync client stays in ‘Connecting …’ state59Call to PSTN or other devices requiring caller to be authorized fails with 40...59Lync clients try to register with VCS Expressway59B2BUA problems60B2BUA users fail to register60B2BUA Lync Server status reports Unknown or Unknown failure60Lync problems60Problems with certificates60Appendix 2: Debugging on Lync61Use of Lync Server Logging Tool61Enabling debug on Lync client62Appendix 3: Interoperating capabilities and limitations63Known interoperating capabilities63SIP and H.323 endpoints making basic calls63Upspeeding from a voice call to a video call63Multiway generation of ad hoc conferences63Known interoperating limitations63Video codecs63MXP endpoints63Joining a Lync conference (AV MCU)64Upspeeding from a voice call to a video call64Microsoft Mediation Server64Cluster calls to endpoints not registered using FindMe65Lync client reports no audio device65Call forward from Lync to a VCS FindMe or endpoint results in a ‘loop detecte...65FindMe Caller ID set to FindMe ID causes calls from Lync client to fail65Appendix 4: Port reference66Appendix 5: Media paths and license usage for calls through B2BUA68Lync client call to SIP video endpoint68Lync client call to H.323 video endpoint68Lync client call to a SIP video endpoint via Cisco AM GW69Lync client call to H.323 video endpoint via Cisco AM GW70An external Lync client calls an external video endpoint71An external Lync client calls an internal SIP video endpoint72Appendix 6: Additional information73B2BUA registration on “Lync gateway” VCSs73What does “Register FindMe users as clients on Lync” do?73Configuring domains74B2BUA and Cisco AM GW integration74TEL URI handling for VCS to Lync calls74Document revision history75Size: 3.01 MBPages: 76Language: EnglishOpen manual
/en/manuals/1621615/Table of ContentsIntroduction5Objectives and intended audience5Deployment scenario5Clustered “Lync gateway” VCS7Why add a “Lync gateway” VCS?7Features and capabilities8Summary of configuration objectives9Lync environments10Prerequisites prior to configuring VCS and Lync to interoperate14Benefits of using the B2BUA over legacy OCS Relay14Video network: check that calls between endpoints registered to VCS Controls ...15VCS Control configuration summary15Ensure SIP domain of video network endpoints is configured in the VCS Control15Optional. Configuring interworking for H.323 endpoints registered to other sy...15Lync configuration15Registering video endpoints to the video network16Video endpoint configuration16Confirming registrations16Testing the configuration16Check that calls between Lync clients registered on Lync Server operate as ex...17VCS Control configuration17Enabling users for Lync17Registering Lync clients to the Lync Server19Lync client configuration19Testing the configuration20Enabling endpoints registered on the video network to call clients registered...21Video network: VCS Control configuration21Video network: Set up a neighbor zone from VCS Control to the Lync gateway VCS21Video network: Set up a search rule on VCS Control to route calls for the Lyn...23Video network: Set up search rules to route calls to the Lync gateway VCS for...23Lync gateway VCS configuration (part 1)24Lync gateway VCS: Load CA certificate and server certificate (if using TLS to...24Lync gateway VCS: Configure DNS and local hostname25Lync gateway VCS: Ensure that cluster name is configured26Lync gateway VCS: Configure an NTP server26Lync gateway VCS: Ensure that TLS is enabled in SIP configuration26Lync Server configuration26Trust a Lync gateway VCS27Configure Lync Server media encryption capabilities29Lync gateway VCS configuration (part 2)29Configure the B2BUA on the Lync gateway VCS30Set up a search rule to route calls to the Lync domain to Lync31Set up search rules to route calls to any other domains supported on Lync (bu...32Testing the configuration33Enabling Lync clients registered on Lync Server to call endpoints registered ...34“Lync gateway” VCS configuration34Configuring the B2BUA trusted hosts on the “Lync gateway” VCS34Configuring the “Lync gateway” VCS with a neighbor zone that contains the vid...35Setting up search rules to route calls with video network domains to the vide...37Configuring Lync Server domain static routes38Configuring static routes to route calls to the “Lync gateway” VCS38Testing the configuration39Enabling Lync clients to see the presence of endpoints registered on VCS Control40VCS Control configuration40Lync gateway VCS configuration41Testing the configuration41Enabling Microsoft Edge Server and VCS TURN capabilities42Using FindMe for enhanced deployments43Deployment information43Prerequisites45Configuring the Lync gateway VCS for FindMe45Configure all the required SIP domains45Configure the B2BUA to register FindMe users to Lync45Enable FindMe and create FindMe user accounts for each user that is to share ...46Configuring Lync Active Directory for FindMe users47Testing the configuration50Enabling Lync clients to see the presence of endpoints registered on VCS Control50VCS Control configuration50“Lync gateway” VCS configuration52Lync client configuration53Log in to the Lync client53Appendix 1: Federation54Solution overview54Configuring the directory VCS55Modifying the Lync static route configuration56Appendix 2: Troubleshooting57Troubleshooting checklist57Problems connecting VCS Control local calls57Check for errors in the Event Log58Tracing calls58Presence not observed as expected58Video endpoint reports that it does not support the Lync client SDP59TLS neighbor zone to Lync Server is active and messaging is sent from VCS to ...59Lync client initiated call fails to connect59Lync responds to INVITE with ‘488 Not acceptable here’59Call connects but clears after about 30 seconds60Media problems in calls involving external Lync clients connecting via an Edg...60One way media: Lync client to VCS-registered endpoint61Lync rejects VCS zone OPTIONS checks with ‘401 Unauthorized’ and INFO message...62Lync client stays in ‘Connecting …’ state62Call to PSTN or other devices requiring caller to be authorized fails with 40...62Lync clients try to register with VCS Expressway62B2BUA problems63B2BUA users fail to register63B2BUA Lync Server status reports Unknown or Unknown failure63Lync problems63Problems with certificates63Appendix 3: Debugging on Lync64Use of Lync Server Logging Tool64Enabling debug on Lync client65Appendix 4: Interoperating capabilities and limitations66Known interoperating capabilities66SIP and H.323 endpoints making basic calls66Upspeeding from a voice call to a video call66Maximum call resolution66Multiway generation of ad hoc conferences66Known interoperating limitations66Video codecs66MXP endpoints66Joining a Lync conference (AV MCU)67Upspeeding from a voice call to a video call67Microsoft Mediation Server67Cluster calls to endpoints not registered using FindMe68Lync client reports no audio device68Call forward from Lync to a VCS FindMe or endpoint results in a ‘loop detecte...68FindMe Caller ID set to FindMe ID causes calls from Lync client to fail68Appendix 5: Port reference70Appendix 6: Media paths and license usage for calls through B2BUA72Lync client call to SIP video endpoint72Lync client call to H.323 video endpoint72Lync client call to a SIP video endpoint via Cisco AM GW73Lync client call to H.323 video endpoint via Cisco AM GW74An external Lync client calls an external video endpoint75An external Lync client calls an internal SIP video endpoint76Appendix 7: Additional information77B2BUA registration on “Lync gateway” VCSs77What does “Register FindMe users as clients on Lync” do?77Configuring domains78B2BUA and Cisco AM GW integration78TEL URI handling for VCS to Lync calls78Document revision history79Size: 3.23 MBPages: 80Language: EnglishOpen manual
/en/manuals/1621613/Table of ContentsPreface2Change History2Introduction5Deployment Scope5What is the Gateway VCS and Why Should I Use It?5Recommendations5Deployment Components6Example Values in this Deployment7Features and Limitations7Voice and Video Calling8Screen Sharing8Lync Environment10Lync Client Versions10Lync Server Versions10Video Codecs11Presence11Conferencing11Configuration12Prerequisites12Lync Environment12Cisco Collaboration Environment12DNS Records12Configuration Overview14Enable Calls to Lync16Configure the Gateway VCS16Neighbor the VCS Control to the Gateway18Configure Lync Server Environment22Configure the B2BUA and Search Rules on the Gateway VCS25Test Calls from Internal Endpoint to Internal Lync Client28Enable Calls from Lync30Configure the B2BUA Trusted Hosts30Neighbor the Gateway VCS to the VCS Control31Configure Static Routes from Lync Server to Gateway VCS34Test Calls from Internal Lync Client to Internal Endpoint35Enable Calls from External Lync Clients36Activate the TURN Server on the VCS Expressway36Configure the Lync B2BUA to Offer TURN Services to External Lync Clients37Enable Screen Sharing from Lync37Prerequisites37Enable RDP Transcoding on the Gateway VCS37Test Screen Sharing from Lync38Show Presence of VCS-registered Endpoints to Lync Clients38Enable Presence User Agent on VCS Control39Test Presence40Media Paths and License Usage41Lync Client Call to SIP Video Endpoint41Lync Client Call to H.323 Video Endpoint42Off-site Lync Client Calls an External Video Endpoint43Off-site Lync Client Calls Internal SIP Video Endpoint44Port Reference46How Many Media Ports are Required on the Gateway VCS?47Appendix 1: Troubleshooting50Checklist50Tracing Calls50Lync Problems50Problems with Certificates51Problems Connecting VCS Control Local Calls51Presence Not Observed as Expected52Video Endpoint Reports that it does not Support the Lync Client SDP52Lync Cannot Open a TLS Connection to VCS52Lync Responds to INVITE with ‘488 Not acceptable here’52Call Connects but Drops After About 30 Seconds53Media Problems in Calls Involving External Lync clients Connecting via an Edg...53One Way Media: Lync Client to VCS-registered Endpoint54Lync Clients Try to Register with VCS Expressway54Call to PSTN (or Other Devices Requiring Caller to be Authorized) Fails With ...55Lync Rejects VCS Zone OPTIONS Checks with ‘401 Unauthorized’ and INFO Message...55B2BUA Problems55B2BUA Users Fail to Register55B2BUA Lync Server Status Reports Unknown or Unknown failure55Lync Client56Lync Client Stuck in ‘Connecting …’ State56Microsoft Mediation Server56Presentation Handover Fails in TelePresence Server Conference56Appendix 2: Extended Deployment Using FindMe58Deployment Information58Configuration Overview60Prerequisites60Task List60Configure the Gateway VCS62Create the Required SIP Domains on the Gateway VCS62Configure the B2BUA to Register FindMe Users to Lync62Configure FindMe and Create FindMe User Accounts for Users of Lync and VCS-re...63Configure Lync Active Directory for FindMe Users64Configure the VCS Control to Use the Gateway VCS for Presence65Disable the Presence Server on the VCS Control65Create a Search Rule to Route Messages to the Presence Server on the Gateway VCS65Configure the Presence Server on the Gateway VCS66Enable the Presence Server66Treat Presence Messages as Authenticated on the Neighbor Zone to the VCS Control67Configure the Lync Clients67Test Calls and Presence with Lync Clients67Verify FindMe Registrations67Test from Lync68Test Call-forking from Lync and From a VCS-registered Endpoint68Limitations of the FindMe Deployment68Appendix 3: Extended Lync Deployments69Clustered Gateway69Lync Environments69Multiple Lync Domains and Multiple Gateway VCSs73Appendix 4: Assistance with Prerequisite Tasks75Verify Calls Between VCS-registered Endpoints75VCS Control Configuration Summary75Register Video Endpoints to the Video Network75Test Calls76Verify Calls Between Lync Clients76Enable Users for Lync76Register Lync Clients to Lync Server76Test Calls77Appendix 5: Additional Information78B2BUA Registration on Gateway VCSs78What Does Register FindMe users as clients on Lync do?78Configuring Domains78B2BUA and Cisco AM GW Integration79TEL URI Handling for VCS to Lync Calls79Cisco Legal Information80Cisco Trademark80Size: 1.78 MBPages: 81Language: EnglishOpen manual
/en/manuals/1621609/Table of ContentsIntroduction6Objectives and intended audience6Deployment scenario6Clustered “Lync gateway” VCS8Why add a “Lync gateway” VCS?8Features and capabilities11Client support11Interoperability with different versions of Lync Server11Microsoft Lync B2BUA interoperating capabilities12Summary of configuration objectives12Lync environments13Prerequisites prior to configuring VCS and Lync to interoperate17Benefits of using the B2BUA over legacy OCS Relay17Video network: check that calls between endpoints registered to VCS Controls ...18VCS Control configuration summary18Ensure SIP domain of video network endpoints is configured in the VCS Control18Optional. Configuring interworking for H.323 endpoints registered to other sy...18Lync configuration18Registering video endpoints to the video network19Video endpoint configuration19Confirming registrations19Testing the configuration19Check that calls between Lync clients registered on Lync Server operate as ex...20VCS Control configuration20Enabling users for Lync20Registering Lync clients to the Lync Server22Lync client configuration22Testing the configuration23Enabling endpoints registered on the video network to call clients registered...24Video network: VCS Control configuration24Video network: Set up a neighbor zone from VCS Control to the Lync gateway VCS24Video network: Set up a search rule on VCS Control to route calls for the Lyn...26Video network: Set up search rules to route calls to the Lync gateway VCS for...26Lync gateway VCS configuration (part 1)27Lync gateway VCS: Load CA certificate and server certificate (if using TLS to...27Lync gateway VCS: Configure DNS and local hostname28Lync gateway VCS: Ensure that cluster name is configured29Lync gateway VCS: Configure an NTP server29Lync gateway VCS: Ensure that TLS is enabled in SIP configuration29Lync Server configuration29Trust a Lync gateway VCS30Configure Lync Server media encryption capabilities32Lync gateway VCS configuration (part 2)32Configure the B2BUA on the Lync gateway VCS33Set up a search rule to route calls to the Lync domain to Lync34Set up search rules to route calls to any other domains supported on Lync (bu...35Testing the configuration36Enabling Lync clients registered on Lync Server to call endpoints registered ...37“Lync gateway” VCS configuration37Configuring the B2BUA trusted hosts on the “Lync gateway” VCS37Configuring the “Lync gateway” VCS with a neighbor zone that contains the vid...38Setting up search rules to route calls with video network domains to the vide...40Configuring Lync Server domain static routes41Configuring static routes to route calls to the “Lync gateway” VCS41Testing the configuration42Enabling Lync clients to see the presence of endpoints registered on VCS Control43VCS Control configuration43Lync gateway VCS configuration44Testing the configuration44Enabling Microsoft Edge Server and VCS TURN capabilities45Using FindMe for enhanced deployments46Deployment information46Prerequisites48Configuring the Lync gateway VCS for FindMe48Configure all the required SIP domains48Configure the B2BUA to register FindMe users to Lync48Enable FindMe and create FindMe user accounts for each user that is to share ...49Configuring Lync Active Directory for FindMe users50Testing the configuration53Enabling Lync clients to see the presence of endpoints registered on VCS Control53VCS Control configuration53“Lync gateway” VCS configuration55Lync client configuration56Log in to the Lync client56Appendix 1: Federation57Solution overview57Configuring the directory VCS58Modifying the Lync static route configuration59Appendix 2: Troubleshooting60Troubleshooting checklist60Problems connecting VCS Control local calls60Check for errors in the Event Log61Tracing calls61Presence not observed as expected61Video endpoint reports that it does not support the Lync client SDP62TLS neighbor zone to Lync Server is active and messaging is sent from VCS to ...62Lync client initiated call fails to connect62Lync responds to INVITE with ‘488 Not acceptable here’62Call connects but clears after about 30 seconds63Media problems in calls involving external Lync clients connecting via an Edg...63One way media: Lync client to VCS-registered endpoint64Lync rejects VCS zone OPTIONS checks with ‘401 Unauthorized’ and INFO message...65Lync client stays in ‘Connecting …’ state65Call to PSTN or other devices requiring caller to be authorized fails with 40...65Lync clients try to register with VCS Expressway65B2BUA problems66B2BUA users fail to register66B2BUA Lync Server status reports Unknown or Unknown failure66Lync problems66Problems with certificates66Appendix 3: Debugging on Lync67Use of Lync Server Logging Tool67Enabling debug on Lync client68Appendix 4: Interoperating capabilities and limitations69Known interoperating capabilities69SIP and H.323 endpoints making basic calls69Upspeeding from a voice call to a video call69Maximum call resolution69Multiway generation of ad hoc conferences69Known interoperating limitations69Video codecs69MXP endpoints70Joining a Lync conference (AV MCU)70Upspeeding from a voice call to a video call70Microsoft Mediation Server70Cluster calls to endpoints not registered using FindMe71Lync client reports no audio device71Call forward from Lync to a VCS FindMe or endpoint results in a ‘loop detecte...71FindMe Caller ID set to FindMe ID causes calls from Lync client to fail71Appendix 5: Port reference73Appendix 6: Media paths and license usage for calls through B2BUA75Lync client call to SIP video endpoint75Lync client call to H.323 video endpoint75Lync client call to a SIP video endpoint via Cisco AM GW76Lync client call to H.323 video endpoint via Cisco AM GW77An external Lync client calls an external video endpoint78An external Lync client calls an internal SIP video endpoint79Appendix 7: Additional information80B2BUA registration on “Lync gateway” VCSs80What does “Register FindMe users as clients on Lync” do?80Configuring domains81B2BUA and Cisco AM GW integration81TEL URI handling for VCS to Lync calls81Document revision history82Size: 3.3 MBPages: 83Language: EnglishOpen manual
/en/manuals/1621606/Table of ContentsPreface2Change History2Introduction4Deployment Scope4What is the Gateway VCS and Why Should I Use It?4Recommendations4Deployment Components5Example Values in this Deployment6Features and Limitations7Lync Environment7Lync / Skype for Business Versions Supported in This Deployment7Voice and Video Calling8Screen Sharing9Video Codecs11Presence11Conferencing11Configuration13Prerequisites13Lync Environment13Cisco Collaboration Environment13DNS Records13Configuration Overview13Enable Calls to Lync15Configure the Gateway VCS15Neighbor the VCS Control to the Gateway17Configure Lync Server Environment21Configure the B2BUA and Search Rules on the Gateway VCS24Test Calls from Internal Endpoint to Internal Lync Client27Enable Calls from Lync28Configure the B2BUA Trusted Hosts28Neighbor the Gateway VCS to the VCS Control29Configure Static Routes from Lync Server to Gateway VCS31Test Calls from Internal Lync Client to Internal Endpoint32Enable Calls from External Lync Clients33Activate the TURN Server on the VCS Expressway33Configure the Lync B2BUA to Offer TURN Services to External Lync Clients34Enable Screen Sharing from Lync35Prerequisites35Enable RDP Transcoding on the Gateway VCS35Test Screen Sharing from Lync35Show Presence of VCS-registered Endpoints to Lync Clients36Enable Presence User Agent on VCS Control36Test Presence37Media Paths and License Usage38Lync Client Call to SIP Video Endpoint38Lync Client Call to H.323 Video Endpoint39Off-site Lync Client Calls an External Video Endpoint40Off-site Lync Client Calls Internal SIP Video Endpoint41Port Reference43How Many Media Ports are Required on the Gateway VCS?44Appendix 1: Troubleshooting46Checklist46Tracing Calls46Lync Problems46Problems with Certificates47Problems Connecting VCS Control Local Calls47Presence Not Observed as Expected48Video Endpoint Reports that it does not Support the Lync Client SDP48Lync Cannot Open a TLS Connection to VCS48Lync Responds to INVITE with ‘488 Not acceptable here’48Call Connects but Drops After About 30 Seconds49Media Problems in Calls Involving External Lync clients Connecting via an Edg...49One Way Media: Lync Client to VCS-registered Endpoint50Lync Clients Try to Register with VCS Expressway50Call to PSTN (or Other Devices Requiring Caller to be Authorized) Fails With ...51Lync Rejects VCS Zone OPTIONS Checks with ‘401 Unauthorized’ and INFO Message...51B2BUA Problems51B2BUA Users Fail to Register51B2BUA Lync Server Status Reports Unknown or Unknown failure51Lync Client52Lync Client Stuck in ‘Connecting …’ State52Microsoft Mediation Server52Presentation Handover Fails in TelePresence Server Conference52Appendix 2: Extended Deployment Using FindMe54Deployment Information54Configuration Overview56Prerequisites56Task List56Configure the Gateway VCS57Create the Required SIP Domains on the Gateway VCS57Configure the B2BUA to Register FindMe Users to Lync57Configure FindMe and Create FindMe User Accounts for Users of Lync and VCS-re...58Configure Lync Active Directory for FindMe Users59Configure the VCS Control to Use the Gateway VCS for Presence60Disable the Presence Server on the VCS Control60Create a Search Rule to Route Messages to the Presence Server on the Gateway VCS60Configure the Presence Server on the Gateway VCS61Enable the Presence Server61Treat Presence Messages as Authenticated on the Neighbor Zone to the VCS Control62Configure the Lync Clients62Test Calls and Presence with Lync Clients62Verify FindMe Registrations62Test from Lync63Test Call-forking from Lync and From a VCS-registered Endpoint63Limitations of the FindMe Deployment63Appendix 3: Extended Lync Deployments65Clustered Gateway65Lync Environments65Multiple Lync Domains and Multiple Gateway VCSs69Appendix 4: Assistance with Prerequisite Tasks71Verify Calls Between VCS-registered Endpoints71VCS Control Configuration Summary71Register Video Endpoints to the Video Network71Test Calls72Verify Calls Between Lync Clients72Enable Users for Lync72Register Lync Clients to Lync Server72Test Calls73Appendix 5: Additional Information74B2BUA Registration on Gateway VCSs74What Does Register FindMe users as clients on Lync do?74Configuring Domains74B2BUA and Cisco AM GW Integration75TEL URI Handling for VCS to Lync Calls75Cisco Legal Information76Cisco Trademark76Size: 1.79 MBPages: 76Language: EnglishOpen manual
/en/manuals/1621571/Table of ContentsDocument revision history3Introduction4Objectives and intended audience4Deployment scenario4Summary of configuration process4Cisco VCS setup for CUC integration5Cisco TMS setup for CUC integration8TMS Agent Legacy provisioning mode8TMS Provisioning Extension provisioning mode9CUC setup11Supplementary information16FindMe16Integrating CUC with a Cisco VCS cluster17Message Waiting Indicator to alphanumeric extensions17Endpoint specific considerations17Size: 478 KBPages: 18Language: EnglishOpen manual
/en/manuals/1621570/Table of ContentsIntroduction6Objectives and intended audience6Deployment scenario6Why add a “Lync Gateway” Cisco VCS Control?8Small test and demo networks?8Scaling up from a small test and demo network9Features and capabilities9Cisco VCS X6.1 and Lync Server 20109Summary of configuration process10Different structures for Lync Server11Prerequisites prior to configuring Cisco VCS and Lync Server to interoperate13Enabling calls between endpoints registered on Cisco VCS Controls in the video network14Video network Cisco VCS Control configuration summary14Ensure that the SIP domain of Cisco VCS Control(s) in the video network are configured14Ensure that default links between the Cisco VCS Control’s zones are set up14Lync Server configuration15Registering endpoints to the Video Network15Endpoint configuration.15Confirming registrations15Testing the configuration15Enabling calls between Lync clients registered on Lync Server16Cisco VCS Control configuration16Enabling users for Lync17Registering Lync clients to the Lync Server19Lync client configuration19Testing the configuration21Enabling endpoints registered on the video network to call Lync clients registered on Lync Server22Video network Cisco VCS Control configuration22Set up a neighbor zone to the “Lync gateway” Cisco VCS (cluster)22Set up a search rule to route calls with the Lync Server domain to the “Lync gateway” Cisco VCS (cluster).23“Lync gateway” Cisco VCS Control configuration (1)24Generate and load private key, root certificate, and server certificate onto “Lync gateway” Cisco VCS Control (not needed if TCP connection is used)24Single server certificate that can be loaded into each cluster peer:25Server certificate for each Cisco VCS:25Load the certificates:25Set up the SIP domain of the “Lync Gateway” Cisco VCS25Ensure that default links between the “Lync gateway” Cisco VCS Control’s zones are set up26Configure DNS details26Configure the DNS Server details26Ensure that Local hostname and DNS domain are configured27Ensure that cluster name is configured27Configure an NTP server28Switch on TLS in SIP configuration (not needed if TCP connection is used)28Set up H.323 (( SIP interworking29Set Call routed mode to Always29Lync Server configuration30Trust a Lync Gateway VCS and assign a static route on Lync Server30Configure Lync Server to make media encryption optional33Lync gateway” Cisco VCS Control configuration (2)34Configure the “Lync gateway” Cisco VCS with a neighbor zone that contains Lync Server34Set up a search rule to select what gets routed to the Lync Server zone35If Hardware Load Balancers or Lync Directors are used, set up neighbor zones on the “Lync gateway” Cisco VCS(s) to receive calls from Lync FEPs36Testing the configuration38Enabling Lync clients registered on Lync Server to call endpoints registered on the video network39“Lync gateway” Cisco VCS Control configuration39Configure the “Lync gateway” Cisco VCS with a neighbor zone that contains the video network39Set up one or more search rules to route calls with video network domains to the video network40Lync Server configuration41Testing the configuration41Enabling Lync clients to see presence status of endpoints registered on Cisco VCS Control42Cisco VCS configuration42Lync Server configuration43Testing the configuration43OCS Relay configuration of “Lync Gateway” Cisco VCS(s)44What does OCS Relay do?44OCS Relay and a cluster of Cisco VCSs45Configure OCS Relay and FindMe™45Active Directory configuration45“Lync gateway” Cisco VCS Configuration48Verify FindMe™ accounts are registered51Testing the Configuration51Appendix 1 - Troubleshooting52Problems connecting Cisco VCS Control local calls52Look at Search History to check the applied transforms.52Look at ‘Call History’ to check how the call progressed52Check for errors53Event Log53Real time detailed event log53Tracing calls53Tracing calls at SIP / H.323 level53Presence not observed as expected53Presence Server status53No presence being observed54Lync client fails to update status information54Check for errors54TLS Neighbor zone to Lync Server is active, and messaging gets sent from Cisco VCS to Lync Server , but Lync Server debug says Lync Server fails to open a connection to Cisco VCS.54Lync Server initiated call fails to connect54Call connects but clears after about 25 seconds54Cisco VCS to Lync Server calls fail – DNS Server54Cisco VCS to Lync Server calls fail - HLB54Calls between Lync and an endpoint that is not registered to the Lync Server gateway Cisco VCS clear shortly after connecting55One way media: Lync ( endpoint registered to Cisco VCS55When using Microsoft Edge Server55When using a Hardware Load Balancer in front of Lync Server55Lync Server rejects Cisco VCS zone alive OPTIONS checks with ‘401 Unauthorized’ and INFO messages with ‘400 Missing Correct Via Header'55Lync Server stays in ‘Connecting …’ state55No audio on audio call through an ISDN gateway55No video through an ISDN gateway56Call to PSTN or other device requiring caller to be authorized fails with 404 not found.56Lync endpoints try to register with Cisco VCS Expressway.56OCS Relay problems56OCS Relay FindMe™ users take a long time to register.56OCS Relay FindMe™ users fail to register.57Troubleshooting OCS Relay57Lync Server problems57Lync Server stops running after an upgrade57Problems with certificates57Appendix 2 – Known interoperating capabilities58SIP and H.323 endpoints making basic calls58Upspeeding from a voice call to a video call58Multiway™ generation of ad hoc conferences58Cisco VCS Cluster and OCS Relay58Appendix 3 – Benefits of using Cisco VCS with Lync Server59Separate management of video systems and PC based systems59Cisco VCS brings H.323 integration to Lync Server59Duo Video59Bandwidth management59FindMe™59Appendix 4 – Known interoperating limitations60Video codecs60Video codec selection60Joining a MOC conference (AV MCU)60Up-speeding from a voice call to a video call60Lync clients accessing Lync Server through Microsoft Edge Server60Microsoft Mediation Server60Using Lync Server60Cisco VCS Cluster without OCS Relay61No audio on audio call through an ISDN gateway61Lync client receives no video if it holds and then resumes a call61Microsoft Server61Call forward from Lync to a Cisco VCS FindMe or endpoint results in a ‘loop detected’ call.62FindMe Caller ID set to FindMe ID causes calls from Lync to fail62Appendix 5 – Advanced parameters set by selecting zone profile ‘Microsoft Office Communications Server 2007’63Appendix 6 – Setting default codecs for H.323 to SIP calls64Codecs to be offered64Appendix 7 – Presence with and without transforms65Lync Server receiving Presence from non-OCS Relay FindMe™ entries, where there is no transform for Cisco VCS devices accessing Lync Server65Lync Server receiving Presence from non-OCS Relay FindMe™ entries, where there is a transform for Cisco VCS devices accessing Lync Server65Appendix 8 – TEL URI handling for Cisco VCS to Lync Server calls67Appendix 9 – Debugging on Lync Server68Use of Lync Server Logging tool68Appendix 10 – Enable Debug on Lync70Appendix 11 – Endpoint specific configuration71T15071MXP 1000, MXP 1700, MXP 3000 and MXP 600071C20, C40, C60 and C90 (including T1 and T3 systems)71EX60 and EX9071E2071Cisco TelePresence Movi71Movi 271Movi 3 and Movi 471Cisco TelePresence IP GW71Cisco TelePresence ISDN gateway72Other endpoints72Appendix 12 – Cisco TelePresence MCU configuration73MCU connectivity with Lync Server and Cisco VCS73OCS Relay73Configuration of Cisco VCS and MCUs registered to Cisco VCS73Configuration of Lync Server to support Lync clients creating / joining ad hoc conferences73Appendix 13 – Cisco VCS and hardware load balancers in front of a bank of FEPs74Background74TLS connection77Responses directly from devices behind a Hardware Load Balancer77Authentication with TCP77Appendix 14 – Cisco VCS and Microsoft Lync Director78Background78Configuration79Configure the “Lync Gateway” Cisco VCS(s)79Configure Lync Director79Appendix 15 – Cisco VCS and Lync Server voicemail80Video endpoints picking up voicemail from Lync Server80Size: 3.87 MBPages: 81Language: EnglishOpen manual
/en/manuals/1609743/Table of ContentsContents2Introduction3Objectives and intended audience3Deployment scenario3Summary of configuration process3Cisco VCS setup for CUC integration4Cisco TMS setup for CUC integration7TMS Agent Legacy provisioning mode7TMS Provisioning Extension provisioning mode8CUC setup10Supplementary information15FindMe15Integrating CUC with a Cisco VCS cluster16Message Waiting Indicator to alphanumeric extensions16Endpoint specific considerations16Document revision history17Size: 491 KBPages: 18Language: EnglishOpen manual
/en/manuals/1621505/Table of ContentsIntroduction3Objectives and intended audience3Deployment scenario3Summary of configuration process3Configuring VCS for CUC integration4Configuring Cisco TMS for CUC integration7Configuring CUC9Supplementary information14FindMe14Integrating CUC with a VCS cluster14Message Waiting Indicator to alphanumeric extensions14Endpoint specific considerations15Document revision history16Size: 564 KBPages: 17Language: EnglishOpen manual
/en/manuals/1609744/Table of ContentsIntroduction3Objectives and intended audience3Deployment scenario3Summary of configuration process3Configuring VCS for CUC integration4Configuring Cisco TMS for CUC integration7Configuring CUC9Supplementary information14FindMe14Integrating CUC with a VCS cluster14Message Waiting Indicator to alphanumeric extensions14Endpoint specific considerations15Document revision history16Size: 560 KBPages: 17Language: EnglishOpen manual
/en/manuals/1621500/Table of ContentsIntroduction3Objectives and Intended Audience3Deployment Scenario3Summary of Configuration Process3Configuring VCS for CUC Integration4Configuring Cisco TMS for CUC Integration7Configuring CUC9Supplementary information14FindMe14Integrating CUC with a VCS Cluster14Message Waiting Indicator to Alphanumeric Extensions14Endpoint-specific Considerations15Document Revision History16Cisco Legal Information16Cisco Trademark17Size: 526 KBPages: 17Language: EnglishOpen manual
/en/manuals/1621501/Table of ContentsIntroduction3Objectives and intended audience3Deployment scenario3Summary of configuration process3Configuring VCS for CUC integration4Configuring Cisco TMS for CUC integration7Configuring CUC9Supplementary information14FindMe14Integrating CUC with a VCS cluster14Message Waiting Indicator to alphanumeric extensions14Endpoint specific considerations15Document revision history16Size: 559 KBPages: 17Language: EnglishOpen manual
/en/manuals/1621497/Table of ContentsDocument revision history5Introduction6Objectives and intended audience6Deployment scenario6Summary of configuration process7Prerequisites for system configuration7Enabling calls between endpoints registered on the Cisco VCS Control8Cisco VCS Control configuration8Set up the SIP domain of the Cisco VCS Control8Check the Traversal Subzone configuration9Create transforms9To create the first transform:10To create the second transform:10CUCM configuration11Registering endpoints to the Cisco VCS Control11Endpoint configuration11Confirming registrations11Test calls11Enabling calls between endpoints registered on CUCM12Cisco VCS Control configuration12CUCM configuration12Configure the SIP Profile12Add a phone device14Device directory number configuration14Configure phone endpoint to pick up its configuration from CUCM15Confirming registrations15Test calls15Enabling endpoints registered on the Cisco VCS Control to call endpoints registered on CUCM16CUCM configuration16Configure the SIP Trunk security profile16Configure the SIP Trunk device17Cisco VCS Control configuration19Create a neighbor zone for CUCM20Create a search rule to route calls to the CUCM neighbor zone21Create a transform that converts number@<IP address of cucm> to number@vcs.domain22Test calls23Enabling endpoints registered on CUCM to call endpoints registered on the Cisco VCS Control24Cisco VCS Control configuration24Set up a search rule for CUCM to call the Cisco VCS Local Zone24CUCM configuration26Allow numeric dialing from Cisco phones to Cisco VCS26Test calls27Appendix 1 – Troubleshooting28Problems connecting Cisco VCS Control local calls28Look at “Search history” to check the applied transforms28Look at “Call history” to check how the call progressed29Check for errors29Event Log29Real time detailed event log29Tracing calls29Tracing calls at SIP / H.323 level29H.323 to SIP CUCM calls do not work29422 Session Timer too small29Cisco VCS Reports SIP decode error30CUCM 5 and 630CUCM 731In-call problems31Calls remain up for a maximum of 15 minutes.31Calls clear down when a call transfer from a video phone on CUCM transfers a call to Cisco VCS31Taking a trace on CUCM using RTMT31Configure CUCM to enable tracing31Installing RTMT – Real Time Monitoring Tool31Running RTMT32Taking a trace using RTMT32Appendix 2 – Known interworking capabilities and limitations33Capabilities33SIP and H.323 endpoints making basic calls33Limitations33E20 encryption33T150 running L6.0 code33H.323 MXP and 997133Appendix 3 – Benefits of using Cisco VCS with CUCM34Separate management and operation of video systems and CUCM telephony systems34Duo Video34Bandwidth management34FindMe™34Appendix 4 – Allow dialing to Cisco VCS domain from Cisco phones35Appendix 5 – Connecting CUCM to a cluster of Cisco VCS peers36Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster36Configuring the trunk to VCS to specify a list of VCS peers37Appendix 6 – Connecting Cisco VCS to a cluster of CUCM nodes39Configuration for Cisco VCS to use a DNS Zone to contact a cluster of CUCM nodes39CUCM configuration39DNS Server configuration39Cisco VCS Control configuration39Create a CUCM DNS zone39Adjust search rule40Delete the old CUCM neighbor zone41Appendix 7 – Cisco TelePresence Multiway™ and CUCM42Appendix 8 – Endpoint specific configuration43T150 running L6.x43Other products43Appendix 9 – Advanced parameters set by the “Cisco Unified Communications Manager” zone profile44Appendix 10 – CUCM 5 incompatibility45Appendix 11 – Connecting Cisco VCS to CUCM using TLS (rather than TCP)46Ensure that CUCM trusts the Cisco VCS server certificate46Configure a SIP trunk security profile on CUCM47Update the CUCM trunk to Cisco VCS to use TLS47Update the Cisco VCS neighbor zone to CUCM to use TLS48Verify that the TLS connection is operational48Appendix 12 – Characters allowed in SIP URIs49Size: 1.13 MBPages: 50Language: EnglishOpen manual
/en/manuals/1621409/Table of ContentsDocument revision history5Introduction6Objectives and intended audience6Deployment scenario6Summary of configuration process7Prerequisites for system configuration7Enabling calls between endpoints registered on the Cisco VCS Control8Cisco VCS Control configuration8Set up the SIP domain of the Cisco VCS Control8Check the Traversal Subzone configuration9Create transforms9To create the first transform:10To create the second transform:10CUCM configuration11Registering endpoints to the Cisco VCS Control11Endpoint configuration11Confirming registrations11Test calls11Enabling calls between endpoints registered on CUCM12Cisco VCS Control configuration12CUCM configuration12Configure the SIP Profile12Add a phone device14Device directory number configuration14Configure phone endpoint to pick up its configuration from CUCM14Confirming registrations15Test calls15Enabling endpoints registered on Cisco VCS Control to call endpoints registered on CUCM16CUCM configuration16Configure the SIP Trunk security profile16Configure the SIP Trunk device17Cisco VCS Control configuration20Create a neighbor zone for CUCM20Create a search rule to route calls to the CUCM neighbor zone21Create a transform that converts number@<IP address of cucm> to number@vcs.domain23Test calls23Enabling endpoints registered on CUCM to call endpoints registered on the Cisco VCS Control24Cisco VCS Control configuration24Set up a search rule for CUCM to call the Cisco VCS Local Zone24CUCM configuration26Allow numeric dialing from Cisco phones to Cisco VCS26Test calls27Appendix 1 – Troubleshooting28Problems connecting Cisco VCS Control local calls28Look at “Search history” to check the applied transforms28Look at “Call history” to check how the call progressed29Check for errors29Event Log29Real time detailed event log29Tracing calls29Tracing calls at SIP / H.323 level29H.323 to SIP CUCM calls do not work29422 Session Timer too small29Cisco VCS reports SIP decode error30CUCM 5 and 630CUCM 731In-call problems31Calls remain up for a maximum of 15 minutes.31Calls clear down when a call transfer from a video phone on CUCM transfers a call to Cisco VCS31Taking a trace on CUCM using RTMT31Configure CUCM to enable tracing31Installing RTMT – Real Time Monitoring Tool31Running RTMT32Taking a trace using RTMT32Appendix 2 – Known interworking capabilities and limitations33Capabilities33SIP and H.323 endpoints making basic calls33Limitations33E20 encryption33T150 running L6.0 code33H.323 MXP and 997133Appendix 3 – Benefits of using Cisco VCS with CUCM34Separate management and operation of video systems and CUCM telephony systems34Duo Video34Bandwidth management34FindMe™34Appendix 4 – Allow dialing to Cisco VCS domain from Cisco phones35Appendix 5 – Connecting CUCM to a cluster of Cisco VCS peers36Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster36Configuring the trunk to VCS to specify a list of VCS peers37Appendix 6 – Connecting Cisco VCS to a cluster of CUCM nodes38Configuration for Cisco VCS to use a DNS Zone to contact a cluster of CUCM nodes38CUCM configuration38DNS Server configuration38Cisco VCS Control configuration38Create a CUCM DNS zone38Adjust search rule39Delete the old CUCM neighbor zone40Appendix 7 – Cisco TelePresence Multiway™ and CUCM41Appendix 8 – Endpoint specific configuration42T150 running L6.x42Other products42Appendix 9 – Advanced parameters set by the “Cisco Unified Communications Manager” zone profile43Appendix 10 – CUCM 5 incompatibility44Appendix 11 – Connecting Cisco VCS to CUCM using TLS (rather than TCP)45Ensure that CUCM trusts the Cisco VCS server certificate45Configure a SIP trunk security profile on CUCM45Update the CUCM trunk to Cisco VCS to use TLS46Update the Cisco VCS neighbor zone to CUCM to use TLS46Verify that the TLS connection is operational47Appendix 12 – Characters allowed in SIP URIs48Size: 1.16 MBPages: 49Language: EnglishOpen manual
/en/manuals/1621407/Table of ContentsDocument revision history5Introduction6Objectives and intended audience6Deployment scenario6Summary of configuration process7Prerequisites for system configuration7Enabling calls between endpoints registered on the Cisco VCS Control8Cisco VCS Control configuration8Set up the SIP domain of the Cisco VCS Control8Check the Traversal Subzone configuration9Create transforms9To create the first transform:10To create the second transform:10CUCM configuration11Registering endpoints to the Cisco VCS Control11Endpoint configuration11Confirming registrations11Test calls11Enabling calls between endpoints registered on CUCM12Cisco VCS Control configuration12CUCM configuration12Configure the SIP Profile12Add a phone device14Device directory number configuration14Configure phone endpoint to pick up its configuration from CUCM14Confirming registrations15Test calls15Enabling endpoints registered on Cisco VCS Control to call endpoints registered on CUCM16CUCM configuration16Configure the SIP Trunk security profile16Configure the SIP Trunk device17Cisco VCS Control configuration20Create a neighbor zone for CUCM20Create a search rule to route calls to the CUCM neighbor zone21Create a transform that converts number@<IP address of cucm> to number@vcs.domain23Test calls23Enabling endpoints registered on CUCM to call endpoints registered on the Cisco VCS Control24Cisco VCS Control configuration24Set up a transform for CUCM to call the Cisco VCS Local and Neighbor Zones24Ensure that VCS stays in the signaling path for calls with CUCM25CUCM configuration26Allow numeric dialing from Cisco phones to Cisco VCS26Test calls27Advanced configuration28CUCM SIP Max Incoming Message Size28Appendix 1 – Troubleshooting29Problems connecting Cisco VCS Control local calls29Look at “Search history” to check the applied transforms29Look at “Call history” to check how the call progressed30Check for errors30Event Log30Tracing calls30H.323 to SIP CUCM calls do not work30422 Session Timer too small30Cisco VCS reports SIP decode error31CUCM 5 and 631CUCM 731Call failures with Cisco TelePresence Server31In-call problems32Calls remain up for a maximum of 15 minutes.32Calls clear down when a call transfer from a video phone on CUCM transfers a call to Cisco VCS32Failure to join a CUCM endpoint to a conference using Multiway32Taking a trace on CUCM using RTMT32Configure CUCM to enable tracing32Installing RTMT – Real Time Monitoring Tool32Running RTMT33Taking a trace using RTMT33Appendix 2 – Known interworking capabilities and limitations34Capabilities34SIP and H.323 endpoints making basic calls34Cisco TelePresence Conductor34Limitations34E20 encryption34T150 running L6.0 code34H.323 MXP and 997134Appendix 3 – Allow dialing to Cisco VCS domain from Cisco phones35Appendix 4 – Connecting CUCM to a cluster of Cisco VCS peers36Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster36Configuring the trunk to Cisco VCS to specify a list of VCS peers37Appendix 5 – Connecting Cisco VCS to a cluster of CUCM nodes39Option 1: Using a single neighbor zone39CUCM configuration39Cisco VCS Control configuration39Update neighbor zone39Option 2: Using a DNS zone40CUCM configuration40DNS server configuration40Cisco VCS Control configuration40Create a CUCM DNS zone40Adjust search rule41Delete the old CUCM neighbor zone42Option 3: Using multiple neighbor zones43Cisco VCS Control configuration43Replicate neighbor zone43Replicate search rule43Appendix 6 – Cisco TelePresence Multiway and CUCM44VCS configuration44CUCM configuration44Appendix 7 – Endpoint specific configuration45T150 running L6.x45Other products45Appendix 8 – Parameters set by the ‘Cisco Unified Communications Manager’ Advanced Zone profile46Appendix 9 – CUCM 5 incompatibility47Appendix 10 – Connecting Cisco VCS to CUCM using TLS (rather than TCP)48Ensure that CUCM trusts the Cisco VCS server certificate48Configure a SIP trunk security profile on CUCM49Update the CUCM trunk to Cisco VCS to use TLS49Update the VCS neighbor zone to CUCM to use TLS50Verify that the TLS connection is operational50Network of VCSs50Appendix 11 – Characters allowed in SIP URIs51Appendix 12 – Enabling BFCP – Dual video/presentation sharing52VCS configuration52CUCM configuration52Size: 1.34 MBPages: 53Language: EnglishOpen manual
/en/manuals/1621403/Table of ContentsDocument revision history5Introduction6Objectives and intended audience6Deployment scenario6Summary of configuration process7Prerequisites for system configuration7Enabling calls between endpoints registered on the Cisco VCS Control8Cisco VCS Control configuration8Set up the SIP domain of the Cisco VCS Control8Check the Traversal Subzone configuration9Create transforms9To create the first transform:10To create the second transform:10CUCM configuration11Registering endpoints to the Cisco VCS Control11Endpoint configuration11Confirming registrations11Test calls11Enabling calls between endpoints registered on CUCM12Cisco VCS Control configuration12CUCM configuration12Configure the SIP Profile12Add a phone device14Device directory number configuration14Configure phone endpoint to pick up its configuration from CUCM14Confirming registrations15Test calls15Enabling endpoints registered on Cisco VCS Control to call endpoints registered on CUCM16CUCM configuration16Configure the SIP Trunk security profile16Configure the SIP Trunk device17Cisco VCS Control configuration20Create a neighbor zone for CUCM20Create a search rule to route calls to the CUCM neighbor zone21Create a transform that converts number@<IP address of cucm> to number@vcs.domain23Test calls23Enabling endpoints registered on CUCM to call endpoints registered on the Cisco VCS Control24Cisco VCS Control configuration24Set up a search rule for CUCM to call the Cisco VCS Local Zone24Ensure that VCS stays in the signaling path for calls with CUCM25CUCM configuration26Allow numeric dialing from Cisco phones to Cisco VCS26Test calls27Advanced configuration28CUCM SIP Max Incoming Message Size28Appendix 1 – Troubleshooting29Problems connecting Cisco VCS Control local calls29Look at “Search history” to check the applied transforms29Look at “Call history” to check how the call progressed30Check for errors30Event Log30Real time detailed event log30Tracing calls30Tracing calls at SIP / H.323 level30H.323 to SIP CUCM calls do not work30422 Session Timer too small30Cisco VCS reports SIP decode error31CUCM 5 and 631CUCM 732Call failures with Cisco TelePresence Server32In-call problems32Calls remain up for a maximum of 15 minutes.32Calls clear down when a call transfer from a video phone on CUCM transfers a call to Cisco VCS32Failure to join a CUCM endpoint to a conference using Multiway32Taking a trace on CUCM using RTMT32Configure CUCM to enable tracing32Installing RTMT – Real Time Monitoring Tool33Running RTMT33Taking a trace using RTMT33Appendix 2 – Known interworking capabilities and limitations34Capabilities34SIP and H.323 endpoints making basic calls34Cisco TelePresence Conductor34Limitations34E20 encryption34T150 running L6.0 code34H.323 MXP and 997134Appendix 3 – Allow dialing to Cisco VCS domain from Cisco phones35Appendix 4 – Connecting CUCM to a cluster of Cisco VCS peers36Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster36Configuring the trunk to Cisco VCS to specify a list of VCS peers37Appendix 5 – Connecting Cisco VCS to a cluster of CUCM nodes39Option 1: Using a single neighbor zone39CUCM configuration39Cisco VCS Control configuration39Update neighbor zone39Option 2: Using a DNS zone40CUCM configuration40DNS server configuration40Cisco VCS Control configuration40Create a CUCM DNS zone40Adjust search rule41Delete the old CUCM neighbor zone42Option 3: Using multiple neighbor zones43Cisco VCS Control configuration43Replicate neighbor zone43Replicate search rule43Appendix 6 – Cisco TelePresence Multiway and CUCM44VCS configuration44CUCM configuration44Appendix 7 – Endpoint specific configuration45T150 running L6.x45Other products45Appendix 8 – Parameters set by the ‘Cisco Unified Communications Manager’ Advanced Zone profile46Appendix 9 – CUCM 5 incompatibility47Appendix 10 – Connecting Cisco VCS to CUCM using TLS (rather than TCP)48Ensure that CUCM trusts the Cisco VCS server certificate48Configure a SIP trunk security profile on CUCM49Update the CUCM trunk to Cisco VCS to use TLS49Update the VCS neighbor zone to CUCM to use TLS50Verify that the TLS connection is operational50Network of Cisco VCSs50Set VCS to always route signaling to CUCM50Appendix 11 – Characters allowed in SIP URIs52Appendix 12 – Enabling BFCP – Dual video/presentation sharing53VCS configuration53CUCM configuration53Size: 1.36 MBPages: 54Language: EnglishOpen manual
/en/manuals/1621400/Table of ContentsIntroduction3Deployment Scenario3Summary of Configuration Process3Prerequisites for System Configuration4Enabling Calls Between Endpoints Registered on the VCS Control5VCS Control Configuration5Setting up the SIP Domain of the VCS Control5Creating Transforms5Unified CM Configuration6Registering Endpoints to the VCS Control6Endpoint Configuration6Confirming Registrations6Test Calls7Enabling Calls Between Endpoints Registered on Unified CM9VCS Control Configuration9Unified CM Configuration9Configuring the SIP Profile for VCS9Configuring the Region with an Appropriate Session Bit Rate for Video Calls10Configuring the SIP Profile for Phone Devices11Adding a Phone Device11Configuring the Device Directory Number11Configuring Phone Endpoint to Pick up its Configuration from Unified CM12Confirming Registrations12Test Calls12Enabling Endpoints Registered on VCS to Call Endpoints Registered on Unified CM13Unified CM Configuration13Configuring the SIP Trunk Security Profile13Configuring the SIP Trunk Device13Configuring the Cluster Fully Qualified Domain Name15VCS Control Configuration15Creating a Neighbor Zone for Unified CM16Creating a Search Rule to Route Calls to the Unified CM Neighbor Zone17Creating a Transform that Converts number@<IP address of cucm> to number@vcs....18Test Calls19Enabling Endpoints Registered on Unified CM to Call Endpoints Registered on VCS21VCS Control Configuration21Creating a Transform to Convert Unified CM Supplied Domain Information to the...21Unified CM Configuration22Allowing Numeric Dialing from Cisco Phones to VCS22Allowing Dialing to VCS Domain from Cisco Phones23Test Calls23Connecting VCS to Unified CM Using TLS25Ensuring Certificate Trust Between Unified CM and VCS25Loading Server and Trust Certificates on VCS25Loading Server and Trust Certificates on Unified CM26Setting the Cluster Security Mode to Mixed Mode26Configuring a SIP Trunk Security Profile on Unified CM27Updating the Unified CM Trunk to VCS to Use TLS28Updating the VCS Neighbor Zone to Unified CM to Use TLS28Verifying that the TLS Connection is Operational29Network of VCSs29Encrypted Calls to Endpoints Registered to Unified CM29Checking Unified CM Message Size Limit31Appendix 1: Troubleshooting33Problems Connecting VCS Control Local Calls33Look at “Search history” to Check the Applied Transforms33Look at Call History to Check How the Call Progressed33Check for Errors34Tracing Calls34Call Failures with Cisco TelePresence Server34In-call Problems34Calls Clear Down when a Call Transfer from a Video Phone on Unified CM Transf...34Failure to Join a Unified CM Endpoint to a Conference Using Multiway34Poor Video Quality from Unified CM34Taking a Trace on Unified CM Using RTMT34Configure Unified CM to Enable Tracing35Installing RTMT – Real Time Monitoring Tool35Running RTMT35Taking a Trace Using RTMT35Call Failures36TLS Calls Fail when Unified CM uses SRV Trunk Destinations36Encrypted Call Failures36Appendix 2: Known Interworking Capabilities and Limitations37Capabilities37SIP and H.323 Endpoints Making Basic Calls37Limitations37Cisco TelePresence Conductor37E20 Encryption37T150 Running L6.0 Code37H.323 MXP and 997137Appendix 3: Connecting Unified CM to a VCS Cluster39Configuring the Trunk to VCS to Specify the DNS SRV Address for the VCS Cluster39Configuring the Trunk to VCS to Specify a List of VCS Peers39Appendix 4: Connecting VCS to a Cluster of Unified CM Nodes41Option 1: Using a Single Neighbor Zone41Unified CM Configuration41VCS Control Configuration41Option 2: Using a DNS Zone41Unified CM Configuration41DNS Server Configuration41VCS Control Configuration42Appendix 5: Multiway and Unified CM45VCS Configuration45Unified CM Configuration45Appendix 6: Additional Information47IP Address Dialing47Characters Allowed in SIP URIs47Document Revision History49Cisco Legal Information49Cisco Trademark50Size: 825 KBPages: 50Language: EnglishOpen manual
/en/manuals/1621397/Table of ContentsPreface5Change History5Introduction6Deployment Scenario6Summary of Configuration Process6Prerequisites for System Configuration7Enabling Calls Between Endpoints Registered on the VCS Control9VCS Control Configuration9Unified CM Configuration10Registering Endpoints to the VCS Control10Enabling Calls Between Endpoints Registered on Unified CM13VCS Control Configuration13Unified CM Configuration13Test Calls16Enabling Endpoints Registered on VCS to Call Endpoints Registered on Unified CM17Unified CM Configuration17VCS Control Configuration20Test Calls24Enabling Endpoints Registered on Unified CM to Call Endpoints Registered on VCS25VCS Control Configuration25Unified CM Configuration26Test Calls28Connecting VCS to Unified CM Using TLS29Ensure Certificate Trust Between Unified CM and VCS29Set the Cluster Security Mode to Mixed Mode30Configure a SIP Trunk Security Profile on Unified CM31Update the Unified CM Trunk to VCS to Use TLS32Update Device Profiles to Encrypt Calls to Unified CM-registered Endpoints33Update the VCS Neighbor Zone to Unified CM to Use TLS33Verify That the TLS Connection is Operational33Choose how to route from other VCSs to Unified CM33Checking Unified CM Message Size Limit35Appendix 1: Troubleshooting37Problems Connecting VCS Control Local Calls37Check for Errors38Tracing Calls38Call Failures with Cisco TelePresence Server38In-call Problems38Taking a Trace on Unified CM Using RTMT38Call Failures40Appendix 2: Known Interworking Capabilities and Limitations41Capabilities41Limitations41Appendix 3: Connecting Unified CM to a VCS Cluster43Configuring the Trunk to VCS to Specify the DNS SRV Address for the VCS Cluster43Configuring the Trunk to VCS to Specify a List of VCS Peers43Appendix 4: Connecting VCS to a Cluster of Unified CM Nodes45Option 1: Using a Single Neighbor Zone45Option 2: Using a DNS Zone45Appendix 5: Multiway and Unified CM49VCS Configuration49Unified CM Configuration49Appendix 6: Additional Information51IP Address Dialing51Characters Allowed in SIP URIs51Cisco Legal Information51Cisco Trademark52Size: 894 KBPages: 52Language: EnglishOpen manual
/en/manuals/1603916/Table of ContentsIntroduction5Deployment scenario5Summary of configuration process5Prerequisites for system configuration6Enabling calls between endpoints registered on the VCS Control7VCS Control configuration7Setting up the SIP domain of the VCS Control7Creating transforms7Unified CM configuration8Registering endpoints to the VCS Control8Endpoint configuration8Confirming registrations9Test calls9Enabling calls between endpoints registered on Unified CM10VCS Control configuration10Unified CM configuration10Configuring the SIP Profile for VCS10Configuring the region with an appropriate session bit rate for video calls13Configuring the SIP Profile for phone devices13Adding a phone device13Configuring the device directory number13Configuring phone endpoint to pick up its configuration from Unified CM14Confirming registrations14Test calls14Enabling endpoints registered on VCS to call endpoints registered on Unified CM15Unified CM configuration15Configuring the SIP Trunk security profile15Configuring the SIP Trunk device16Configuring the Cluster Fully Qualified Domain Name20VCS Control configuration20Creating a neighbor zone for Unified CM20Creating a search rule to route calls to the Unified CM neighbor zone22Creating a transform that converts number@<IP address of cucm> to number@vcs....24Test calls25Enabling endpoints registered on Unified CM to call endpoints registered on VCS26VCS Control configuration26Creating a transform to convert Unified CM supplied domain information to the...26Unified CM configuration27Allowing numeric dialing from Cisco phones to VCS27Allowing dialing to VCS domain from Cisco phones28Test calls28Connecting VCS to Unified CM using TLS29Ensuring certificate trust between Unified CM and VCS29Loading server and trust certificates on VCS29Loading server and trust certificates on Unified CM30Setting the Cluster Security Mode to Mixed Mode30Configuring a SIP trunk security profile on Unified CM31Updating the Unified CM trunk to VCS to use TLS32Updating the VCS neighbor zone to Unified CM to use TLS32Verifying that the TLS connection is operational33Network of VCSs33Encrypted calls to endpoints registered to Unified CM33Checking Unified CM message size limit34Appendix 1: Troubleshooting35Problems connecting VCS Control local calls35Look at “Search history” to check the applied transforms35Look at call history to check how the call progressed35Check for errors36Tracing calls36Call failures with Cisco TelePresence Server36In-call problems36Calls clear down when a call transfer from a video phone on Unified CM transf...36Failure to join a Unified CM endpoint to a conference using Multiway36Poor video quality from Unified CM37Taking a trace on Unified CM using RTMT37Configure Unified CM to enable tracing37Installing RTMT – Real Time Monitoring Tool37Running RTMT37Taking a trace using RTMT37Call failures38TLS calls fail when Unified CM uses SRV trunk destinations38Encrypted call failures38Appendix 2: Known interworking capabilities and limitations39Capabilities39SIP and H.323 endpoints making basic calls39Limitations39Cisco TelePresence Conductor39E20 encryption39T150 running L6.0 code39H.323 MXP and 997139Appendix 3: Connecting Unified CM to a VCS cluster40Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster40Configuring the trunk to VCS to specify a list of VCS peers40Appendix 4: Connecting VCS to a cluster of Unified CM nodes42Option 1: Using a single neighbor zone42Unified CM configuration42VCS Control configuration42Option 2: Using a DNS zone42Unified CM configuration42DNS server configuration43VCS Control configuration43Appendix 5: Multiway and Unified CM45VCS configuration45Unified CM configuration45Appendix 6: Additional information46IP address dialing46Characters allowed in SIP URIs46Document revision history47Size: 1.17 MBPages: 48Language: EnglishOpen manual
/en/manuals/1621367/Table of ContentsIntroduction5Deployment scenario5Summary of configuration process5Prerequisites for system configuration6Enabling calls between endpoints registered on the VCS Control7VCS Control configuration7Setting up the SIP domain of the VCS Control7Creating transforms7Unified CM configuration8Registering endpoints to the VCS Control8Endpoint configuration8Confirming registrations9Test calls9Enabling calls between endpoints registered on Unified CM10VCS Control configuration10Unified CM configuration10Configuring the SIP Profile for VCS10Configuring the region with an appropriate session bit rate for video calls13Configuring the SIP Profile for phone devices13Adding a phone device13Configuring the device directory number13Configuring phone endpoint to pick up its configuration from Unified CM14Confirming registrations14Test calls14Enabling endpoints registered on VCS to call endpoints registered on Unified CM15Unified CM configuration15Configuring the SIP Trunk security profile15Configuring the SIP Trunk device16Configuring the Cluster Fully Qualified Domain Name19VCS Control configuration20Creating a neighbor zone for Unified CM20Creating a search rule to route calls to the Unified CM neighbor zone21Creating a transform that converts number@<IP address of cucm> to number@vcs....23Test calls23Enabling endpoints registered on Unified CM to call endpoints registered on VCS24VCS Control configuration24Creating a transform to convert Unified CM supplied domain information to the...24Unified CM configuration25Allowing numeric dialing from Cisco phones to VCS25Allowing dialing to VCS domain from Cisco phones26Test calls26Connecting VCS to Unified CM using TLS27Ensuring certificate trust between Unified CM and VCS27Loading server and trust certificates on VCS27Loading server and trust certificates on Unified CM28Setting the Cluster Security Mode to Mixed Mode28Configuring a SIP trunk security profile on Unified CM29Updating the Unified CM trunk to VCS to use TLS30Updating the VCS neighbor zone to Unified CM to use TLS30Verifying that the TLS connection is operational31Network of VCSs31Encrypted calls to endpoints registered to Unified CM31Checking Unified CM message size limit32Appendix 1: Troubleshooting33Problems connecting VCS Control local calls33Look at “Search history” to check the applied transforms33Look at call history to check how the call progressed33Check for errors34Tracing calls34Call failures with Cisco TelePresence Server34In-call problems34Calls clear down when a call transfer from a video phone on Unified CM transf...34Failure to join a Unified CM endpoint to a conference using Multiway34Poor video quality from Unified CM35Taking a trace on Unified CM using RTMT35Configure Unified CM to enable tracing35Installing RTMT – Real Time Monitoring Tool35Running RTMT35Taking a trace using RTMT35Call failures36TLS calls fail when Unified CM uses SRV trunk destinations36Encrypted call failures36Appendix 2: Known interworking capabilities and limitations37Capabilities37SIP and H.323 endpoints making basic calls37Limitations37Cisco TelePresence Conductor37E20 encryption37T150 running L6.0 code37H.323 MXP and 997137Appendix 3: Connecting Unified CM to a VCS cluster38Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster38Configuring the trunk to VCS to specify a list of VCS peers38Appendix 4: Connecting VCS to a cluster of Unified CM nodes40Option 1: Using a single neighbor zone40Unified CM configuration40VCS Control configuration40Option 2: Using a DNS zone40Unified CM configuration40DNS server configuration41VCS Control configuration41Appendix 5: Multiway and Unified CM43VCS configuration43Unified CM configuration43Appendix 6: Additional information44IP address dialing44Characters allowed in SIP URIs44Document revision history45Size: 1.15 MBPages: 46Language: EnglishOpen manual
/en/manuals/1609748/Table of ContentsIntroduction5Deployment scenario5Summary of configuration process5Prerequisites for system configuration6Enabling calls between endpoints registered on the VCS Control7VCS Control configuration7Setting up the SIP domain of the VCS Control7Creating transforms7Unified CM configuration8Registering endpoints to the VCS Control8Endpoint configuration8Confirming registrations9Test calls9Enabling calls between endpoints registered on Unified CM10VCS Control configuration10Unified CM configuration10Configuring the SIP Profile for VCS10Configuring the region with an appropriate session bit rate for video calls13Configuring the SIP Profile for phone devices13Adding a phone device13Configuring the device directory number13Configuring phone endpoint to pick up its configuration from Unified CM14Confirming registrations14Test calls14Enabling endpoints registered on VCS to call endpoints registered on Unified CM15Unified CM configuration15Configuring the SIP Trunk security profile15Configuring the SIP Trunk device16Configuring the Cluster Fully Qualified Domain Name19VCS Control configuration20Creating a neighbor zone for Unified CM20Creating a search rule to route calls to the Unified CM neighbor zone21Creating a transform that converts number@<IP address of cucm> to number@vcs....23Test calls23Enabling endpoints registered on Unified CM to call endpoints registered on VCS24VCS Control configuration24Creating a transform to convert Unified CM supplied domain information to the...24Unified CM configuration25Allowing numeric dialing from Cisco phones to VCS25Allowing dialing to VCS domain from Cisco phones26Test calls26Connecting VCS to Unified CM using TLS27Ensuring certificate trust between Unified CM and VCS27Loading server and trust certificates on VCS27Loading server and trust certificates on Unified CM28Setting the Cluster Security Mode to Mixed Mode28Configuring a SIP trunk security profile on Unified CM29Updating the Unified CM trunk to VCS to use TLS30Updating the VCS neighbor zone to Unified CM to use TLS30Verifying that the TLS connection is operational31Network of VCSs31Encrypted calls to endpoints registered to Unified CM31Checking Unified CM message size limit32Appendix 1: Troubleshooting33Problems connecting VCS Control local calls33Look at “Search history” to check the applied transforms33Look at call history to check how the call progressed33Check for errors34Tracing calls34Call failures with Cisco TelePresence Server34In-call problems34Calls clear down when a call transfer from a video phone on Unified CM transf...34Failure to join a Unified CM endpoint to a conference using Multiway34Poor video quality from Unified CM35Taking a trace on Unified CM using RTMT35Configure Unified CM to enable tracing35Installing RTMT – Real Time Monitoring Tool35Running RTMT35Taking a trace using RTMT35Call failures36TLS calls fail when Unified CM uses SRV trunk destinations36Encrypted call failures36Appendix 2: Known interworking capabilities and limitations37Capabilities37SIP and H.323 endpoints making basic calls37Limitations37Cisco TelePresence Conductor37E20 encryption37T150 running L6.0 code37H.323 MXP and 997137Appendix 3: Connecting Unified CM to a VCS cluster38Configuring the trunk to VCS to specify the DNS SRV address for the VCS cluster38Configuring the trunk to VCS to specify a list of VCS peers38Appendix 4: Connecting VCS to a cluster of Unified CM nodes40Option 1: Using a single neighbor zone40Unified CM configuration40VCS Control configuration40Option 2: Using a DNS zone40Unified CM configuration40DNS server configuration41VCS Control configuration41Appendix 5: Multiway and Unified CM43VCS configuration43Unified CM configuration43Appendix 6: Additional information44IP address dialing44Characters allowed in SIP URIs44Document revision history45Size: 1.15 MBPages: 46Language: EnglishOpen manual
/en/manuals/1621325/Table of ContentsIntroduction3Installing a VM4Recommended platform4Specifications-based system – minimum specification4Co-residency support4Installation process5Configuring the VM Host5Deploying OVA to host5Configuring VCS VM guest10Upgrades14Clustering for resilience and capacity15Snapshot and restore using VM snapshot16Creating a VMware snapshot16Restoring a VMware snapshot16Incremental VMware backups16Hardware references17Serial interface17Ethernet interfaces (NICs)17Allocating a virtual NIC to a physical NIC interface17Additional information19Supported features19Unsupported features19Licensing19Appendix 1 — Troubleshooting20Checking VMware compatibility20VMware checklist20Isolating a possible root cause21Possible issues21Analyzing the cause of VMware issues22Running a VCS factory reset22Appendix 2 — Deploying multiple datastores23Appendix 3 — Ensuring that the required 6GB of memory is allocated for VCS VM28Document revision history29Size: 855 KBPages: 30Language: EnglishOpen manual
/en/manuals/1621323/Table of ContentsIntroduction4Purpose of this guide4Related documents5Configuring the Cisco VCS6Firewall ports6Check option key6Configure the routable address of the Cisco VCS7Ensure that Cisco VCS has a SIP domain configured7Enable FindMe™8Enable device authentication (recommended)8Enable presence server (optional)9Create user accounts9Create authentication credentials for the user (optional)10Configure bandwidths provisioned to Movi clients (optional)12Installing and configuring Movi13Making calls15Testing the Cisco VCS Expressway Starter Pack installation16Local system testing16Public network testing16Behind home, small business or hotel firewall testing17Appendix 1 – Basic Cisco VCS configuration18System name18DNS18NTP18Further information18Appendix 2 – Troubleshooting19Movi sign in messaging19Login failed – Wrong username, domain, and / or password19Login failed – Out of licenses19Login failed – The server did not respond in time20Login failed – Could not find server in DNS20Login failed – Unable to connect to server20Call failed – The user could not be found. The user is offline or does not exist.20Call failed – The user could not be found20Call failed – The user could not be reached. Please try again later.21Call failed – An error was received from the server21Call failed – Not enough call licenses21Signaling level troubleshooting21Appendix 3 – Comparison of Cisco VCS Expressway Starter Pack provisioning and Cisco TMS provisioning24Appendix 4 – Known limitations25Modifying a user’s display name25Appendix 5 – Characters allowed in SIP URIs26Appendix 6 – Determining the FindMe ID for a caller27Size: 541 KBPages: 28Language: EnglishOpen manual
/en/manuals/1621321/Table of ContentsIntroduction4Purpose of this guide4Related documents5Configuring the Cisco VCS6Firewall ports6Check option key6Configure the routable address of the Cisco VCS7Ensure that Cisco VCS has a SIP domain configured7Enable FindMe8Configure device authentication8Enable presence server (optional)10Create user accounts10Create authentication credentials for the user12Configure bandwidths provisioned to Movi and other endpoints (optional)12Installing and configuring Movi14Making calls15Testing the Cisco VCS Expressway Starter Pack installation16Local system testing16Public network testing16Behind home, small business or hotel firewall testing17Appendix 1 – Basic Cisco VCS configuration18Appendix 2 – Troubleshooting19Movi sign in messaging19Login failed – Wrong username, domain, and / or password19Login failed – Out of licenses19Login failed – The server did not respond in time19Login failed – Could not find server in DNS20Login failed – Unable to connect to server20Call failed – The user could not be found. The user is offline or does not exist.20Call failed – The user could not be found20Call failed – The user could not be reached. Please try again later.20Call failed – An error was received from the server21Call failed – Not enough call licenses21Phone book searches do not return any entries21Failed to update presence21Signaling level troubleshooting21Appendix 3 – Comparison of Starter Pack provisioning and Cisco TMS provisioning24Appendix 4 – Known limitations25Modifying a user’s display name25Appendix 5 – Characters allowed in SIP URIs26Appendix 6 – Determining the FindMe ID for a caller27Size: 520 KBPages: 28Language: EnglishOpen manual
/en/manuals/1619988/Table of ContentsIntroduction4Purpose of this guide4Related documents5Configuring the Cisco VCS6Firewall ports6Check option key6Configure the routable address of the Cisco VCS7Ensure that Cisco VCS has a SIP domain configured7Enable FindMe8Configure device authentication8Enable Presence Server (optional)10Create user accounts10Create authentication credentials for the user12Configure bandwidths provisioned to Movi and other endpoints (optional)13Installing and configuring Movi14Making calls15Testing the Cisco VCS Expressway Starter Pack installation16Local system testing16Public network testing16Behind home, small business or hotel firewall testing17Appendix 1 – Basic Cisco VCS configuration18Appendix 2 – Troubleshooting19Movi sign in messaging19Login failed – Wrong username, domain, and / or password19Login failed – Out of licenses20Login failed – The server did not respond in time20Login failed – Could not find server in DNS20Login failed – Unable to connect to server20Call failed – The user could not be found. The user is offline or does not exist.20Call failed – The user could not be found21Call failed – The user could not be reached. Please try again later.21Call failed – An error was received from the server21Call failed – Not enough call licenses21Phone book searches do not return any entries21Failed to update presence21Signaling level troubleshooting21Appendix 3 – Comparison of Starter Pack provisioning and Cisco TMS provisioning25Appendix 4 – Known limitations26Modifying a user’s display name26Appendix 5 – Characters allowed in SIP URIs27Appendix 6 – Determining the FindMe ID for a caller28Size: 521 KBPages: 29Language: EnglishOpen manual
/en/manuals/1621275/Table of ContentsContents2Introduction4Purpose of this guide4Related documents5Configuring the Cisco VCS6Firewall ports6Check option key6Configure the routable address of the Cisco VCS7Ensure that Cisco VCS has a SIP domain configured7Enable FindMe8Configure device authentication9Enable Presence Server (optional)10Create user accounts11Create authentication credentials for the user12Configure bandwidths provisioned to Movi and other endpoints (optional)13Installing and configuring Movi / Jabber Video14Making calls15Testing the Starter Pack installation16Local system testing16Public network testing16Behind home, small business or hotel firewall testing17Checking the status of the Provisioning Server18Appendix 1 – Basic Cisco VCS configuration19Appendix 2 – Troubleshooting20Movi sign in messaging20Login failed – Wrong username, domain, and / or password20Login failed – Out of licenses21Login failed – The server did not respond in time21Login failed – Could not find server in DNS21Login failed – Unable to connect to server21Call failed – The user could not be found. The user is offline or does not exist.21Call failed – The user could not be found21Call failed – The user could not be reached. Please try again later.22Call failed – An error was received from the server22Call failed – Not enough call licenses22Phone book searches do not return any entries22Failed to update presence22Signaling level troubleshooting22Appendix 3 – Comparison of Starter Pack provisioning and Cisco TMS provisioning26Appendix 4 – Known limitations27Modifying a user’s display name27Appendix 5 – Characters allowed in SIP URIs28Appendix 6 – Determining the FindMe ID for a caller29Size: 568 KBPages: 30Language: EnglishOpen manual
/en/manuals/1621271/Table of ContentsIntroduction3Purpose of this guide3Related documents4Configuring the VCS5Firewall ports5Check option key5Configure the routable address of the VCS6Ensure that VCS has a SIP domain configured6Enable FindMe7Configure device authentication8Enable Presence Server (optional)9Create user accounts10Create authentication credentials for the user11Configure bandwidths provisioned to endpoints (optional)12Installing and configuring Movi / Jabber Video13Testing the Starter Pack installation15Local system testing15Public network testing15Behind home, small business or hotel firewall testing16Checking the status of the Provisioning Server17Appendix 1 – Basic VCS configuration18Appendix 2 – Troubleshooting19Movi / Jabber Video sign in messaging19Signaling level troubleshooting21Appendix 3 – Comparison of Starter Pack provisioning and Cisco TMS provisioning24Appendix 4 – Known limitations26Modifying a user’s display name26Appendix 5 – Characters allowed in SIP URIs27Appendix 6 – Determining the FindMe ID for a caller28Appendix 7 – Movi / Jabber Video and Active Directory (NTLM) authentication29Size: 586 KBPages: 31Language: EnglishOpen manual
/en/manuals/1621269/Table of ContentsIntroduction3Purpose of this guide4Configuring the VCS5Opening firewall ports5Verifying the option key5Configuring the routable address of the VCS6Configuring a SIP domain6Enabling FindMe7Configuring device authentication7Enabling Presence Server (optional)9Creating user accounts10Creating authentication credentials for the user11Configuring bandwidths provisioned to endpoints (optional)12Installing and configuring Jabber Video14Testing the Starter Pack installation16Local system testing16Public network testing16Behind home/hotel firewall testing17Checking the status of the Provisioning Server18Appendix 1: Troubleshooting19Jabber Video sign in messaging19Signaling level troubleshooting21Appendix 2: Basic VCS configuration25Appendix 3: Additional information26Characters allowed in SIP URIs26Determining the FindMe ID for a caller26Known limitations26Modifying a user’s display name26Appendix 4: Jabber Video and Active Directory (NTLM) authentication27Appendix 5: Starter Pack and Cisco TMSPE provisioning comparison29Related documents31Document revision history32Size: 642 KBPages: 33Language: EnglishOpen manual
/en/manuals/1621263/Table of ContentsIntroduction3Purpose of this guide4Configuring the VCS5Opening firewall ports5Verifying the option key5Configuring the routable address of the VCS6Configuring a SIP domain6Enabling FindMe7Configuring device authentication7Configuring a DNS zone9Configuring DNS zone search rules10Enabling Presence Server (optional)12Creating user accounts12Creating authentication credentials for the user14Configuring bandwidths provisioned to endpoints (optional)15Installing and configuring Jabber Video17Testing the Starter Pack installation19Local system testing19Public network testing19Behind home/hotel firewall testing20Checking the status of the Provisioning Server21Appendix 1: Troubleshooting22Jabber Video sign in messaging22Signaling level troubleshooting24Appendix 2: Basic VCS configuration28Appendix 3: Additional information29Characters allowed in SIP URIs29Determining the FindMe ID for a caller29Known limitations29Modifying a user’s display name29Appendix 4: Jabber Video and Active Directory (NTLM) authentication30Appendix 5: Starter Pack and Cisco TMSPE provisioning comparison32Related documents34Document revision history35Size: 721 KBPages: 36Language: EnglishOpen manual
/en/manuals/1621261/Table of ContentsIntroduction3Purpose of this guide4Configuring the VCS5Opening firewall ports5Verifying the option key5Configuring the routable address of the VCS6Configuring a SIP domain6Enabling FindMe7Configuring device authentication7Configuring a DNS zone9Configuring DNS zone search rules10Enabling Presence Server (optional)12Creating user accounts12Creating authentication credentials for the user14Configuring bandwidths provisioned to endpoints (optional)15Installing and configuring Jabber Video17Testing the Starter Pack installation19Local system testing19Public network testing19Behind home/hotel firewall testing20Checking the status of the Provisioning Server21Appendix 1: Troubleshooting22Jabber Video sign in messaging22Signaling level troubleshooting24Appendix 2: Basic VCS configuration28Appendix 3: Additional information29Characters allowed in SIP URIs29Determining the FindMe ID for a caller29Known limitations29Modifying a user’s display name29Appendix 4: Jabber Video and Active Directory (NTLM) authentication30Appendix 5: Starter Pack and Cisco TMSPE provisioning comparison32Related documents34Document revision history35Size: 719 KBPages: 36Language: EnglishOpen manual
/en/manuals/1621252/Table of ContentsPreface4Change History4Introduction6Schemas6Authentication6Base URI6Common Between Cisco VCS Control and Cisco VCS Expressway7/common/certs/root:7/common/certs/generate_csr:8/common/certs/server:9/common/defaultlinks:10/common/mra:11Cisco VCS Control12/controller/domain:12/controller/server/cucm:14/controller/server/imp:15/controller/zones/unifiedcommunicationstraversal:16Cisco VCS Expressway22/edge/credential:22/edge/zone/unifiedcommunicationstraversal:23Option key29/optionkey:29Cisco Legal Information30Cisco Trademark31Size: 173 KBPages: 31Language: EnglishOpen manual
/en/manuals/1621233/Table of ContentsCisco TelePresence Conductor3Introduction3Ad hoc conferences3Permanent conferences3Scheduled conferences3Connecting multiple MCUs to a single Cisco VCS4Requirements4Operation4Configuration5Connecting multiple MCUs to a cluster of Cisco VCS peers6Requirements6Operation6Configuration7Appendix 1 – Subset or Superset service prefixes8Appendix 2 – Gatekeeper / Border Controller operation9Size: 180 KBPages: 10Language: EnglishOpen manual
/en/manuals/1621228/Table of ContentsCisco TelePresence Video Communication Server (Cisco VCS) IP port usage for firewall traversal1Contents: Cisco VCS IP port usage2Guide to this document: format of information3Administration: Cisco VCS Expressway4Administration: Cisco VCS Expressway5Administration: Cisco VCS Expressway6Administration: Cisco VCS Expressway7SIP traversal call8SIP call to endpoint with public IP address9SIP call to endpoint behind non SIP-aware firewall10SIP – additional ports for ICE (from VCS X6.0)11H.323 traversal call using Assent12H.323 traversal call using H.460.18 / 19 non-mux media13H.323 traversal call using H.460.18 / 19 multiplexed media14H.323 call with registered endpoint with public IP address15H.323 call with a non-registered endpoint with public IP16H.323 call with endpoint supporting Assent behind firewall17H.323 call with endpoint supporting H.460.18 / 19 non-mux media18H.323 call with endpoint supporting H460.18 / 19 multiplexed media19SIP/H.323 Authentication: Cisco VCS Expressway20Administration: Cisco VCS Control21Administration: Cisco VCS Control22Administration: local endpoint23Administration: local endpoint24SIP: internal25H.323: internal26SIP B2BUA (for calls to Microsoft OCS/Lync devices)27Size: 875 KBPages: 28Language: EnglishOpen manual
/en/manuals/1621223/Table of ContentsCisco TelePresence Video Communication Server (Cisco VCS) IP Port Usage for Firewall Traversal1Contents: Cisco VCS IP port usage2Guide to this document: format of information3Administration: Cisco VCS Expressway4Administration: Cisco VCS Expressway5Administration: Cisco VCS Expressway6Administration: Cisco VCS Expressway7SIP traversal call8SIP call to endpoint with public IP address9SIP call to endpoint behind non SIP-aware firewall10SIP – additional ports for ICE11H.323 traversal call using Assent12H.323 traversal call using H.460.18 / 19 non-muxed media13H.323 traversal call using H.460.18 / 19 multiplexed media14H.323 call with registered endpoint with public IP address15H.323 call with a non-registered endpoint with public IP16H.323 call with endpoint supporting Assent behind firewall17H.323 call with endpoint supporting H.460.18 / 19 non-mux media18H.323 call with endpoint supporting H460.18 / 19 multiplexed media19SIP/H.323 Authentication: Cisco VCS Expressway20Administration: Cisco VCS Control21Administration: Cisco VCS Control22Administration: local endpoint23Administration: local endpoint24SIP: internal25H.323: internal26Slide Number 2727Slide Number 2828Slide Number 2929SIP B2BUA and Microsoft Lync30Slide Number 3131Size: 1 MBPages: 31Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction6Cisco TMSPE versus Cisco TMS Agent Legacy6This deployment guide6Release notes6Prerequisites and recommendations7Cisco TMS and server requirements7Hardware recommendations7Cisco VCS requirements8SMTP server requirements8Required security permissions8For installation8For operation8Manually creating the database on the MS SQL server9Information needed during installation9Username and password9Database information9Database location9Best practices for deployment10Upgrade endpoints to the latest software10Automate user creation and management with AD/LDAP10Use secure communication10Synchronize time in Cisco VCS and Cisco TMS10Configuring Cisco VCS for provisioning12Provisioning within your network12Setting up DNS for the Cisco VCS12Installing the Device Provisioning option key13Enabling SIP13Configuring how Cisco VCS handles calls to unknown IP addresses14Adding the Cisco VCS to Cisco TMS14Enabling provisioning on the Cisco VCS16Setting up a cluster name16Enabling Presence on the Cisco VCS16Presence on VCS Control16Presence on Cisco VCS Expressway17Verifying device authentication18Performing a clean installation of Cisco TMSPE19Installing Cisco TMSPE with a redundant Cisco TMS setup19Performing the clean installation19Enabling Cisco TMSPE19Migrating from Cisco TMS Agent Legacy21About the migration21Preparing data for migration21Eliminating duplicate Cisco TMS Agent Legacy users22Accounts with user-level configuration overrides22Verifying device authentication22Disabling replication22Migrating with a redundant setup23Performing the installation and migration23Enabling Cisco TMSPE24Post-migration cleanup of user-level configurations24Deleting user-level configurations25Applying user-level configurations at group level25Restructuring the external source of imported users26Setting up communication between Cisco TMS and Cisco VCS27Setting up Cisco TMSPE for provisioning29Creating groups and adding users29Setting up groups29Importing users from external directories29Adding users manually32Creating address patterns33Address pattern types33Adding the patterns33Example patterns35Setting up configurations for provisioned devices36Obtaining template schemas36Uploading the schema to Cisco TMS36Adding configuration templates37Assigning configuration templates to groups40Provisioning phone books41Configuring the provisioning phone book source41Associating phone book access to groups42Configuring and sending account information43Configuring email settings43Sending account information to a single user45Sending account information to all users in a group45Deploying FindMe47FindMe basics47Deploying FindMe without provisioning47Defining caller ID patterns47Assigning a caller ID pattern to imported accounts47Enabling FindMe in Cisco TMSPE49Manually adding FindMe accounts and groups49Setting up FindMe locations and devices50Suggested minimum setup50Adding FindMe device templates51Adding FindMe location templates52Associating device templates with location templates53Assigning location templates to groups54Setting up FindMe on Cisco VCS55Sending and returning calls via ISDN gateways56Using FindMe to convert E.164 numbers to FindMe IDs56Using ENUM to convert E.164 numbers to FindMe IDs57Including the ISDN gateway prefix in the caller ID57Regenerating FindMe locations and devices57Accounts and groups58Location templates58Device templates59Modifying a user's FindMe locations and devices59Additional information60Determining how to overwrite a caller ID with a FindMe ID60FindMe in a Cisco VCS cluster60FindMe accounts hosted on different Cisco VCSs in a network60FindMe and Presence61Individual and group FindMe types61Characters allowed in SIP URIs61FindMe limitations62Microsoft Lync device IDs as FindMe devices62Phone numbers from Active Directory (AD)62Maintaining users and devices63Synchronizing user data63Testing a manual synchronization63Running a manual synchronization64Moving users and groups64Moving user accounts imported from external sources64Moving groups between clusters64Searching for user accounts65Renaming groups and user accounts65Upgrading software on provisioned devices66Upgrading configurations66Upgrading devices66Updating Cisco TMS connection details67Maintaining the database68Backing up the database68Restoring the database from backup68Moving or renaming the database68Troubleshooting69Running Cisco TMSPE diagnostics69Running a health check69Viewing system status70Viewing Cisco VCS communication history70Restarting the TMS Provisioning Extension Windows service70Provisioning logs71Cisco TMSPE and Cisco TMS logs71Cisco VCS logs71Endpoint logs71Troubleshooting the installation71Checking the installation log71Unable to establish SQL connection through Java runtime...71Unable to find valid certification path to requested target72Migration troubleshooting72Re-running the migration tool72Fixing problems reported by the tool72Provisioning requests failing after installation or migration74Reverting to Cisco TMS Agent Legacy74Provisioning problem scenarios75Database connection failure75AD import with Kerberos fails75Email sending failure76Cisco VCS reports data import failure76Users get Out of licenses message77Signing in fails when no template available77Warning displayed when uploading configuration schema78No phone books received78FindMe troubleshooting78Using search history to diagnose FindMe issues78Uninstalling Cisco TMSPE79Removing provisioning from a Cisco VCS79Reference80Users page overview80About the Configuration Templates container81FindMe page overview83About the Location Templates container84About the Device Templates container85Document revision history86Bibliography87Size: 3.5 MBPages: 88Language: EnglishOpen manual
/en/manuals/1612726/Table of ContentsIntroduction6This deployment guide6Release notes6Prerequisites and recommendations7Cisco TMS and server requirements7Hardware recommendations7Cisco VCS requirements8SMTP server requirements8Required security permissions8For installation8For operation8Manually creating the database on the MS SQL server9Information needed during installation9Username and password9Database information9Database location9Best practices for deployment9Upgrade endpoints to the latest software9Automate user creation and management with AD/LDAP10Use secure communication10Synchronize time in Cisco VCS and Cisco TMS10Configuring Cisco VCS for provisioning11Provisioning within your network11Setting up DNS for the Cisco VCS11Installing the Device Provisioning option key12Enabling SIP12Configuring how Cisco VCS handles calls to unknown IP addresses13Adding the Cisco VCS to Cisco TMS13Enabling provisioning on the Cisco VCS15Setting up a cluster name15Enabling Presence on the Cisco VCS15Presence on VCS Control15Presence on Cisco VCS Expressway16Verifying device authentication17Installing Cisco TMSPE18Installing Cisco TMSPE with a redundant Cisco TMS setup18Performing the installation18Auto-starting the Windows service18Enabling Cisco TMSPE19Setting up communication between Cisco TMS and Cisco VCS20Setting up Cisco TMSPE for provisioning22Creating groups and adding users22Setting up groups22Importing users from external directories22Adding users manually25Creating address patterns26Address pattern types26Adding the patterns26Example patterns28Setting up configurations for provisioned devices28Obtaining template schemas28Uploading the schema to Cisco TMS29Adding configuration templates30Assigning configuration templates to groups33Provisioning phone books34Creating and configuring provisioning phone book sources34Associating phone book access to groups35Configuring and sending account information36Configuring email settings36Sending account information to a single user38Sending account information to all users in a group38Deploying FindMe40FindMe basics40Deploying FindMe without provisioning40Defining caller ID patterns40Assigning a caller ID pattern to imported accounts40Enabling FindMe in Cisco TMSPE42Manually adding FindMe accounts and groups42Setting up FindMe locations and devices43Suggested minimum setup43Adding FindMe device templates44Adding FindMe location templates45Associating device templates with location templates46Assigning location templates to groups47Setting up FindMe on Cisco VCS48Sending and returning calls via ISDN gateways49Using FindMe to convert E.164 numbers to FindMe IDs49Using ENUM to convert E.164 numbers to FindMe IDs50Including the ISDN gateway prefix in the caller ID50Regenerating FindMe locations and devices50Accounts and groups51Location templates51Device templates52Modifying a user's FindMe locations and devices52Additional information53Determining how to overwrite a caller ID with a FindMe ID53FindMe in a Cisco VCS cluster53FindMe accounts hosted on different Cisco VCSs in a network53FindMe and Presence54Individual and group FindMe types54Characters allowed in SIP URIs54FindMe limitations55Microsoft Lync device IDs as FindMe devices55Phone numbers from Active Directory (AD)55Maintaining users and devices56Synchronizing user data56Testing a manual synchronization56Running a manual synchronization57Moving users and groups57Moving user accounts imported from external sources57Moving groups between clusters57Searching for user accounts58Renaming groups and user accounts58Upgrading software on provisioned devices59Upgrading configurations59Upgrading devices59Updating Cisco TMS connection details60Maintaining the database61Backing up the database61Restoring the database from backup61Moving or renaming the database61Troubleshooting62Running Cisco TMSPE diagnostics62Running a health check62Viewing system status63Viewing Cisco VCS communication history63Restarting the TMS Provisioning Extension Windows service63Provisioning logs64Cisco TMSPE and Cisco TMS logs64Cisco VCS logs64Endpoint logs64Troubleshooting the installation64Checking the installation log64Unable to establish SQL connection through Java runtime...64Unable to find valid certification path to requested target64Provisioning problem scenarios65Database connection failure65AD import with Kerberos fails65Email sending failure66Cisco VCS reports data import failure66Users get Out of licenses message67Signing in fails when no template available67Warning displayed when uploading configuration schema67No phone books received68FindMe troubleshooting68Using search history to diagnose FindMe issues68Uninstalling Cisco TMSPE69Removing provisioning from a Cisco VCS69Reference70Users page overview70About the Configuration Templates container71FindMe page overview73About the Location Templates container74About the Device Templates container75Document revision history76Bibliography77Size: 3.19 MBPages: 78Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction6This deployment guide6Release notes6Prerequisites and recommendations7Cisco TMS and server requirements7Hardware recommendations7Cisco VCS requirements8SMTP server requirements8Database Server Requirements8Required security permissions9For installation9For operation9Manually creating the database on the MS SQL server9Information needed during installation9Cisco TMS username and password9Database information10Database location10WebEx Enabled TelePresence requirements10Browser requirements10Administrator interface10User portal11Best practices for deployment11Upgrade endpoints to the latest software11Automate user creation and management with AD/LDAP11Use secure communication11Synchronize time in Cisco VCS and Cisco TMS12Configuring Cisco VCS for provisioning13Provisioning within your network13Setting up DNS for the Cisco VCS13Installing the Device Provisioning option key14Enabling SIP14Configuring how Cisco VCS handles calls to unknown IP addresses15Adding the Cisco VCS to Cisco TMS15Enabling provisioning on the Cisco VCS17Setting up a cluster name17Enabling Presence on the Cisco VCS17Presence on VCS Control17Presence on Cisco VCS Expressway18Verifying device authentication19Installing Cisco TMSPE20Installing Cisco TMSPE with a redundant Cisco TMS setup20Upgrading from previous versions20Performing a new installation20Enabling Cisco TMSPE21Setting up communication between Cisco TMS and Cisco VCS22Setting up Cisco TMSPE for provisioning24Creating groups and adding users24Setting up groups24Importing users from external directories24Adding users manually27Creating address patterns28Address pattern types28Adding the patterns28Example patterns30Setting up configurations for provisioned devices30Obtaining template schemas30Uploading the schema to Cisco TMS31Adding configuration templates32Assigning configuration templates to groups35Provisioning phone books36Creating and configuring provisioning phone book sources36Associating phone book access to groups37Configuring and sending account information38Configuring email settings38Sending account information to a single user40Sending account information to all users in a group40Deploying Smart Scheduler42Best practices and limitations42Booking limitations43User access to Smart Scheduler43Access rights and permissions44Time zone display44WebEx booking44How Smart Scheduler works45Deploying FindMe46FindMe basics46Deploying FindMe without provisioning46Defining caller ID patterns46Assigning a caller ID pattern to imported accounts46Enabling FindMe in Cisco TMSPE48Manually adding FindMe accounts and groups48Setting up FindMe locations and devices49Suggested minimum setup49Adding FindMe device templates50Adding FindMe location templates51Associating device templates with location templates52Assigning location templates to groups53Setting up FindMe on Cisco VCS54Check FindMe option key54Set up a cluster name55Enable and configure FindMe settings55Sending and returning calls via ISDN gateways55Using FindMe to convert E.164 numbers to FindMe IDs56Using ENUM to convert E.164 numbers to FindMe IDs56Including the ISDN gateway prefix in the caller ID56Regenerating FindMe locations and devices57Accounts and groups57Location templates58Device templates58Modifying a user's FindMe locations and devices58Additional information59Determining how to overwrite a caller ID with a FindMe ID59FindMe in a Cisco VCS cluster59FindMe accounts hosted on different Cisco VCSs in a network60FindMe and Presence60Individual and group FindMe types60Characters allowed in SIP URIs61FindMe limitations61Microsoft Lync device IDs as FindMe devices61Phone numbers from Active Directory (AD)61Maintaining users and devices62Synchronizing user data62Mapping of LDAP and AD fields62Testing a manual synchronization63Running a manual synchronization63Moving users and groups63Moving user accounts imported from external sources63Moving groups between clusters63Searching for user accounts64Renaming groups and user accounts64Upgrading software on provisioned devices65Upgrading configurations65Upgrading devices65Updating Cisco TMS connection details66Maintaining the database67Backing up the database67Restoring the database from backup67Moving the database67Troubleshooting68Running Cisco TMSPE diagnostics68Running a health check68Viewing system status69Viewing Cisco VCS communication history69Restarting the TMS Provisioning Extension Windows service69Provisioning logs70Cisco TMSPE and Cisco TMS logs70Cisco VCS logs70Endpoint logs70Troubleshooting the installation70Checking the installation log70Unable to establish SQL connection through Java runtime...70Unable to find valid certification path to requested target71Provisioning problem scenarios71Database connection failure71AD import with Kerberos fails71Email sending failure72Cisco VCS reports data import failure72Users get Out of licenses message73Signing in fails when no template available73Warning displayed when uploading configuration schema74No phone books received74Smart Scheduler and FindMe troubleshooting74Cannot access FindMe or Smart Scheduler74Using search history to diagnose FindMe issues74Uninstalling Cisco TMSPE75Removing provisioning from a Cisco VCS75Document revision history76Bibliography77Size: 1.67 MBPages: 78Language: EnglishOpen manual
Installation GuideTable of ContentsIntroduction6This deployment guide6Release notes6Prerequisites and recommendations7Cisco TMS and server requirements7Hardware recommendations7Cisco VCS requirements8SMTP server requirements8Database Server Requirements8Required security permissions9For installation9For operation9Manually creating the database on the MS SQL server9Information needed during installation9Cisco TMS username and password9Database information10Database location10WebEx Enabled TelePresence requirements10Browser requirements11Administrator interface11User portal11Best practices for deployment11Upgrade endpoints to the latest software11Automate user creation and management with AD/LDAP11Use secure communication12Synchronize time in Cisco VCS and Cisco TMS12Configuring Cisco VCS for provisioning13Provisioning within your network13Setting up DNS for the Cisco VCS13Installing the Device Provisioning option key14Enabling SIP14Configuring how Cisco VCS handles calls to unknown IP addresses15Adding the Cisco VCS to Cisco TMS15Enabling provisioning on the Cisco VCS17Setting up a cluster name17Enabling Presence on the Cisco VCS17Presence on VCS Control17Presence on VCS Expressway18Verifying device authentication19Installing Cisco TMSPE20Installing Cisco TMSPE with a redundant Cisco TMS setup20Upgrading from previous versions20Performing a new installation20Enabling Cisco TMSPE21Setting up communication between Cisco TMS and Cisco VCS22Setting up users and provisioning24Creating groups and adding users24Setting up groups24Importing users from external directories24Adding users manually27Creating address patterns28Address pattern types28Adding the patterns28Example patterns30Setting up configurations for provisioned devices30Obtaining template schemas30Uploading the schema to Cisco TMS31Adding configuration templates32Assigning configuration templates to groups35Provisioning phone books36Creating and configuring provisioning phone book sources36Associating phone book access to groups37Configuring and sending account information38Configuring email settings38Sending account information to a single user40Sending account information to all users in a group40Deploying Smart Scheduler42Best practices and limitations42Booking limitations43User access to Smart Scheduler43Access rights and permissions44Time zone display44WebEx booking44How Smart Scheduler works45Deploying FindMe46FindMe basics46Deploying FindMe without provisioning46Defining caller ID patterns46Assigning a caller ID pattern to imported accounts46Enabling FindMe in Cisco TMSPE48Manually adding FindMe accounts and groups48Setting up FindMe locations and devices49Suggested minimum setup49Adding FindMe device templates50Adding FindMe location templates51Associating device templates with location templates52Assigning location templates to groups53Setting up FindMe on Cisco VCS54Check FindMe option key54Set up a cluster name55Enable and configure FindMe settings55Sending and returning calls via ISDN gateways55Using FindMe to convert E.164 numbers to FindMe IDs56Using ENUM to convert E.164 numbers to FindMe IDs56Including the ISDN gateway prefix in the caller ID56Regenerating FindMe locations and devices57Accounts and groups57Location templates58Device templates58Modifying a user's FindMe locations and devices58Additional information59Determining how to overwrite a caller ID with a FindMe ID59FindMe in a Cisco VCS cluster59FindMe accounts hosted on different Cisco VCSs in a network60FindMe and Presence60Individual and group FindMe types60Characters allowed in SIP URIs61FindMe limitations61Microsoft Lync device IDs as FindMe devices61Phone numbers from Active Directory (AD)61Maintaining users and devices62Synchronizing user data62Mapping of LDAP and AD fields62Testing a manual synchronization63Running a manual synchronization63Moving users and groups63Moving user accounts imported from external sources63Moving groups between clusters63Searching for user accounts64Renaming groups and user accounts64Upgrading software on provisioned devices65Upgrading configurations65Upgrading devices65Updating Cisco TMS connection details66Maintaining the database67Backing up the database67Restoring the database from backup67Moving the database67Troubleshooting68Running Cisco TMSPE diagnostics68Running a health check68Viewing system status69Viewing Cisco VCS communication history69Restarting the TMS Provisioning Extension Windows service69Provisioning logs70Cisco TMSPE and Cisco TMS logs70Cisco VCS logs70Endpoint logs70Troubleshooting the installation70Checking the installation log70Unable to establish SQL connection through Java runtime...70Unable to find valid certification path to requested target71Provisioning problem scenarios71Database connection failure71AD import with Kerberos fails71Email sending failure72Cisco VCS reports data import failure72Users get Out of licenses message73Signing in fails when no template available73Warning displayed when uploading configuration schema74No phone books received74Smart Scheduler and FindMe troubleshooting74Cannot access FindMe or Smart Scheduler74Using search history to diagnose FindMe issues74Uninstalling Cisco TMSPE75Removing provisioning from a Cisco VCS75Document revision history76Bibliography77Size: 1.67 MBPages: 78Language: EnglishOpen manual
/en/manuals/1611204/Table of ContentsExternal policy overview3Using an external policy server3Configuring VCS to use an external policy server6Configuring Registration Policy to use an external service6Configuring Call Policy to use an external service7Configuring search rules to use an external service8Default CPL for policy services10Policy server status and resiliency11Viewing policy server status via the VCS11External policy request parameters12Appendix 1: Design examples14Call Policy design examples14Using a policy service to allow or deny calls14Using a policy service to route calls17Using a policy service to implement FindMe (User Policy)20Search rule design examples21Round-robin routing to a member of a group21Forwarding calls to other members of a group in a round-robin style21Registration Policy design examples22Allowing or denying registrations based on protocol22Appendix 2: CPL snippet examples23CPL snippets for call processing23Allow CPL23Reject CPL23Route CPL23Forking CPL24Conditional routing CPL24CPL snippets for registration requests24Registration allow CPL25Registration reject CPL25Appendix 3: Message logging26Trace example: Call Policy request and response26Trace example: Registration Policy request and response26Document revision history28Size: 608 KBPages: 29Language: EnglishOpen manual
/en/manuals/1611029/Table of ContentsExternal policy overview3Using an external policy server3Configuring VCS to use an external policy server6Configuring Registration Policy to use an external service6Configuring Call Policy to use an external service7Configuring search rules to use an external service8Default CPL for policy services10Policy server status and resiliency11Viewing policy server status via the VCS11External policy request parameters12Appendix 1: Design examples14Call Policy design examples14Using a policy service to allow or deny calls14Using a policy service to route calls17Using a policy service to implement FindMe (User Policy)20Search rule design examples21Round-robin routing to a member of a group21Forwarding calls to other members of a group in a round-robin style21Registration Policy design examples22Allowing or denying registrations based on protocol22Appendix 2: CPL snippet examples23CPL snippets for call processing23Allow CPL23Reject CPL23Route CPL23Forking CPL24Conditional routing CPL24CPL snippets for registration requests24Registration allow CPL25Registration reject CPL25Appendix 3: Message logging26Trace example: Call Policy request and response26Trace example: Registration Policy request and response26Document revision history28Size: 608 KBPages: 29Language: EnglishOpen manual
/en/manuals/1611024/Table of ContentsIntroduction3Configuring the Cisco VCS4Configuring an ENUM zone and search rule4To configure an ENUM zone:4To configure a search rule:4Configuring the Cisco VCS with a DNS server6Configuring NAPTR on a DNS server7BIND style configuration7/etc/named.conf file7/var/named/<filename>8Appendix 1 – Troubleshooting9Wireshark9Dig9Dig of a specific entry9Appendix 2 – Using Regex features of NAPTR10Size: 182 KBPages: 11Language: EnglishOpen manual
/en/manuals/1609894/Table of ContentsIntroduction3Configuring the VCS4Configuring an ENUM zone and search rule4To configure an ENUM zone:4To configure a search rule:5Configuring the VCS with a DNS server7Configuring NAPTR on a DNS server8BIND style configuration8/etc/named.conf file8/var/named/<filename>9Appendix 1 – Troubleshooting10Wireshark10Dig10Dig of a specific entry10Appendix 2 – Using Regex features of NAPTR11Size: 184 KBPages: 12Language: EnglishOpen manual
/en/manuals/1610747/Table of ContentsIntroduction3Configuring the VCS4Configuring an ENUM zone and search rule4Configuring the VCS with a DNS server6Configuring NAPTR on a DNS server8BIND style configuration8Appendix 1: Troubleshooting10Wireshark10Dig10Dig of a specific entry10Appendix 2: Using Regex features of NAPTR11Document revision history12Size: 257 KBPages: 13Language: EnglishOpen manual
/en/manuals/1610741/Table of ContentsIntroduction3Configuring the VCS4Configuring an ENUM zone and search rule4Configuring the VCS with a DNS server6Configuring NAPTR on a DNS server7BIND style configuration7Appendix 1: Troubleshooting9Wireshark9Dig9Dig of a specific entry9Appendix 2: Using Regex features of NAPTR10Document revision history11Size: 253 KBPages: 12Language: EnglishOpen manual
/en/manuals/1610730/Table of ContentsIntroduction3Configuring the VCS5Configuring an ENUM Zone and Search Rule5Configuring the VCS with a DNS Server7Configuring NAPTR on a DNS Server9BIND Style Configuration9Appendix 1: Troubleshooting11Wireshark11Dig11Dig of a Specific Entry11Appendix 2: Using Regex Features of NAPTR13Document Revision History15Cisco Legal Information15Cisco Trademark16Size: 220 KBPages: 16Language: EnglishOpen manual
/en/manuals/1610728/Table of ContentsIntroduction3Configuring the VCS4Configuring an ENUM zone and search rule4Configuring the VCS with a DNS server6Configuring NAPTR on a DNS server7BIND style configuration7Appendix 1: Troubleshooting9Wireshark9Dig9Dig of a specific entry9Appendix 2: Using Regex features of NAPTR10Document revision history11Size: 252 KBPages: 12Language: EnglishOpen manual
/en/manuals/1610724/Table of ContentsDocument revision history5Introduction6Prerequisites8Upgrade Cisco VCS X1 / X2 Alternates to a Cisco VCS X5 cluster9Upgrade a non-clustered X3/X4 Cisco VCS to a non-clustered X5 Cisco VCS10Upgrade a Cisco VCS X3 / X4 cluster to an X5 cluster (including Cisco TMS to 12.6 and non-clustered Cisco VCSs to X5)11Upgrade Cisco TMS to 12.6 and Cisco VCS to X511Upgrade Cisco TMS to 12.611Upgrade Cisco VCS clusters to X5.212Upgrade master peer12Upgrade non-master peers14Upgrade non-clustered Cisco VCSs to X5.216Complete the Cisco TMS upgrade17Additional cluster configuration18Upgrade an X5.0 cluster to an X5.2 cluster19Before the upgrade19Upgrade Cisco TMS 12.5 to Cisco TMS 12.619Restore TMS Agent data replication on non clustered Cisco VCSs20Upgrade Cisco VCS clusters to X5.221Upgrade master peer21Upgrade non-master peers22After the cluster peers have been upgraded23Create a new cluster of Cisco VCS X5 peers24Prerequisites24Set up the cluster24No Cisco TMS31Additional cluster configuration31Add an X5 Cisco VCS to a Cisco VCS X5 cluster32Remove a live Cisco VCS from a Cisco VCS X5 cluster (permanently)37Reconfigure Cisco TMS39Remove an out-of-service Cisco VCS from a Cisco VCS X5 cluster (permanently)40Reconfigure Cisco TMS41Before you reconnect the out-of-service Cisco VCS back to the network41Disband a Cisco VCS X5 cluster42Reconfigure Cisco TMS44Change the master peer of a Cisco VCS X5 cluster45Changing the master peer in a cluster where the old master Cisco VCS is accessible or is not accessible45Reconfigure Cisco TMS45If the old master is not available46Change the IP address of a Cisco VCS X5 peer47Appendix 1 – Backing up a Cisco VCS48Backing up a pre X3.0 Cisco VCS48Backing up an X3.0 or later Cisco VCS48Appendix 2 – Ensure that root access via SSH is enabled49Appendix 3 – Adding a Cisco VCS to Cisco TMS50Appendix 4 – IP Port numbers52Appendix 5 – Impact of clustering on other Cisco VCS applications53Conference Factory (Multiway™)53Microsoft Office Communications Server 2007 (OCS)53Appendix 6 – Configuring endpoints to work with a Cisco VCS cluster54H.323 endpoints54Option 1 – DNS SRV (preferred)54Option 2 – DNS Round-Robin (2nd choice)54Option 3 – Static IP (least preferred)55SIP endpoints55Option 1 – DNS SRV (preferred)55Option 2 – DNS Round-Robin (2nd choice)56Option 3 – Static IP (least preferred)56Appendix 7 – Troubleshooting57Cisco VCS warnings57“Cluster name not configured: if FindMe or clustering are in use a cluster name must be defined; see the Clustering section of the VCS Administrator Guide for more information”57“Cluster replication error: the Master peer is unreachable”57“Cluster replication error: there was an error during automatic replication of configuration”57“Cluster replication error: <details> manual synchronization of configuration is required”58"Cluster replication error: the NTP server is unreachable"58"Cluster replication error: the local VCS does not appear in the list of peers"58"Cluster replication error: automatic replication of configuration has been temporarily disabled because an upgrade is in progress"59"Invalid clustering configuration: H.323 mode must be turned On - clustering uses H.323 communications between peers"59“Security alert: the TMS Agent database has the default LDAP password set”59“Security alert: the TMS Agent database has the default replication password set”59Cluster script, option 559“WARNING: There are more Public Keys than there are alternates.”59Cisco TMS warnings60Cisco TMS Cluster Diagnostics60Conference factory template does not replicate60Cisco VCS’s External manager protocol keeps getting set to HTTPS60Why are Cisco VCS peers regularly doing reverse DNS lookups for one-another?60My cluster of Cisco VCS Expressways with dual network interfaces is not replicating correctly61My cluster of Cisco VCS Expressways with static NAT is not replicating correctly61Appendix 8 – Upgrading Cisco TMS to 12.662Appendix 9 – Upgrade Cisco VCS software to X563Appendix 10 – Changing the cluster name (and keeping FindMe accounts)65Appendix 11 – Cluster name and DNS SRV records66Endpoints supporting SIP DNS SRV67Looking up .SRV records68Nslookup68Dig68Appendix 12 – NAPTR records69NAPTR record format69Looking up NAPTR records70Looking up an ENUM NAPTR record 70Looking up a domain NAPTR record71Size: 976 KBPages: 72Language: EnglishOpen manual
/en/manuals/1610721/Table of ContentsDocument revision history5Introduction6Prerequisites8Upgrade VCS X1 / X2 Alternates to a VCS X6.1 cluster9Upgrade an X3 / X4 / X5.0 cluster to an X6.1 cluster10Upgrade an X5.1, X5.1.1, X5.2 or X6.0 cluster to an X6.1 cluster11Before the upgrade11Un-cluster the X5.x/X6.0 cluster ready for re-clustering11Upgrade the master peer13Set up the master peer of the X6.1 cluster14Upgrade non-master peers15Add an X6.1 VCS to the VCS X6.1 cluster16Enable replication for the whole cluster20After the upgrade20Using Cisco TMS20No Cisco TMS21Create a new cluster of VCS X6.1 peers22Prerequisites22Set up the master peer of the cluster22After the master peer configuration25No Cisco TMS26Additional cluster configuration26Add an X6.1 VCS to a VCS X6.1 cluster27After adding the Cisco VCS peer to the cluster32Additional cluster configuration33Remove a live Cisco VCS from a VCS X6.1 cluster (permanently)34Reconfigure Cisco TMS35After the removal35Remove an out-of-service Cisco VCS from a VCS X6.1 cluster (permanently)37Reconfigure Cisco TMS38After the removal38Before you reconnect the out-of-service Cisco VCS back to the network38Disband a VCS X6.1 cluster39Reconfigure Cisco TMS41Change the master peer of a VCS X6.1 cluster42Changing the master peer where the old master is or is not accessible42Reconfigure Cisco TMS42If the old master is not available42Change the IP address of a VCS X6.1 peer43Appendix 1 – Backing up a Cisco VCS44Backing up a pre X3.0 VCS44Backing up an X3.0 or later Cisco VCS44Appendix 2 – Adding a Cisco VCS to Cisco TMS45Appendix 3 – IP port numbers47Appendix 4 – Impact of clustering on other Cisco VCS applications48Conference Factory (Multiway™)48Microsoft Office Communications Server 2007 (OCS)48Appendix 5 – Configuring endpoints to work with a Cisco VCS cluster49H.323 endpoints49Option 1 – DNS SRV (preferred)49Option 2 – DNS Round-Robin (2nd choice)49Option 3 – Static IP (least preferred)50SIP endpoints50Option 1 – SIP Outbound (preferred)50Option 2 – DNS SRV (2nd choice)51Option 3 – DNS Round-Robin (3rd choice)51Option 4 – Static IP (least preferred)52Appendix 6 – Troubleshooting53Cisco VCS Warnings53“Cluster name not configured: if FindMe or clustering are in use a cluster name must be defined; see the Clustering section of the Cisco VCS Administrator Guide for more information”53“Cluster replication error: the Master peer is unreachable”53“Cluster replication error: there was an error during automatic replication of configuration”53“Cluster replication error: <details> manual synchronization of configuration is required”54"Cluster replication error: the NTP server is unreachable"55"Cluster replication error: the local VCS does not appear in the list of peers"55"Cluster replication error: automatic replication of configuration has been temporarily disabled because an upgrade is in progress"55"Invalid clustering configuration: H.323 mode must be turned On - clustering uses H.323 communications between peers"55“Security alert: the TMS Agent database has the default LDAP password set”55“Security alert: the TMS Agent database has the default replication password set”55“VCS Database failure: Please contact your Cisco support representative”55Cisco TMS warnings56TMS Cluster Diagnostics56Conference Factory template does not replicate56VCS’s External manager protocol keeps getting set to HTTPS56My cluster of Cisco VCS Expressways with dual network interfaces is not replicating correctly57My cluster of Cisco VCS Expressways with static NAT is not replicating correctly57Appendix 7 – Upgrading Cisco TMS to 12.658Appendix 8 – Upgrade VCS X5.1, X5.1.1 or X5.2 software to X6.159Appendix 9 – Changing the cluster name (and keeping FindMe accounts)61Appendix 10 – Cluster name and DNS SRV records62Endpoints supporting SIP DNS SRV63Looking up .SRV records64Nslookup64Dig64Appendix 11 – NAPTR records65NAPTR record format65Looking up NAPTR records66Looking up an ENUM NAPTR record 66Looking up a domain NAPTR record67Size: 810 KBPages: 68Language: EnglishOpen manual
/en/manuals/1602940/Table of ContentsDocument revision history5Introduction6Prerequisites8Upgrade VCS X1 / X2 Alternates to a VCS X6.0 cluster9Upgrade a VCS X3 / X4 / X5.0 cluster to an X6.0 cluster10Upgrade an X5.1, X5.1.1 or X5.2 cluster to an X6.0 cluster11Before the upgrade11Un-cluster the X5 cluster ready for re-clustering11Upgrade the Master peer13Set up the master peer of the X6.0 cluster14Upgrade non-master peers16Add an X6.0 VCS to the VCS X6.0 cluster17Enable replication for the whole cluster22After the upgrade22Using Cisco TMS22No Cisco TMS23Create a new cluster of VCS X6.0 peers24Prerequisites24Set up the master peer of the cluster24After the master peer configuration29No Cisco TMS29Additional cluster configuration29Add an X6.0 VCS to a VCS X6.0 cluster30After adding the Cisco VCS peer to the cluster36Additional cluster configuration37Remove a live Cisco VCS from a VCS X6.0 cluster (permanently)38Reconfigure Cisco TMS40After the removal40Remove an out-of-service Cisco VCS from a VCS X6.0 cluster (permanently)41Reconfigure Cisco TMS42Before you reconnect the out-of-service Cisco VCS back to the network42Disband a VCS X6.0 cluster43Reconfigure Cisco TMS45Change the master peer of a VCS X6.0 cluster46Changing the master peer in a cluster where the old master Cisco VCS is accessible or is not accessible46Reconfigure Cisco TMS46If the old master is not available47Change the IP address of a VCS X6.0 peer48Appendix 1 – Backing up a Cisco VCS49Backing up a pre X3.0 VCS49Backing up an X3.0 or later Cisco VCS49Appendix 2 – Ensure that root access via SSH is enabled50Appendix 3 – Adding a Cisco VCS to Cisco TMS51Appendix 4 – IP Port numbers53Appendix 5 – Impact of clustering on other Cisco VCS applications54Conference Factory (Multiway™)54Microsoft Office Communications Server 2007 (OCS)54Appendix 6 – Configuring endpoints to work with a Cisco VCS cluster55H.323 endpoints55Option 1 – DNS SRV (preferred)55Option 2 – DNS Round-Robin (2nd choice)55Option 3 – Static IP (least preferred)56SIP endpoints56Option 1 – SIP Outbound (preferred)56Option 2 – DNS SRV (2nd choice)57Option 3 – DNS Round-Robin (3rd choice)57Option 4 – Static IP (least preferred)58Appendix 7 – Troubleshooting59Cisco VCS Warnings59“Cluster name not configured: if FindMe or clustering are in use a cluster name must be defined; see the Clustering section of the Cisco VCS Administrator Guide for more information”59“Cluster replication error: the Master peer is unreachable”59“Cluster replication error: there was an error during automatic replication of configuration”59“Cluster replication error: <details> manual synchronization of configuration is required”60"Cluster replication error: the NTP server is unreachable"60"Cluster replication error: the local VCS does not appear in the list of peers"61"Cluster replication error: automatic replication of configuration has been temporarily disabled because an upgrade is in progress"61"Invalid clustering configuration: H.323 mode must be turned On - clustering uses H.323 communications between peers"61“Security alert: the TMS Agent database has the default LDAP password set”61“Security alert: the TMS Agent database has the default replication password set”61"Cluster replication error: cannot find master or this peer's configuration file, manual synchronization of configuration is required"61“VCS Database failure: Please contact your Cisco support representative”62Cluster script, option 563“WARNING: There are more Public Keys than there are cluster peers.”63Cisco TMS warnings63TMS Cluster Diagnostics63Conference factory template does not replicate63VCS’s External manager protocol keeps getting set to HTTPS63Why are Cisco VCS peers regularly doing reverse DNS lookups for one-another?64My cluster of Cisco VCS Expressways with dual network interfaces is not replicating correctly64My cluster of Cisco VCS Expressways with static NAT is not replicating correctly64Appendix 8 – Upgrading Cisco TMS to 12.6 or later65Appendix 9 – Upgrade VCS X5.1, X5.1.1 or X5.2 software to X6.066Appendix 10 – Changing the cluster name (and keeping FindMe accounts)68Appendix 11 – Cluster name and DNS SRV records69Endpoints supporting SIP DNS SRV71Looking up .SRV records72Nslookup72Dig72Appendix 12 – NAPTR records73NAPTR record format73Looking up NAPTR records74Looking up an ENUM NAPTR record 74Looking up a domain NAPTR record75Size: 844 KBPages: 76Language: EnglishOpen manual
/en/manuals/1610704/Table of ContentsDocument revision history5Introduction6Prerequisites8Upgrade VCS X1 / X2 Alternates to a VCS X7.0.n cluster9Upgrade an X3 / X4 / X5.0 cluster to an X7.0.n cluster10Upgrade an X5.1, X5.1.1 or X5.2 cluster to an X7.0.n cluster11Upgrade an X6.0, X6.1, X7.0 or X7.0.n cluster to an X7.0.n cluster12Before the upgrade12Upgrade Cisco VCS cluster peers to X7.0.n12Upgrade the Master peer12Upgrade non-master peers15After all the cluster peers have been upgraded16After the upgrade17Check cluster status17Create a new cluster of VCS X7.0.n peers18Prerequisites18Set up the master peer of the cluster18After the master peer configuration22No Cisco TMS22Additional cluster configuration22Adding another cluster peer22Add an X7.0.n VCS to a VCS X7.0.n cluster (n is the same value on all peers)23After adding the Cisco VCS peer to the cluster29Additional cluster configuration29Remove a live Cisco VCS from a VCS X7.0.n cluster (permanently)30Reconfigure Cisco TMS31After the removal31Remove an out-of-service Cisco VCS from a VCS X7.0.n cluster (permanently)33Reconfigure Cisco TMS34After the removal34Before you reconnect the out-of-service Cisco VCS back to the network34Disband a VCS X7.0.n cluster36Reconfigure Cisco TMS38Change the master peer of a VCS X7.0.n cluster39Changing the master peer where the old master is or is not accessible39Reconfigure Cisco TMS39If the old master is not available39Change the IP address of a VCS X7.0.n peer40Appendix 1 – Backing up a Cisco VCS41Backing up an X5.0 or later Cisco VCS41Appendix 2 – Adding a Cisco VCS to Cisco TMS42Appendix 3 – IP port and protocol numbers44Appendix 4 – Impact of clustering on other Cisco VCS applications45Conference Factory (Multiway™)45Microsoft Office Communications Server 2007 (OCS) and Lync Server 201045Appendix 5 – Configuring endpoints to work with a Cisco VCS cluster46H.323 endpoints46Option 1 – DNS SRV (preferred)46Option 2 – DNS Round-Robin (2nd choice)46Option 3 – Static IP (least preferred)47SIP endpoints47Option 1 – SIP Outbound (preferred)47Option 2 – DNS SRV (2nd choice)48Option 3 – DNS Round-Robin (3rd choice)48Option 4 – Static IP (least preferred)49Appendix 6 – Troubleshooting50Cisco VCS alarms and warnings50“Cluster name not configured: if FindMe or clustering are in use a cluster name must be defined; see the Clustering section of the Cisco VCS Administrator Guide for more information”50“Cluster replication error: <details> manual synchronization of configuration is required”50"Cluster replication error: the NTP server is unreachable"50"Cluster replication error: the local VCS does not appear in the list of peers"50"Cluster replication error: automatic replication of configuration has been temporarily disabled because an upgrade is in progress"50"Invalid clustering configuration: H.323 mode must be turned On - clustering uses H.323 communications between peers"51“Security alert: the TMS Agent database has the default LDAP password set”51“Security alert: the TMS Agent database has the default replication password set”51“VCS database failure: Please contact your Cisco support representative”51Cisco TMS52No TMS Agent tabs52Cisco TMS warnings52TMS Cluster Diagnostics52Conference Factory template does not replicate52VCS’s External manager protocol keeps getting set to HTTPS52My cluster of Cisco VCS Expressways with dual network interfaces is not replicating correctly53My cluster of Cisco VCS Expressways with static NAT is not replicating correctly53Appendix 7 – Upgrading Cisco TMS to 12.654Appendix 8 – Changing the cluster name (and keeping FindMe accounts)55Appendix 9 – Cluster name and DNS SRV records56Endpoints supporting SIP DNS SRV57Looking up .SRV records58Nslookup58Dig58Appendix 10 – NAPTR records60NAPTR record format60Looking up NAPTR records61Looking up an ENUM NAPTR record 61Looking up a domain NAPTR record62Size: 699 KBPages: 63Language: EnglishOpen manual
/en/manuals/1610703/Table of ContentsIntroduction5Prerequisites7Upgrade an X6.0, X6.1, X7.0 or X7.0.n or X7.1 cluster to an X7.2 cluster8Before the upgrade8Upgrade VCS cluster peers to X7.28Upgrade the Master peer8Upgrade non-master peers11After all the cluster peers have been upgraded12After the upgrade13Check cluster status13Upgrade an X7.1 cluster to an X7.2 cluster (Provisioning Extension mode)14Before the upgrade14Upgrade VCS cluster peers to X7.214Upgrade the Master peer14Upgrade non-master peers15After all the cluster peers have been upgraded check cluster status16Create a new cluster of VCS X7.2 peers (Provisioning Extension mode – preferred)17Prerequisites17Set up the master peer of the cluster17After the master peer configuration19Additional cluster configuration19Create a new cluster of VCS X7.2 peers (TMS Agent legacy mode)20Prerequisites20Set up the master peer of the cluster20After the master peer configuration24No Cisco TMS24Additional cluster configuration24Add an X7.2 VCS to a VCS X7.2 cluster (Provisioning Extension mode)25Prerequisites25After adding the VCS peer to the cluster29Additional cluster configuration29Add an X7.2 VCS to a VCS X7.2 cluster (TMS Agent legacy mode)30After adding the VCS peer to the cluster35Additional cluster configuration36Remove a live VCS from a VCS X7.2 cluster (permanently)37Reconfigure TMS38After the removal38Remove an out-of-service VCS from a VCS X7.2 cluster (permanently)40Reconfigure TMS41After the removal41Before reconnecting the out-of-service VCS back to the network41Disband a VCS X7.2 cluster43Reconfigure TMS45Change the master peer of a VCS X7.2 cluster46Changing the master peer where the old master is or is not accessible46Reconfigure TMS46If the old master is not available46Change the IP address of a VCS X7.2 peer47Upgrading VCS X5.2 or earlier versions to X7.248Upgrade VCS X1 / X2 Alternates to a VCS X7.2 cluster48Upgrade an X3 / X4 / X5.0 cluster to an X7.2 cluster48Upgrade an X5.1, X5.1.1 or X5.2 cluster to an X7.2 cluster48Appendix 1 – Backing up a VCS49Backing up an X5.0 or later VCS49Appendix 2 – Adding a VCS to TMS50Appendix 3 – IP ports and protocols52IPSEC communications52Appendix 4 – Impact of clustering on other VCS applications53Conference Factory (Multiway™)53Microsoft Office Communications Server 2007 (OCS) and Lync Server 201053Appendix 5 – Configuring endpoints to work with a VCS cluster54H.323 endpoints54Option 1 – DNS SRV (preferred)54Option 2 – DNS Round-Robin (2nd choice)54Option 3 – Static IP (least preferred)55SIP endpoints55Option 1 – SIP Outbound (preferred)55Option 2 – DNS SRV (2nd choice)56Option 3 – DNS Round-Robin (3rd choice)56Option 4 – Static IP (least preferred)56Appendix 6 – Troubleshooting58Cisco VCS alarms and warnings58“Cluster name not configured: if FindMe or clustering are in use a cluster name must be defined; see the Clustering section of the VCS Administrator Guide for more information”58“Cluster replication error: <details> manual synchronization of configuration is required”58"Cluster replication error: the NTP server is unreachable"58"Cluster replication error: the local VCS does not appear in the list of peers"58"Cluster replication error: automatic replication of configuration has been temporarily disabled because an upgrade is in progress"59"Invalid clustering configuration: H.323 mode must be turned On - clustering uses H.323 communications between peers"59“Security alert: the TMS Agent database has the default LDAP password set”59“Security alert: the TMS Agent database has the default replication password set”59“VCS database failure: Please contact your Cisco support representative”59Cisco TMS60No TMS Agent tabs60Cisco TMS warnings60TMS Cluster Diagnostics60Conference Factory template does not replicate60VCS’s External manager protocol keeps getting set to HTTPS60My cluster of Cisco VCS Expressways with dual network interfaces is not replicating correctly61My cluster of Cisco VCS Expressways with static NAT is not replicating correctly61Appendix 7 – Changing the cluster name (and keeping FindMe accounts)62Provisioning Extension mode62TMS Agent legacy mode62Appendix 8 – Cluster name and DNS SRV records63Endpoints supporting SIP DNS SRV64Looking up .SRV records65Web browser checking of DNS SRV settings65Nslookup66Dig66Appendix 9 – NAPTR records67NAPTR record format67Looking up NAPTR records68Looking up an ENUM NAPTR record 68Looking up a domain NAPTR record69Document revision history70Size: 465 KBPages: 71Language: EnglishOpen manual
/en/manuals/1610695/Table of ContentsIntroduction4Prerequisites5Upgrading an X7.1 or later cluster to X8.16Prerequisites6Upgrade VCS cluster peers to X8.16Upgrade the Master peer6Upgrade non-master peers7After all the cluster peers have been upgraded: check cluster status8Setting up a new cluster of VCS peers9Process summary9Prerequisites9Set up the master peer of the cluster9After the master peer configuration11Adding a VCS to an existing cluster12Prerequisites12Add the new peer12Check replication status16Additional cluster configuration16Specifying peer-specific items17Removing a live VCS from a cluster (permanently)19Removing an out-of-service VCS from a cluster (permanently)21Before reconnecting the out-of-service VCS back to the network22Disbanding a VCS cluster23Changing the master peer of a VCS cluster25Changing the IP address of a VCS peer26Replacing a VCS peer27Upgrading earlier VCS versions to X8.128Upgrading an X7.1 or X7.2 cluster in TMS Agent legacy mode to an X8.1 cluster28Upgrading an X6.0, X6.1, X7.0, or X7.0.n cluster to an X8.1 cluster28Upgrading an X5.1, X5.1.1 or X5.2 cluster to an X8.1 cluster28Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 cluster to an X8.1 cluster29Appendix 1: Troubleshooting30VCS alarms and warnings30“Cluster name not configured: if FindMe or clustering are in use a cluster na...30“Cluster replication error: <details> manual synchronization of configuration...30Cluster replication error: the NTP server is unreachable30Cluster replication error: the local VCS does not appear in the list of peers30Cluster replication error: automatic replication of configuration has been te...31Invalid clustering configuration: H.323 mode must be turned On - clustering u...31“VCS database failure: Please contact your Cisco support representative”31Cisco TMS warnings31Cisco TMS Cluster Diagnostics31Conference Factory template does not replicate31VCS’s External manager protocol keeps getting set to HTTPS32Cluster with Advanced Networking is not replicating correctly32Cluster with static NAT is not replicating correctly32Appendix 2: Adding a VCS to Cisco TMS33Appendix 3: IP ports and protocols35IPSec communications35Appendix 4: Impact of clustering on other VCS applications36Conference Factory (Multiway™)36Microsoft Lync36Appendix 5: Configuring endpoints to work with a VCS cluster37H.323 endpoints37SIP endpoints38Appendix 6: Cluster name and DNS SRV records41Endpoints supporting SIP DNS SRV42Checking DNS SRV settings43Appendix 7: NAPTR records45NAPTR record format45Document revision history47Size: 703 KBPages: 48Language: EnglishOpen manual
/en/manuals/1609898/Table of ContentsIntroduction4Prerequisites5Upgrading an X7.1 or later cluster to X8.26Prerequisites6Upgrade VCS cluster peers to X8.26Upgrade the Master peer6Upgrade non-master peers7After all the cluster peers have been upgraded: check cluster status8Setting up a new cluster of VCS peers9Process summary9Prerequisites9Set up the master peer of the cluster9After the master peer configuration11Adding a VCS to an existing cluster12Prerequisites12Add the new peer12Check replication status16Additional cluster configuration16Specifying peer-specific items17Removing a live VCS from a cluster (permanently)19Removing an out-of-service VCS from a cluster (permanently)21Before reconnecting the out-of-service VCS back to the network22Disbanding a VCS cluster23Changing the master peer of a VCS cluster25Changing the IP address of a VCS peer26Replacing a VCS peer27Upgrading earlier VCS versions to X8.228Upgrading an X7.1 or X7.2 cluster in TMS Agent legacy mode to an X8.2 cluster28Upgrading an X6.0, X6.1, X7.0, or X7.0.n cluster to an X8.2 cluster28Upgrading an X5.1, X5.1.1 or X5.2 cluster to an X8.2 cluster28Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 cluster to an X8.2 cluster29Appendix 1: Troubleshooting30VCS alarms and warnings30“Cluster name not configured: if FindMe or clustering are in use a cluster na...30“Cluster replication error: <details> manual synchronization of configuration...30Cluster replication error: the NTP server is unreachable30Cluster replication error: the local VCS does not appear in the list of peers30Cluster replication error: automatic replication of configuration has been te...31Invalid clustering configuration: H.323 mode must be turned On - clustering u...31“VCS database failure: Please contact your Cisco support representative”31Cisco TMS warnings31Cisco TMS Cluster Diagnostics31Conference Factory template does not replicate31VCS’s External manager protocol keeps getting set to HTTPS32Cluster with Advanced Networking is not replicating correctly32Cluster with static NAT is not replicating correctly32Appendix 2: Adding a VCS to Cisco TMS33Appendix 3: IP ports and protocols35IPSec communications35Appendix 4: Impact of clustering on other VCS applications36Conference Factory (Multiway™)36Microsoft Lync36Appendix 5: Configuring endpoints to work with a VCS cluster37H.323 endpoints37SIP endpoints38Appendix 6: Cluster name and DNS SRV records41Endpoints supporting SIP DNS SRV42Checking DNS SRV settings43Appendix 7: NAPTR records45NAPTR record format45Document revision history47Size: 705 KBPages: 48Language: EnglishOpen manual
/en/manuals/1610682/Table of ContentsIntroduction4Prerequisites5Upgrading an X7.1 or later cluster to X8.56Prerequisites6Upgrade VCS cluster peers to X8.56Upgrade the Master peer6Upgrade non-master peers7After all the cluster peers have been upgraded: check cluster status8Setting up a new cluster of VCS peers9Process summary9Prerequisites9Set up the master peer of the cluster9After the master peer configuration11Adding a VCS to an existing cluster12Prerequisites12Add the new peer12Check replication status16Additional cluster configuration16Specifying peer-specific items17Neighboring between VCS clusters19Removing a live VCS from a cluster (permanently)20Removing an out-of-service VCS from a cluster (permanently)22Before reconnecting the out-of-service VCS back to the network23Disbanding a VCS cluster24Changing the master peer of a VCS cluster26Changing the IP address of a VCS peer27Replacing a VCS peer28Upgrading earlier VCS versions to X8.529Upgrading an X7.1 or X7.2 cluster in TMS Agent legacy mode to an X8.5 cluster29Upgrading an X6.0, X6.1, X7.0, or X7.0.n cluster to an X8.5 cluster29Upgrading an X5.1, X5.1.1 or X5.2 cluster to an X8.5 cluster29Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 cluster to an X8.5 cluster30Appendix 1: Troubleshooting31VCS alarms and warnings31“Cluster name not configured: if FindMe or clustering are in use a cluster na...31“Cluster replication error: <details> manual synchronization of configuration...31Cluster replication error: the NTP server is unreachable31Cluster replication error: the local VCS does not appear in the list of peers31Cluster replication error: automatic replication of configuration has been te...32Invalid clustering configuration: H.323 mode must be turned On - clustering u...32“VCS database failure: Please contact your Cisco support representative”32Cisco TMS warnings32Cisco TMS Cluster Diagnostics32Conference Factory template does not replicate32VCS’s External manager protocol keeps getting set to HTTPS33Cluster with Advanced Networking is not replicating correctly33Cluster with static NAT is not replicating correctly33Appendix 2: Adding a VCS to Cisco TMS34Appendix 3: IP ports and protocols36IPSec communications36MTU size36Appendix 4: Impact of clustering on other VCS applications37Conference Factory (Multiway™)37Microsoft Lync37Appendix 5: Configuring endpoints to work with a VCS cluster38H.323 endpoints38SIP endpoints39Appendix 6: Cluster name and DNS SRV records42Endpoints supporting SIP DNS SRV43Checking DNS SRV settings44Appendix 7: NAPTR records46NAPTR record format46Document revision history48Size: 720 KBPages: 49Language: EnglishOpen manual
/en/manuals/1610677/Table of ContentsIntroduction4Prerequisites5Upgrading an X7.1 or later cluster to X8.56Prerequisites6Upgrade VCS cluster peers to X8.56Upgrade the Master peer6Upgrade non-master peers7After all the cluster peers have been upgraded: check cluster status8Setting up a new cluster of VCS peers9Process summary9Prerequisites9Set up the master peer of the cluster9After the master peer configuration11Adding a VCS to an existing cluster12Prerequisites12Add the new peer12Check replication status16Additional cluster configuration16Specifying peer-specific items17Neighboring between VCS clusters19Removing a live VCS from a cluster (permanently)20Removing an out-of-service VCS from a cluster (permanently)22Before reconnecting the out-of-service VCS back to the network23Disbanding a VCS cluster24Changing the master peer of a VCS cluster26Changing the IP address of a VCS peer27Replacing a VCS peer28Upgrading earlier VCS versions to X8.529Upgrading an X7.1 or X7.2 cluster in TMS Agent legacy mode to an X8.5 cluster29Upgrading an X6.0, X6.1, X7.0, or X7.0.n cluster to an X8.5 cluster29Upgrading an X5.1, X5.1.1 or X5.2 cluster to an X8.5 cluster29Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 cluster to an X8.5 cluster30Appendix 1: Troubleshooting31VCS alarms and warnings31“Cluster name not configured: if FindMe or clustering are in use a cluster na...31“Cluster replication error: <details> manual synchronization of configuration...31Cluster replication error: the NTP server is unreachable31Cluster replication error: the local VCS does not appear in the list of peers31Cluster replication error: automatic replication of configuration has been te...32Invalid clustering configuration: H.323 mode must be turned On - clustering u...32“VCS database failure: Please contact your Cisco support representative”32Cisco TMS warnings32Cisco TMS Cluster Diagnostics32Conference Factory template does not replicate32VCS’s External manager protocol keeps getting set to HTTPS33Cluster with Advanced Networking is not replicating correctly33Cluster with static NAT is not replicating correctly33Appendix 2: Adding a VCS to Cisco TMS34Appendix 3: IP ports and protocols36IPSec communications36MTU size36Appendix 4: Impact of clustering on other VCS applications37Conference Factory (Multiway™)37Microsoft Lync37Appendix 5: Configuring endpoints to work with a VCS cluster38H.323 endpoints38SIP endpoints39Appendix 6: Cluster name and DNS SRV records42Endpoints supporting SIP DNS SRV43Checking DNS SRV settings44Appendix 7: NAPTR records46NAPTR record format46Document revision history48Size: 716 KBPages: 49Language: EnglishOpen manual
/en/manuals/1610675/Table of ContentsIntroduction3Prerequisites4Upgrade an X7.1 (or Later) Cluster to X8.76Prerequisites6Upgrade VCS Cluster Peers to X8.76Upgrade the Primary Peer6Upgrade Subordinate Peers7Check Cluster Status8Create a New Cluster of VCS Peers9Process Summary9Prerequisites9Configure the Primary Peer9Next Steps11Add a Peer to a Cluster12Prerequisites12Add the New Peer12Check Replication Status16Next Steps16Peer-Specific Items17Neighboring Between VCS Clusters19Remove a Live Peer From a Cluster (Permanently)20Remove a Dead Peer From a Cluster (Permanently)22Clear Configuration From This Peer22Disband a Cluster24Change the Primary Peer26Change the IP address of a Peer27Replace a Peer28Replace a Peer And Keep Its Configuration28Appendix 1: Troubleshooting29VCS Alarms and Warnings29Cluster name not configured: if FindMe or clustering are in use a cluster nam...29Cluster replication error: <details> manual synchronization of configuration ...29Cluster replication error: the NTP server is unreachable29Cluster replication error: the local VCS does not appear in the list of peers29Cluster replication error: automatic replication of configuration has been te...29Invalid clustering configuration: H.323 mode must be turned On - clustering u...29VCS database failure: Please contact your Cisco support representative30Cisco TMS Warnings30Cisco TMS Cluster Diagnostics30Conference Factory Template Does Not Replicate30VCS’s External Manager Protocol Keeps Getting Set to HTTPS30Cluster With Advanced Networking is Not Replicating Correctly31Cluster With Static NAT is Not Replicating Correctly31Appendix 2: IP Ports and Protocols32External firewalls between peers32Firewall rules on the peers32Cisco TelePresence Management Suite Provisioning Extension32IPSec Communications32MTU Size32Appendix 3: Cluster Name and DNS SRV Records34DNS SRV Configuration for Mobile and Remote Access34DNS SRV Configuration for Legacy Video Conferencing Deployments35Endpoints Supporting SIP DNS SRV36Checking DNS SRV Settings37Appendix 4: NAPTR Records38NAPTR Record Format38Appendix 5: Impact of Clustering on Other VCS Applications40Conference Factory (Multiway™)40Microsoft Lync40Appendix 6: Add a VCS to Cisco TMS41Appendix 7: Configure Endpoints to Work With a Cluster43SIP Endpoints43H.323 Endpoints44Appendix 8: Upgrade Earlier VCS Versions to X8.746Upgrading an X7.1 or X7.2 Cluster in TMS Agent Legacy Mode to X8.746Upgrading an X6.0, X6.1, X7.0, or X7.0.n Cluster to X8.746Upgrading an X5.1, X5.1.1 or X5.2 Cluster to X8.746Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 Cluster to X8.746Document Revision History48Cisco Legal Information49Cisco Trademark49Size: 625 KBPages: 50Language: EnglishOpen manual
/en/manuals/1610672/Table of ContentsIntroduction4Prerequisites5Upgrading an X7.1 or later cluster to X8.66Prerequisites6Upgrade VCS cluster peers to X8.66Upgrade the Master peer6Upgrade non-master peers7After all the cluster peers have been upgraded: check cluster status8Setting up a new cluster of VCS peers9Process summary9Prerequisites9Set up the master peer of the cluster9After the master peer configuration11Adding a VCS to an existing cluster12Prerequisites12Add the new peer12Check replication status16Additional cluster configuration16Specifying Peer-Specific Items17Neighboring Between VCS Clusters19Removing a live VCS from a cluster (permanently)20Removing an out-of-service VCS from a cluster (permanently)22Before reconnecting the out-of-service VCS back to the network23Disbanding a VCS cluster24Changing the master peer of a VCS cluster26Changing the IP address of a VCS peer27Replacing a VCS peer28Replace a Peer but Keep its Configuration28Upgrading earlier VCS versions to X8.630Upgrading an X7.1 or X7.2 cluster in TMS Agent legacy mode to an X8.6 cluster30Upgrading an X6.0, X6.1, X7.0, or X7.0.n cluster to an X8.6 cluster30Upgrading an X5.1, X5.1.1 or X5.2 cluster to an X8.6 cluster30Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 cluster to an X8.6 cluster31Appendix 1: Troubleshooting32VCS alarms and warnings32“Cluster name not configured: if FindMe or clustering are in use a cluster na...32“Cluster replication error: <details> manual synchronization of configuration...32Cluster replication error: the NTP server is unreachable32Cluster replication error: the local VCS does not appear in the list of peers32Cluster replication error: automatic replication of configuration has been te...33Invalid clustering configuration: H.323 mode must be turned On - clustering u...33“VCS database failure: Please contact your Cisco support representative”33Cisco TMS warnings33Cisco TMS Cluster Diagnostics33Conference Factory template does not replicate33VCS’s External manager protocol keeps getting set to HTTPS34Cluster with Advanced Networking is not replicating correctly34Cluster with static NAT is not replicating correctly34Appendix 2: Adding a VCS to Cisco TMS35Appendix 3: IP Ports and Protocols37External firewalls between peers37Firewall rules on the peers37Cisco TelePresence Management Suite Provisioning Extension37IPSec Communications37MTU Size38Appendix 4: Impact of clustering on other VCS applications39Conference Factory (Multiway™)39Microsoft Lync39Appendix 5: Configuring endpoints to work with a VCS cluster40H.323 endpoints40SIP endpoints41Appendix 6: Cluster name and DNS SRV records44Endpoints supporting SIP DNS SRV45Checking DNS SRV settings46Appendix 7: NAPTR records48NAPTR record format48Document revision history50Size: 758 KBPages: 51Language: EnglishOpen manual
/en/manuals/1610660/Table of ContentsPreface3Change History3Introduction6Prerequisites7Upgrade an X7.1 (or Later) Cluster to X8.89Prerequisites9Upgrade VCS Cluster Peers to X8.89Create a New Cluster of VCS Peers12Process Summary12Prerequisites12Configure the Primary Peer12Next Steps15Add a Peer to a Cluster16Prerequisites16Add the New Peer16Next Steps20Peer-Specific Items21Neighboring Between VCS Clusters23Remove a Live Peer From a Cluster (Permanently)24Remove a Dead Peer From a Cluster (Permanently)26Clear Configuration From This Peer26Disband a Cluster28Change the Primary Peer30Change the Address of a Peer31Replace a Peer32Replace a Peer And Keep Its Configuration32Appendix 1: Troubleshooting33VCS Alarms and Warnings33Cisco TMS Warnings34Cluster With Advanced Networking is Not Replicating Correctly35Cluster With Static NAT is Not Replicating Correctly35Appendix 2: IP Ports and Protocols36External Firewalls Between Peers36Firewall Rules on the Peers36Cisco TelePresence Management Suite Provisioning Extension36Appendix 3: Cluster Name and DNS SRV Records37DNS SRV Configuration for Mobile and Remote Access37DNS SRV Configuration for Legacy Video Conferencing Deployments38Checking DNS SRV Settings40Appendix 4: NAPTR Records41NAPTR Record Format41Appendix 5: Impact of Clustering on Other VCS Applications43Conference Factory (Multiway™)43Microsoft Interoperability43Appendix 6: Add a VCS to Cisco TMS44Appendix 7: Configure Endpoints to Work With a Cluster46SIP Endpoints46H.323 Endpoints47Appendix 8: Upgrade Earlier VCS Versions to X8.849Upgrading an X7.1 or X7.2 Cluster in TMS Agent Legacy Mode to X8.849Upgrading an X6.0, X6.1, X7.0, or X7.0.n Cluster to X8.849Upgrading an X5.1, X5.1.1 or X5.2 Cluster to X8.849Upgrading X1 / X2 Alternates or an X3 / X4 / X5.0 Cluster to X8.849Cisco Legal Information51Cisco Trademark51Size: 726 KBPages: 51Language: EnglishOpen manual
/en/manuals/1610658/Table of ContentsIntroduction3PKI Introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)5Creating a CSR using VCS (X7.2 or later)5Server certificates and clustered systems5Authorizing a request and generating a certificate using Microsoft Certificat...6Loading certificates and keys onto VCS8Loading a server certificate and private key onto VCS8Loading a trusted CA certificate onto VCS9Managing certificate revocation lists (CRLs)10CRL sources10Automatic CRL updates10Manual CRL updates11Configuring revocation checking for SIP TLS connections11Appendix 1 – Troubleshooting12SIP TLS negotiation failures on neighbor and traversal zones12Appendix 2 – Certificate generation using OpenSSL only13Creating a certificate request using OpenSSL13Operating as a Certificate Authority using OpenSSL14Configuring OpenSSL to act as a CA14Creating a Certificate Authority using OpenSSL15Creating a signed certificate using OpenSSL15Creating self-signed certificates using OpenSSL16Appendix 3 – Certificate generation using Microsoft OCS17Generating a certificate request17Authorizing a certificate request and generating a PEM certificate file using...20Process the ‘cert_inf.pem’ file into server certificate, CA certificate and p...23Appendix 4 – Converting a DER certificate file to PEM format26Appendix 5 – Example certificates28Example certificate with self-signed root CA28Example certificate with a root CA and secondary CA29Appendix 6 – Decoding certificates31Appendix 7 – Configuring Windows Server Manager with a client and server cert...32Document revision history35Size: 794 KBPages: 36Language: EnglishOpen manual
/en/manuals/1610653/Table of ContentsIntroduction3PKI introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)5Creating a CSR using VCS5Server certificates and clustered systems5Server certificates and Unified Communications6Authorizing a request and generating a certificate using Microsoft Certificat...7Loading certificates and keys onto VCS9Loading a server certificate and private key onto VCS9Managing the trusted CA certificate list10Managing certificate revocation lists (CRLs)11CRL sources11Automatic CRL updates11Manual CRL updates12Configuring revocation checking for SIP TLS connections12Appendix 1: Troubleshooting13SIP TLS negotiation failures on neighbor and traversal zones13Certificates with key length of 8192 bits13Service failures when using mobile and remote access13Appendix 2: Certificate generation using OpenSSL only14Creating a certificate request using OpenSSL14Operating as a Certificate Authority using OpenSSL15Configuring OpenSSL to act as a CA15Creating a Certificate Authority using OpenSSL16Creating a signed certificate using OpenSSL17Creating self-signed certificates using OpenSSL17Appendix 3: Converting a DER certificate file to PEM format18Appendix 4: Decoding certificates20Appendix 5: Configuring Windows Server Manager with a "client and server" certificate template21Document revision history24Size: 709 KBPages: 25Language: EnglishOpen manual
/en/manuals/1610644/Table of ContentsIntroduction3PKI introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)5Creating a CSR using VCS5Server certificates and clustered systems5Server certificate requirements for Unified Communications7Authorizing a request and generating a certificate using Microsoft Certificat...10Loading certificates and keys onto VCS12Loading a server certificate and private key onto VCS12Managing the trusted CA certificate list13Managing certificate revocation lists (CRLs)14CRL sources14Automatic CRL updates14Manual CRL updates15Configuring revocation checking for SIP TLS connections15Appendix 1: Troubleshooting17SIP TLS negotiation failures on neighbor and traversal zones17Certificates with key length of 8192 bits17Service failures when using mobile and remote access17Appendix 2: Certificate generation using OpenSSL only18Creating a certificate request using OpenSSL18Operating as a Certificate Authority using OpenSSL19Configuring OpenSSL to act as a CA19Creating a Certificate Authority using OpenSSL20Creating a signed certificate using OpenSSL21Creating self-signed certificates using OpenSSL21Appendix 3: Converting a DER certificate file to PEM format22Appendix 4: Decoding certificates24Appendix 5: Configuring Windows Server Manager with a "client and server" certificate template25Document revision history28Size: 757 KBPages: 29Language: EnglishOpen manual
/en/manuals/1603781/Table of ContentsIntroduction3PKI introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)5Creating a CSR using VCS5Server certificates and clustered systems6Server certificate requirements for Unified Communications7Authorizing a request and generating a certificate using Microsoft Certificat...10Loading certificates and keys onto VCS12Loading a server certificate and private key onto VCS12Managing the trusted CA certificate list13Managing certificate revocation lists (CRLs)14CRL sources14Automatic CRL updates14Manual CRL updates15Configuring revocation checking for SIP TLS connections15Appendix 1: Troubleshooting17SIP TLS negotiation failures on neighbor and traversal zones17Certificates with key length of 8192 bits17Service failures when using mobile and remote access17Issues with ssh failures and unsupported OIDs17Appendix 2: Certificate generation using OpenSSL only19Creating a certificate request using OpenSSL19Operating as a Certificate Authority using OpenSSL21Configuring OpenSSL to act as a CA21Creating a Certificate Authority using OpenSSL21Creating a signed certificate using OpenSSL22Creating self-signed certificates using OpenSSL23Appendix 3: Converting a DER certificate file to PEM format24Appendix 4: Decoding certificates27Appendix 5: Configuring Windows Server Manager with a "client and server" certificate template28Document revision history31Size: 786 KBPages: 32Language: EnglishOpen manual
/en/manuals/1610631/Table of ContentsIntroduction3PKI introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)5Creating a CSR using VCS5Server certificates and clustered systems6Server certificate requirements for Unified Communications7Cisco Unified Communications Manager certificates7VCS certificates7Authorizing a request and generating a certificate using Microsoft Certificat...10Loading certificates and keys onto VCS12Loading a server certificate and private key onto VCS12Managing the trusted CA certificate list13Managing certificate revocation lists (CRLs)14Certificate revocation sources14Automatic CRL updates14Manual CRL updates15Online Certificate Status Protocol (OCSP)15Configuring revocation checking for SIP TLS connections15Appendix 1: Troubleshooting17SIP TLS negotiation failures on neighbor and traversal zones17Subject Alternative Name fields longer than 999 characters17Certificates with key length of 8192 bits17Service failures when using mobile and remote access17Issues with ssh failures and unsupported OIDs17Appendix 2: Certificate generation using OpenSSL only19Creating a certificate request using OpenSSL19Operating as a Certificate Authority using OpenSSL21Configuring OpenSSL to act as a CA21Creating a Certificate Authority using OpenSSL21Creating a signed certificate using OpenSSL22Creating self-signed certificates using OpenSSL23Appendix 3: Converting a DER certificate file to PEM format24Appendix 4: Decoding certificates27Appendix 5: Configuring Windows Server Manager with a "client and server" certificate template28Document revision history31Size: 805 KBPages: 32Language: EnglishOpen manual
/en/manuals/1610627/Table of ContentsIntroduction3PKI introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)5Creating a CSR using VCS5Server certificates and clustered systems6Server certificate requirements for Unified Communications7Authorizing a request and generating a certificate using Microsoft Certificat...10Loading certificates and keys onto VCS12Loading a server certificate and private key onto VCS12Managing the trusted CA certificate list13Managing certificate revocation lists (CRLs)14CRL sources14Automatic CRL updates14Manual CRL updates15Configuring revocation checking for SIP TLS connections15Appendix 1: Troubleshooting17SIP TLS negotiation failures on neighbor and traversal zones17Certificates with key length of 8192 bits17Service failures when using mobile and remote access17Issues with ssh failures and unsupported OIDs17Appendix 2: Certificate generation using OpenSSL only19Creating a certificate request using OpenSSL19Operating as a Certificate Authority using OpenSSL21Configuring OpenSSL to act as a CA21Creating a Certificate Authority using OpenSSL21Creating a signed certificate using OpenSSL22Creating self-signed certificates using OpenSSL23Appendix 3: Converting a DER certificate file to PEM format24Appendix 4: Decoding certificates26Appendix 5: Configuring Windows Server Manager with a "client and server" certificate template27Document revision history30Size: 780 KBPages: 31Language: EnglishOpen manual
/en/manuals/1604755/Table of ContentsIntroduction3PKI introduction3Overview of certificate use on the VCS3Certificate generation overview4Generating a certificate signing request (CSR)4Creating a CSR using VCS4Server certificates and clustered systems5Server Certificate Requirements for Unified Communications5Cisco Unified Communications Manager Certificates5VCS Certificates6Authorizing a request and generating a certificate using Microsoft Certificat...8Loading certificates and keys onto VCS10Loading a server certificate and private key onto VCS10Managing the trusted CA certificate list11Managing Certificate Revocation Lists (CRLs)11Certificate Revocation Sources12Automatic CRL Updates12Manual CRL Updates13Online Certificate Status Protocol (OCSP)13Configuring Revocation Checking for SIP TLS Connections13Appendix 1: Troubleshooting15SIP TLS negotiation failures on neighbor and traversal zones15Subject Alternative Name fields longer than 999 characters15Certificates with key length of 8192 bits15Service failures when using mobile and remote access15Issues with ssh failures and unsupported OIDs15Appendix 2: Certificate generation using OpenSSL only17Creating a certificate request using OpenSSL17Operating as a Certificate Authority using OpenSSL19Configuring OpenSSL to act as a CA19Creating a Certificate Authority using OpenSSL19Creating a signed certificate using OpenSSL20Creating self-signed certificates using OpenSSL21Appendix 3: Converting a DER certificate file to PEM format23Appendix 4: Decoding certificates27Appendix 5: Configuring Windows Server Manager with a client and server certificate template29Document revision history33Cisco Trademark34Size: 727 KBPages: 34Language: EnglishOpen manual
/en/manuals/1610598/Table of ContentsIntroduction3PKI Introduction3Overview of Certificate Use on the VCS3Certificate Generation Overview4Generating a Certificate Signing Request (CSR)4Creating a CSR Using VCS4Server Certificates and Clustered Systems5Server Certificate Requirements for Unified Communications6Cisco Unified Communications Manager Certificates6VCS Certificates6Authorizing a Request and Generating a Certificate Using Microsoft Certificat...8Loading Certificates and Keys Onto VCS10Loading a Server Certificate and Private Key Onto VCS10Managing the Trusted CA Certificate List11Managing Certificate Revocation Lists (CRLs)11Certificate Revocation Sources12Automatic CRL Updates12Manual CRL Updates13Online Certificate Status Protocol (OCSP)13Configuring Revocation Checking for SIP TLS Connections13Appendix 1: Troubleshooting15SIP TLS Negotiation Failures on Neighbor and Traversal Zones15Subject Alternative Name Fields Longer than 999 Characters15Certificates with Key Length of 8192 Bits15Service Failures when Using Mobile and Remote Access15Issues with SSH Failures and Unsupported OIDs15Appendix 2: Certificate Generation Using OpenSSL Only17Creating a Certificate Request Using OpenSSL17Operating as a Certificate Authority Using OpenSSL19Configuring OpenSSL to Act as a CA19Creating a Certificate Authority Using OpenSSL19Creating a Signed Certificate Using OpenSSL20Creating Self-Signed Certificates Using OpenSSL21Appendix 3: Converting a DER Certificate File to PEM Format23Appendix 4: Decoding Certificates27Appendix 5: Enable AD CS to Issue Client and Server Certificates29Document Revision History33Cisco Trademark34Size: 739 KBPages: 34Language: EnglishOpen manual
/en/manuals/1610595/Table of ContentsPreface5Change History5Introduction6PKI Introduction6Overview of Certificate Use on the VCS6Certificate Generation Overview7Generating a Certificate Signing Request (CSR)7Creating a CSR Using VCS7Server Certificate Requirements for Unified Communications9Cisco Unified Communications Manager Certificates9VCS Certificates9Authorizing a Request and Generating a Certificate Using Microsoft Certificat...11Loading Certificates and Keys Onto VCS13Loading a Server Certificate and Private Key Onto VCS14Managing the Trusted CA Certificate List14Managing Certificate Revocation Lists (CRLs)15Certificate Revocation Sources15Configuring Revocation Checking for SIP TLS Connections16Appendix 1: Troubleshooting18SIP TLS Negotiation Failures on Neighbor and Traversal Zones18Subject Alternative Name Fields Longer than 999 Characters18Certificates with Key Length of 8192 Bits18Service Failures when Using Mobile and Remote Access18Issues with SSH Failures and Unsupported OIDs18Appendix 2: Certificate Generation Using OpenSSL Only20Creating a Certificate Request Using OpenSSL20Operating as a Certificate Authority Using OpenSSL22Creating Self-Signed Certificates Using OpenSSL24Appendix 3: Converting a DER Certificate File to PEM Format26Appendix 4: Decoding Certificates30Appendix 5: Enable AD CS to Issue Client and Server Certificates32Cisco Legal Information36Cisco Trademark36Size: 797 KBPages: 37Language: EnglishOpen manual
/en/manuals/1610592/Table of ContentsIntroduction3Prerequisites3Summary of process4Getting started5Step 1: Complete the configuration checklist5Step 2: Perform initial configuration6Step 3: Access Cisco VCS using the web interface7Step 4: Change admin password8System configuration9Step 5: Configure System name (recommended)9Step 6: Administration access – Session time-out (optional)10Step 7: Administration access – Service access (optional)11Step 8: DNS configuration - DNS address12Step 9: DNS configuration - DNS Domain name & Local host name13Step 10: Time configuration – NTP Server and time zone14Step 11: SNMP configuration (optional)15Step 12: External manager configuration (optional but recommended)16Automatic configuration of external manager protocol in Cisco TMS16Step 13: Logging configuration (optional)17Enabling registrations and calls18Step 14: H.323 only configuration (optional)19Step 15: SIP only configuration (optional)20Step 16: Mixed H.323 and SIP configuration21Appendix 1 – Configuration checklist24Size: 446 KBPages: 27Language: EnglishOpen manual
/en/manuals/1610589/Table of ContentsIntroduction3Example network deployment3Internal network elements4SIP and H.323 domain4Prerequisites and process summary5Prerequisites5Summary of process5Cisco VCS system configuration6Step 1: Initial configuration6Step 2: System name configuration7Step 3: DNS configuration8Local host name8Domain name8DNS servers8Step 4: Time configuration10Step 5: SIP domain configuration11Routing configuration12Pre-search transforms12Search rules12Step 6: Transform configuration13Step 7: Local zone search rules configuration14Endpoint registration17System checks18Registration status18Call signaling18Maintenance routine19System backup19Optional configuration steps20Cisco TMS configuration (optional)20Logging server configuration (optional)22Registration restriction configuration (optional)23Restrict access to ISDN gateways (optional)24Appendix 1 – Configuration details27Appendix 2 – DNS records configuration29Local DNS A record29Local DNS SRV records29Checking for updates and getting help30Document revision history31Size: 535 KBPages: 32Language: EnglishOpen manual
/en/manuals/1610586/Table of ContentsIntroduction3Example network deployment3Network elements4Internal network elements4SIP and H.323 domain4Prerequisites and process summary5Prerequisites5Summary of process5VCS system configuration6Task 1: Performing initial configuration6Task 2: Setting the system name6Task 3: Configuring DNS7System host name7Domain name7DNS servers7Task 4: Replacing the default server certificate8Task 5: Configuring NTP servers9Task 6: Configuring SIP domains10Routing configuration11Pre-search transforms11Search rules11Task 7: Configuring transforms11Task 8: Configuring Local Zone search rules12Endpoint registration15System checks16Registration status16Call signaling16Maintenance routine17Creating a system backup17Optional configuration tasks18Task 9: Configuring Cisco TMS (optional)18Task 10: Configuring logging (optional)20Task 11: Configuring registration restriction policy (optional)20Task 12: Configuring device authentication policy (optional)21Task 13: Restricting access to ISDN gateways (optional)21Appendix 1: Configuration details25Appendix 2: DNS records27Local DNS A record27Local DNS SRV records27Checking for updates and getting help28Document revision history29Size: 621 KBPages: 30Language: EnglishOpen manual
/en/manuals/1610562/Table of ContentsIntroduction3Example network deployment3Network elements4Internal network elements4SIP and H.323 domain4Prerequisites and process summary5Prerequisites5Summary of process5VCS system configuration6Task 1: Performing initial configuration6Task 2: Setting the system name6Task 3: Configuring DNS7System host name7Domain name7DNS servers7Task 4: Replacing the default server certificate8Task 5: Configuring NTP servers9Task 6: Configuring SIP domains10Routing configuration11Pre-search transforms11Search rules11Task 7: Configuring transforms11Task 8: Configuring Local Zone search rules12Endpoint registration15System checks16Registration status16Call signaling16Maintenance routine17Creating a system backup17Optional configuration tasks18Task 9: Configuring Cisco TMS (optional)18Task 10: Configuring logging (optional)20Task 11: Configuring registration restriction policy (optional)20Task 12: Configuring device authentication policy (optional)21Task 13: Restricting access to ISDN gateways (optional)21Appendix 1: Configuration details25Appendix 2: DNS records27Local DNS A record27Local DNS SRV records27Technical support28Document revision history29Size: 623 KBPages: 30Language: EnglishOpen manual
/en/manuals/1603613/Table of ContentsIntroduction3Example network deployment3Network elements4Internal network elements4SIP and H.323 domain4Prerequisites and process summary5Prerequisites5Summary of process5VCS system configuration6Task 1: Performing initial configuration6Task 2: Setting the system name6Task 3: Configuring DNS7System host name7Domain name7DNS servers7Task 4: Replacing the default server certificate8Task 5: Configuring NTP servers9Task 6: Configuring SIP domains10Routing configuration11Pre-search transforms11Search rules11Task 7: Configuring transforms11Task 8: Configuring Local Zone search rules12Endpoint registration15System checks16Registration status16Call signaling16Maintenance routine17Creating a system backup17Optional configuration tasks18Task 9: Configuring Cisco TMS (optional)18Task 10: Configuring logging (optional)20Task 11: Configuring registration restriction policy (optional)20Task 12: Configuring device authentication policy (optional)21Task 13: Restricting access to ISDN gateways (optional)22Appendix 1: Configuration details25Appendix 2: DNS records27Local DNS A record27Local DNS SRV records27Technical support28Document revision history29Size: 625 KBPages: 30Language: EnglishOpen manual
/en/manuals/1709239/Table of ContentsIntroduction3Example network deployment3Network elements4Internal network elements4SIP and H.323 domain4Prerequisites and process summary5Prerequisites5Summary of process5VCS system configuration6Task 1: Performing initial configuration6Task 2: Setting the system name6Task 3: Configuring DNS7System host name7Domain name7DNS servers7Task 4: Replacing the default server certificate8Task 5: Configuring NTP servers9Task 6: Configuring SIP domains10Routing configuration11Pre-search transforms11Search rules11Task 7: Configuring transforms11Task 8: Configuring Local Zone search rules12Endpoint registration15System checks16Registration status16Call signaling16Maintenance routine17Creating a system backup17Optional configuration tasks18Task 9: Configuring Cisco TMS (optional)18Task 10: Configuring logging (optional)20Task 11: Configuring registration restriction policy (optional)20Task 12: Configuring device authentication policy (optional)21Task 13: Restricting access to ISDN gateways (optional)21Appendix 1: Configuration details25Appendix 2: DNS records27Local DNS A record27Local DNS SRV records27Technical support28Document revision history29Size: 622 KBPages: 30Language: EnglishOpen manual
/en/manuals/1610559/Table of ContentsIntroduction2Example Network Deployment2Network Elements3Internal Network Elements3SIP and H.323 Domain3Prerequisites and Process Summary4Prerequisites4Summary of Process4VCS System Configuration5Task 1: Performing Initial Configuration5Task 2: Setting the System Name5Task 3: Configuring DNS6System Host Name6Domain Name6DNS Servers6Task 4: Replacing the Default Server Certificate7Task 5: Configuring NTP Servers8Task 6: Configuring SIP Domains8Routing Configuration10Pre-search Transforms10Search Rules10Task 7: Configuring Transforms10Task 8: Configuring Local Zone Search Rules11Endpoint Registration14System Checks15Registration Status15Call Signaling15Maintenance Routine16Creating a System Backup16Optional Configuration Tasks17Task 9: Configuring Cisco TMS (optional)17Task 10: Configuring Logging (optional)19Task 11: Configuring Registration Restriction Policy (optional)19Task 12: Configuring Device Authentication Policy (optional)20Task 13: Restricting Access to ISDN Gateways (optional)20Appendix 1: Configuration Details23Appendix 2: DNS Records25Local DNS A Record25Local DNS SRV Records25Obtaining Documentation and Submitting a Service Request26Document Revision History26Cisco Legal Information27Cisco Trademark27Size: 556 KBPages: 27Language: EnglishOpen manual
/en/manuals/1707938/Table of ContentsIntroduction3Example network deployment3Network elements4Internal network elements4SIP and H.323 domain4Prerequisites and process summary5Prerequisites5Summary of process5VCS system configuration6Task 1: Performing initial configuration6Task 2: Setting the system name6Task 3: Configuring DNS7System host name7Domain name7DNS servers7Task 4: Replacing the default server certificate8Task 5: Configuring NTP servers9Task 6: Configuring SIP domains10Routing configuration11Pre-search transforms11Search rules11Task 7: Configuring transforms11Task 8: Configuring Local Zone search rules12Endpoint registration15System checks16Registration status16Call signaling16Maintenance routine17Creating a System Backup17Optional configuration tasks18Task 9: Configuring Cisco TMS (optional)18Task 10: Configuring logging (optional)20Task 11: Configuring registration restriction policy (optional)20Task 12: Configuring device authentication policy (optional)21Task 13: Restricting access to ISDN gateways (optional)22Appendix 1: Configuration details25Appendix 2: DNS records27Local DNS A record27Local DNS SRV records27Technical support28Document revision history29Size: 625 KBPages: 30Language: EnglishOpen manual
/en/manuals/1610538/Table of ContentsPreface3Change History3Introduction7Example Network Deployment8Network Elements8Process Summary9Prerequisites10Run the Service Setup Wizard11Overview11Task 1: Accessing and Navigating the Wizard11Task 2: Running the Service Setup Wizard and Applying Licenses13VCS System Configuration14Task 3: Setting the System Name14Task 4: Configuring DNS14Task 5: Replacing the Default Server Certificate15Task 6: Configuring NTP Servers16Task 7: Configuring SIP Domains17Routing Configuration18Pre-search Transforms18Search Rules18Task 8: Configuring Transforms18Task 9: Configuring Local Zone Search Rules19Endpoint Registration23System Checks24Registration Status24Call Signaling24Maintenance Routine25Creating a System Backup25Optional Configuration Tasks26Task 10: Configuring Cisco TMS (Optional)26Task 11: Configuring Logging (Optional)28Task 12: Configuring Registration Restriction Policy (Optional)28Task 13: Configuring Device Authentication Policy (Optional)29Task 14: Restricting Access to ISDN Gateways (Optional)29Appendix 1: Configuration Details32Appendix 2: DNS Records34Obtaining Documentation and Submitting a Service Request35Cisco Legal Information36Cisco Trademark36Size: 671 KBPages: 36Language: EnglishOpen manual
/en/manuals/1610534/Table of ContentsIntroduction4Example network deployment5Internal network elements6DMZ network element6External network elements7NAT devices and firewalls7SIP and H.323 domain7Prerequisites and process summary8Prerequisites8Summary of process8Cisco VCS Control and Cisco VCS Expressway configuration9Step 1: Initial configuration9Step 2: System name configuration10Step 3: DNS configuration11Step 4: Time configuration13Step 5: SIP domain configuration14Routing configuration15Pre-search transforms15Search rules15Step 6: Transform configuration16Step 7: Local zone search rules configuration17Step 8: Traversal zone including authentication (connection credentials) configuration19Step 9: Traversal zone search rules configuration22Step 10: DNS zone configuration23Step 11: DNS search rule configuration24Step 12: External (unknown) IP address routing configuration26Endpoint registration28System checks29Zone status29Registration status29Call signaling29Maintenance routine30System backup30Optional configuration steps31Step 13: Cisco TMS configuration (Optional)31Step 14: Logging server configuration (Optional)33Step 15: Registration restriction configuration (Optional)34Appendix 1 – Configuration details35Cisco VCS Control configuration details35Cisco VCS Expressway configuration details37Cisco VCS Control & Expressway configuration details39Appendix 2 – DNS records configuration40DNS configuration on host server40Host DNS A record40DNS SRV records40DNS configuration (internal DNS server)41Local DNS A record41Local DNS SRV records41Appendix 3 – NAT & firewall configuration42NAT device configuration requirement42Internal firewall configuration42Inbound (DMZ > Internal network)42External firewall configuration requirement43Inbound (Internet > DMZ)43Size: 1.04 MBPages: 44Language: EnglishOpen manual
/en/manuals/1610531/Table of ContentsDocument revision history5Introduction6Out of scope configuration features6Example network deployment7Internal network elements7DMZ network element8External network elements8NAT devices and firewalls9SIP and H.323 domain9Prerequisites and process summary10Prerequisites10Summary of process10Cisco VCS Control and Cisco VCS Expressway configuration12Step 1: Initial configuration12Step 2: System name configuration13Step 3: DNS configuration14Local host name14Domain name14DNS servers14Step 4: Time configuration16Step 5: SIP domain configuration17Routing configuration18Pre-search transforms18Search rules18Step 6: Transform configuration20Step 7: Local zone search rules configuration21Step 8: Traversal zone including authentication (connection credentials) conf...24Step 9: Traversal zone search rules configuration27Step 10: DNS zone configuration29Step 11: DNS search rule configuration30Step 12: External (unknown) IP address routing configuration32Endpoint registration34System checks35Zone status35Registration status35Call signaling35Maintenance routine36System backup36Optional configuration steps37Step 13: Cisco TMS configuration (optional)37Step 14: Logging server configuration (optional)39Step 15: Registration restriction configuration (optional)40Step 16: Restrict access to ISDN gateways41Cisco VCS Expressway41Cisco VCS Control43Appendix 1 – Configuration details46Cisco VCS Control configuration details47Cisco VCS Expressway configuration details49Cisco VCS Control and Expressway configuration details51Appendix 2 – DNS records configuration52DNS configuration on host server52Host DNS A record52DNS SRV records52DNS configuration (internal DNS server)53Local DNS A record53Local DNS SRV records53Appendix 3 – Firewall and NAT configuration54Internal firewall configuration54Outbound (Internal network > DMZ)54Inbound (DMZ > Internal network)55External firewall configuration requirement55Inbound (Internet > DMZ)56Outbound (DMZ > Internet)56NAT device configuration requirement57Checking for updates and getting help58Size: 915 KBPages: 59Language: EnglishOpen manual
/en/manuals/1610528/Table of ContentsDocument revision history4Introduction5Out of scope configuration features5Example network deployment6Internal network elements7DMZ network element7External network elements8NAT devices and firewalls8SIP and H.323 domain8Prerequisites and process summary9Prerequisites9Summary of process9Cisco VCS Control and Cisco VCS Expressway configuration11Step 1: Initial configuration11Step 2: System name configuration12Step 3: DNS configuration13Local host name13Domain name13DNS servers13Step 4: Time configuration16Step 5: SIP domain configuration17Routing configuration18Pre-search transforms18Search rules18Step 6: Transform configuration19Step 7: Local zone search rules configuration20Step 8: Traversal zone including authentication (connection credentials) conf...23Step 9: Traversal zone search rules configuration27Step 10: DNS zone configuration29Step 11: DNS search rule configuration30Step 12: External (unknown) IP address routing configuration32Endpoint registration34System checks35Zone status35Registration status35Call signaling35Maintenance routine36System backup36Optional configuration steps37Step 13: Cisco TMS configuration (optional)37Step 14: Logging server configuration (optional)40Step 15: Registration restriction configuration (optional)41Step 16: Restrict access to ISDN gateways42VCS Expressway42VCS Control44Appendix 1 – Configuration details47VCS Control configuration details48VCS Expressway configuration details50VCS Control and Expressway configuration details52Appendix 2 – DNS records configuration53DNS configuration on host server53Host DNS A record53DNS SRV records53DNS configuration (internal DNS server)53Local DNS A record54Local DNS SRV records54Appendix 3 – Firewall and NAT configuration55Internal firewall configuration55Outbound (Internal network > DMZ)55Inbound (DMZ > Internal network)56External firewall configuration requirement56Inbound (Internet > DMZ)57Outbound (DMZ > Internet)57NAT device configuration requirement58Appendix 4 – Static NAT and Dual Network Interface architectures59Prerequisites59Background59Solution61Routers/firewalls with SIP/H.323 ALG63General guidelines and design principles64Non-overlapping subnets64Clustering64External LAN interface setting64Dual network interfaces64Example deployments66Single subnet DMZ using single VCS-E LAN interface663-port firewall DMZ using single VCS-E LAN interface67Checking for updates and getting help68Size: 1.16 MBPages: 69Language: EnglishOpen manual
/en/manuals/1610526/Table of ContentsIntroduction4Example network deployment5Internal network elements6DMZ network element6External network elements7NAT devices and firewalls7SIP and H.323 domain7Prerequisites and process summary8Prerequisites8Summary of process8Cisco VCS system configuration9Step 1: Initial configuration9Step 2: System name configuration10Step 3: DNS configuration11Local host name11Domain name11DNS servers11Step 4: Time configuration14Step 5: SIP domain configuration15Routing configuration16Pre-search transforms16Search rules16Step 6: Transform configuration17Step 7: Local zone search rules configuration18Step 8: Traversal zone including authentication (connection credentials) conf...21Step 9: Traversal zone search rules configuration25Step 10: DNS zone configuration27Step 11: DNS search rule configuration29Step 12: External (unknown) IP address routing configuration31Endpoint registration33System checks34Zone status34Registration status34Call signaling34Maintenance routine36System backup36Optional configuration steps37Cisco TMS configuration (optional)37Logging server configuration (optional)40Registration restriction configuration (optional)41Restrict access to ISDN gateways (optional)42VCS Expressway42VCS Control44Appendix 1 – Configuration details48VCS Control configuration details48VCS Expressway configuration details49VCS Control and Expressway configuration details51Appendix 2 – DNS records configuration52DNS configuration on host server52Host DNS A record52DNS SRV records52DNS configuration (internal DNS server)52Local DNS A record53Local DNS SRV records53Appendix 3 – Firewall and NAT configuration54Internal firewall configuration54Outbound (Internal network > DMZ)54Inbound (DMZ > Internal network)55External firewall configuration requirement55Inbound (Internet > DMZ)55Outbound (DMZ > Internet)56NAT device configuration requirement57Appendix 4 – Static NAT and Dual Network Interface architectures58Prerequisites58Background58Solution60Routers/firewalls with SIP/H.323 ALG62General guidelines and design principles63Non-overlapping subnets63Clustering63External LAN interface setting63Dual network interfaces63Example deployments65Single subnet DMZ using single VCS-E LAN interface653-port firewall DMZ using single VCS-E LAN interface66Checking for updates and getting help67Document revision history68Size: 1.13 MBPages: 69Language: EnglishOpen manual
/en/manuals/1610515/Table of ContentsIntroduction4Example network deployment5Network elements6Internal network elements6DMZ network element6External network elements7NAT devices and firewalls7SIP and H.323 domain7Prerequisites and process summary8Prerequisites8Summary of process8VCS system configuration10Task 1: Performing initial configuration10Task 2: Setting the system name10Task 3: Configuring DNS11System host name11Domain name11DNS servers12Task 4: Replacing the default server certificate13Task 5: Configuring NTP servers14Task 6: Configuring SIP domains14Routing configuration16Pre-search transforms16Search rules16Task 7: Configuring transforms17Task 8: Configuring Local Zone search rules17Task 9: Configuring the traversal zone20Task 10: Configuring traversal zone search rules24Task 11: Configuring the DNS zone27Task 12: Configuring DNS zone search rules28Task 13: Configuring external (unknown) IP address routing29Endpoint registration32System checks33Zone status33Registration status33Call signaling33Maintenance routine34Creating a system backup34Optional configuration tasks35Task 14: Configuring Cisco TMS (optional)35Task 15: Configuring logging (optional)37Task 16: Configuring registration restriction policy (optional)37Task 17: Configuring device authentication policy (optional)38Using delegated credential checking39Task 18: Restricting access to ISDN gateways (optional)39VCS Expressway39VCS Control42Appendix 1: Configuration details45VCS Control configuration details45VCS Expressway configuration details46VCS Control and VCS Expressway configuration details48Appendix 2: DNS records49DNS configuration on host server49Host DNS A record49DNS SRV records49DNS configuration (internal DNS server)49Local DNS A record50Local DNS SRV records50Appendix 3: Firewall and NAT settings51Internal firewall configuration51Outbound (Internal network > DMZ)51Inbound (DMZ > Internal network)51External firewall configuration requirement52Inbound (Internet > DMZ)52Outbound (DMZ > Internet)53Appendix 4: Advanced network deployments54Prerequisites54Background54Solution56Routers/firewalls with SIP/H.323 ALG58General guidelines and design principles59Non-overlapping subnets59Clustering59Static NAT restrictions when using SIP media encryption59External LAN interface setting59Dual network interfaces59Example deployments61Single subnet DMZ using single VCS Expressway LAN interface613-port firewall DMZ using single VCS Expressway LAN interface62Checking for updates and getting help63Document revision history64Size: 1.49 MBPages: 65Language: EnglishOpen manual
/en/manuals/1610511/Table of ContentsIntroduction4Example network deployment5Network elements6Internal network elements6DMZ network element6External network elements7NAT devices and firewalls7SIP and H.323 domain7Prerequisites and process summary8Prerequisites8Summary of process8VCS system configuration10Task 1: Performing initial configuration10Task 2: Setting the system name10Task 3: Configuring DNS11System host name11Domain name11DNS servers12Task 4: Replacing the default server certificate13Task 5: Configuring NTP servers14Task 6: Configuring SIP domains14Routing configuration16Pre-search transforms16Search rules16Task 7: Configuring transforms17Task 8: Configuring Local Zone search rules17Task 9: Configuring the traversal zone20Task 10: Configuring traversal zone search rules24Task 11: Configuring the DNS zone27Task 12: Configuring DNS zone search rules28Task 13: Configuring external (unknown) IP address routing29Endpoint registration32System checks33Zone status33Registration status33Call signaling33Maintenance routine34Creating a system backup34Optional configuration tasks35Task 14: Configuring Cisco TMS (optional)35Task 15: Configuring logging (optional)37Task 16: Configuring registration restriction policy (optional)37Task 17: Configuring device authentication policy (optional)38Using delegated credential checking39Task 18: Restricting access to ISDN gateways (optional)39VCS Expressway39VCS Control42Appendix 1: Configuration details45VCS Control configuration details45VCS Expressway configuration details46VCS Control and VCS Expressway configuration details48Appendix 2: DNS records49DNS configuration on host server49Host DNS A record49DNS SRV records49DNS configuration (internal DNS server)49Local DNS A record50Local DNS SRV records50Appendix 3: Firewall and NAT settings51Internal firewall configuration51Outbound (Internal network > DMZ)51Inbound (DMZ > Internal network)51External firewall configuration requirement52Inbound (Internet > DMZ)52Outbound (DMZ > Internet)53Appendix 4: Advanced network deployments54Prerequisites54Background54Solution56Routers/firewalls with SIP/H.323 ALG58General guidelines and design principles59Non-overlapping subnets59Clustering59Static NAT restrictions when using SIP media encryption59External LAN interface setting59Dual network interfaces59Example deployments61Single subnet DMZ using single VCS Expressway LAN interface613-port firewall DMZ using single VCS Expressway LAN interface62Technical support63Document revision history64Size: 1.5 MBPages: 65Language: EnglishOpen manual
/en/manuals/1610508/Table of ContentsIntroduction4Example network deployment5Network elements6Internal network elements6DMZ network element6External network elements7NAT devices and firewalls7SIP and H.323 domain7Prerequisites and process summary8Prerequisites8Summary of process8VCS system configuration10Task 1: Performing initial configuration10Task 2: Setting the system name10Task 3: Configuring DNS11System host name11Domain name11DNS servers12Task 4: Replacing the default server certificate13Task 5: Configuring NTP servers14Task 6: Configuring SIP domains14Routing configuration16Pre-search transforms16Search rules16Task 7: Configuring transforms17Task 8: Configuring Local Zone search rules17Task 9: Configuring the traversal zone20Neighboring between VCS clusters24Task 10: Configuring traversal zone search rules25Task 11: Configuring the DNS zone28Task 12: Configuring DNS zone search rules29Task 13: Configuring external (unknown) IP address routing30Endpoint registration33System checks34Zone status34Registration status34Call signaling34Maintenance routine35Creating a system backup35Optional configuration tasks36Task 14: Configuring Cisco TMS (optional)36Task 15: Configuring logging (optional)38Task 16: Configuring registration restriction policy (optional)38Task 17: Configuring device authentication policy (optional)39Using delegated credential checking40Task 18: Restricting access to ISDN gateways (optional)40VCS Expressway40VCS Control43Appendix 1: Configuration details46VCS Control configuration details46VCS Expressway configuration details47VCS Control and VCS Expressway configuration details49Appendix 2: DNS records50DNS configuration on host server50Host DNS A record50DNS SRV records50DNS configuration (internal DNS server)50Local DNS A record51Local DNS SRV records51Appendix 3: Firewall and NAT settings52Internal firewall configuration52Outbound (Internal network > DMZ)52Inbound (DMZ > Internal network)53External firewall configuration requirement53Inbound (Internet > DMZ)53Outbound (DMZ > Internet)54Appendix 4: Advanced network deployments56Prerequisites56Background56Solution58Routers/firewalls with SIP/H.323 ALG60General guidelines and design principles61Non-overlapping subnets61Clustering61External LAN interface setting61Dual network interfaces61Example deployments63Single subnet DMZ using single VCS Expressway LAN interface633-port firewall DMZ using single VCS Expressway LAN interface64Technical support65Document revision history66Size: 1.52 MBPages: 67Language: EnglishOpen manual
/en/manuals/1610504/Table of ContentsIntroduction4Example network deployment5Network elements6Internal network elements6DMZ network element6External network elements7NAT devices and firewalls7SIP and H.323 domain7Prerequisites and process summary8Prerequisites8Summary of process8VCS system configuration10Task 1: Performing initial configuration10Task 2: Setting the system name10Task 3: Configuring DNS11System host name11Domain name11DNS servers12Task 4: Replacing the default server certificate13Task 5: Configuring NTP servers14Task 6: Configuring SIP domains14Routing configuration16Pre-search transforms16Search rules16Task 7: Configuring transforms17Task 8: Configuring Local Zone search rules17Task 9: Configuring the traversal zone20Neighboring between VCS clusters24Task 10: Configuring traversal zone search rules25Task 11: Configuring the DNS zone27Task 12: Configuring DNS zone search rules28Task 13: Configuring external (unknown) IP address routing29Endpoint registration32System checks33Zone status33Registration status33Call signaling33Maintenance routine34Creating a system backup34Optional configuration tasks35Task 14: Configuring Cisco TMS (optional)35Task 15: Configuring logging (optional)37Task 16: Configuring registration restriction policy (optional)37Task 17: Configuring device authentication policy (optional)38Using delegated credential checking39Task 18: Restricting access to ISDN gateways (optional)39VCS Expressway39VCS Control42Appendix 1: Configuration details45VCS Control configuration details45VCS Expressway configuration details46VCS Control and VCS Expressway configuration details48Appendix 2: DNS records49DNS configuration on host server49Host DNS A record49DNS SRV records49DNS configuration (internal DNS server)49Local DNS A record50Local DNS SRV records50Appendix 3: Firewall and NAT settings51Internal firewall configuration51Outbound (Internal network > DMZ)51Inbound (DMZ > Internal network)52External firewall configuration requirement52Inbound (Internet > DMZ)52Outbound (DMZ > Internet)53Appendix 4: Advanced network deployments55Prerequisites55Background55Solution57Routers/firewalls with SIP/H.323 ALG59General guidelines and design principles60Non-overlapping subnets60Clustering60External LAN interface setting60Dual network interfaces60Example deployments62Single subnet DMZ using single VCS Expressway LAN interface623-port firewall DMZ using single VCS Expressway LAN interface63Technical support64Document revision history65Size: 1.51 MBPages: 66Language: EnglishOpen manual
/en/manuals/1610450/Table of ContentsIntroduction2Example Network Deployment3Network Elements4Internal Network Elements4DMZ Network Element4External Network Elements4NAT Devices and Firewalls5SIP and H.323 Domain5Prerequisites and Process Summary6Prerequisites6Summary of Process6VCS System Configuration7Task 1: Performing Initial Configuration7Task 2: Setting the System Name7Task 3: Configuring DNS8System Host Name8Domain Name8DNS Servers8Task 4: Replacing the Default Server Certificate10Task 5: Configuring NTP Servers11Task 6: Configuring SIP Domains11Routing Configuration13Pre-search Transforms13Search Rules13Task 7: Configuring Transforms13Task 8: Configuring Local Zone Search Rules14Task 9: Configuring the Traversal Zone18Neighboring Between VCS Clusters21Task 10: Configuring Traversal Zone Search Rules22Task 11: Configuring the DNS Zone24Task 12: Configuring DNS Zone Search Rules24Task 13: Configuring External (Unknown) IP Address Routing26Endpoint Registration29System Checks30Zone Status30Registration Status30Call Signaling30Maintenance Routine31Creating a System Backup31Optional Configuration Tasks32Task 14: Configuring Cisco TMS (optional)32Task 15: Configuring Logging (optional)34Task 16: Configuring Registration Restriction Policy (optional)34Task 17: Configuring Device Authentication Policy (optional)35Using Delegated Credential Checking36Task 18: Restricting Access to ISDN Gateways (optional)36VCS Expressway36VCS Control40Appendix 1: Configuration Details42VCS Control Configuration Details42VCS Expressway Configuration Details43VCS Control and VCS Expressway Configuration Details45Appendix 2: DNS Records46DNS Configuration on Host Server46Host DNS A Record46DNS SRV Records46DNS Configuration (internal DNS server)46Local DNS A Record47Local DNS SRV Records47Appendix 3: Firewall and NAT Settings48Internal Firewall Configuration48Outbound (Internal Network > DMZ)48Inbound (DMZ > Internal network)49External Firewall Configuration Requirement49Inbound (Internet > DMZ)49Outbound (DMZ > Internet)50Appendix 4: Advanced Network Deployments52Prerequisites52Planning Your Deployment52Recommended: Dual NIC Static NAT Deployment52Static Routes Towards the Internal Network53Background Information54The Challenge of NAT for SIP and H.323 Applications54How Does VCS Expressway Address This Challenge?56What About Routers/Firewalls with SIP/H.323 ALG?58Other Deployment Examples59Single Subnet DMZ Using Single VCS Expressway LAN Interface and Static NAT593-port Firewall DMZ Using Single VCS Expressway LAN Interface60Why We Advise Against Using These Types of Deployment60Obtaining Documentation and Submitting a Service Request63Document Revision History63Cisco Legal Information64Cisco Trademark64Size: 1.49 MBPages: 64Language: EnglishOpen manual
/en/manuals/1610448/Table of ContentsPreface3Change History3Introduction7Example Network Deployment9Network Elements10Process Summary12Prerequisites13Run the Service Setup Wizard14Overview14Task 1: Accessing and Navigating the Wizard14Task 2: Running the Service Setup Wizard and Applying Licenses16Examples for Running the Service Setup Wizard18VCS System Configuration19Task 3: Setting the System Name19Task 4: Configuring DNS19Task 5: Replacing the Default Server Certificate21Task 6: Configuring NTP Servers22Task 7: Configuring SIP Domains23Routing Configuration24Pre-search Transforms24Search Rules24Task 8: Configuring Transforms24Task 9: Configuring Local Zone Search Rules25Task 10: Configuring the Traversal Zone28Neighboring Between VCS Clusters32Task 11: Configuring Traversal Zone Search Rules33Task 12: Configuring the DNS Zone35Task 13: Configuring DNS Zone Search Rules35Task 14: Configuring External (Unknown) IP Address Routing37Endpoint Registration39System Checks40Zone Status40Registration Status40Call Signaling40Maintenance Routine41Creating a System Backup41Optional Configuration Tasks42Task 15: Configuring Cisco TMS (Optional)42Task 16: Configuring Logging (Optional)44Task 17: Configuring Registration Restriction Policy (Optional)44Task 18: Configuring Device Authentication Policy (Optional)45Task 19: Restricting Access to ISDN Gateways (Optional)46Appendix 1: Configuration Details53VCS Control Configuration Details53VCS Expressway Configuration Details54VCS Control and VCS Expressway Configuration Details56Appendix 2: DNS Records57DNS Configuration on Host Server57DNS Configuration (internal DNS server)57Appendix 3: Firewall and NAT Settings59Internal Firewall Configuration59External Firewall Configuration Requirement60Appendix 4: Advanced Network Deployments63Prerequisites63Recommended: Dual NIC Static NAT Deployment63Background Information65Other Deployment Examples70Obtaining Documentation and Submitting a Service Request74Cisco Legal Information75Cisco Trademark75Size: 1.81 MBPages: 75Language: EnglishOpen manual
/en/manuals/1610445/Table of ContentsDocument revision history4Introduction5Configuring VCS authentication policy6Controlling system behavior for authenticated and non-authenticated devices6Device provisioning and authentication policy8Cisco VCS Starter Pack Express8Presence and authentication policy9Hierarchical dial plan (directory VCS) deployments10Infrastructure devices10Configuring VCS authentication methods11Using the local database11Using an H.350 directory service lookup via LDAP12Using Active Directory database (direct)14Configuration prerequisites14Active Directory14Kerberos Key Distribution Center14DNS server14Cisco VCS14Endpoint15IT request15Configure Active Directory server details in Cisco VCS15Clustered VCS systems16Add non-primary Domain Controllers and Kerberos Key Distribution Center servers (optional)17Enable NTLM authentication challenges17Configure Movi and test Active Directory database (direct) authentication17Appendix 1 — IT requisition18H.350 directory service: IT requisition (for LDAP access to H.350 directory service)18Active directory (direct):IT requisition (for access to Active Directory server)19Appendix 2 — SIP messages for a provisioning subscription20Active Directory (direct)20Appendix 3 — Active Directory (direct):Example DNS SRV configuration for Active Directory21DNS SRV values needed21Dig commands to check DNS SRV settings21Appendix 4 — Active Directory (direct): Movi PC and AD server compatibility configuration22LMCompatibility level for Movi and the AD server22NtlmMinClientSec and session security level23Appendix 5 — IP Ports used on VCS for authentication25H.350 directory service25Active Directory (direct)25Appendix 6 — Troubleshooting26Local database troubleshooting26H.350 directory service troubleshooting26Active Directory (direct) troubleshooting26Check password26401 unauthorized returned from the provisioning server to a SUBSCRIBE for provisioning26Movi fails to authenticate26Mismatch of NTLM versions26Username too long26PC fails to login following failed login attempts using AD direct authentication on a video endpoint27Appendix 7 — Active Directory (direct): Checking domain information and VCS status28Domain_management28Net ads info28Net ads testjoin29Appendix 8 — Active Directory (direct):Leaving a domain30Appendix 9 — Certificates for TLS31Appendix 10 — Use with Cisco VCS clusters32Active Directory (direct)32Appendix 11 — Example process for moving Movi users to AD direct authentication33Appendix 12 — Example AD direct authentication deployments34VCS Control with Active Directory (direct) authentication34VCS Control and VCS Expressway, each with Active Directory (direct) authentication36VCS Control and VCS Expressway with Active Directory (direct) authentication on VCS Control38VCS Control and VCS Expressway with Active Directory (direct) authentication for proxied registrations41Size: 732 KBPages: 44Language: EnglishOpen manual
/en/manuals/1610441/Table of ContentsDocument revision history4Introduction5Configuring VCS authentication policy6Controlling system behavior for authenticated and non-authenticated devices6Device provisioning and authentication policy8TMS Provisioning Extension mode8Legacy TMS Agent mode9Cisco VCS Starter Pack Express10Presence and authentication policy11Hierarchical dial plan (directory VCS) deployments12Infrastructure devices12Practical configuration of authentication policy13Configuring VCS authentication methods14Using the local database14Using an H.350 directory service lookup via LDAP15Using Active Directory database (direct)17Configuration prerequisites17Active Directory17Kerberos Key Distribution Center17DNS server17Cisco VCS17Endpoint18IT request18Configure Active Directory server details in Cisco VCS18Clustered VCS systems19Add non-primary Domain Controllers and Kerberos Key Distribution Center servers (optional)20Enable NTLM authentication challenges20Configure Movi and test Active Directory database (direct) authentication20Appendix 1 — Troubleshooting21Local database troubleshooting21H.350 directory service troubleshooting21Active Directory (direct) troubleshooting21Check password21401 unauthorized returned from the provisioning server to a SUBSCRIBE for provisioning21Movi fails to authenticate21Mismatch of NTLM versions21Username too long21PC fails to login following failed login attempts using AD direct authentication on a video endpoint22Device provisioning (TMS PE mode) and presence22SUBSCRIBE for provisioning rejected / provisioned endpoint cannot sign in22Phone book searches do not return any entries23Failed to update presence23Appendix 2 — IT requisition24H.350 directory service: IT requisition (for LDAP access to H.350 directory service)24Active directory (direct):IT requisition (for access to Active Directory server)25Appendix 3 — SIP messages for a provisioning subscription26Active Directory (direct)26Appendix 4 — Active Directory (direct):Example DNS SRV configuration for Active Directory27DNS SRV values needed27Dig commands to check DNS SRV settings27Appendix 5 — Active Directory (direct): Movi PC and AD server compatibility configuration28LMCompatibility level for Movi and the AD server28NtlmMinClientSec and session security level29Appendix 6 — IP Ports used on VCS for authentication30H.350 directory service30Active Directory (direct)30Appendix 7 — Active Directory (direct): Checking domain information and VCS status31Domain_management31Net ads info31Net ads testjoin32Appendix 8 — Active Directory (direct):Leaving a domain33Appendix 9 — Certificates for TLS34Appendix 10 — Use with Cisco VCS clusters35Active Directory (direct)35Appendix 11 — Example process for moving Movi users to AD direct authentication36Appendix 12 — Example AD direct authentication deployments37VCS Control with Active Directory (direct) authentication37VCS Control and VCS Expressway, each with Active Directory (direct) authentication39VCS Control and VCS Expressway with Active Directory (direct) authentication on VCS Control41VCS Control and VCS Expressway with Active Directory (direct) authentication for proxied registrations44Size: 657 KBPages: 47Language: EnglishOpen manual
/en/manuals/1610410/Table of ContentsContents2Introduction4Configuring VCS authentication policy5Controlling system behavior for authenticated and non-authenticated devices5Device provisioning and authentication policy7TMS Provisioning Extension mode7Legacy TMS Agent mode8Cisco VCS Starter Pack Express9Presence and authentication policy10Hierarchical dial plan (directory VCS) deployments11Infrastructure devices11Practical configuration of authentication policy12Configuring VCS authentication methods13Using the local database14Adding credentials to the local database14Credentials managed within TMS (for device provisioning)14Using the local database with other authentication mechanisms14Starter Pack15Using an H.350 directory service lookup via LDAP16Using Active Directory database (direct)18Configuration prerequisites18Active Directory18Kerberos Key Distribution Center18DNS server18Cisco VCS18Endpoint19IT request19Configure Active Directory server details in Cisco VCS19Clustered VCS systems21Add non-primary Domain Controllers and Kerberos Key Distribution Center servers (optional)21Enable NTLM authentication challenges21Configure Movi / Jabber Video and test Active Directory database (direct) authentication22Appendix 1 — Troubleshooting23Local database troubleshooting23H.350 directory service troubleshooting23Active Directory (direct) troubleshooting23Movi / Jabber Video fails to authenticate23Device provisioning (TMS PE mode) and presence24Appendix 2 — IT requisition25H.350 directory service: IT requisition (for LDAP access to H.350 directory service)25Active directory (direct): IT requisition (for access to Active Directory server)26Appendix 3 — SIP messages for a provisioning subscription27Active Directory (direct)27Appendix 4 — Active Directory (direct): Example DNS SRV configuration for AD28DNS SRV values needed28Web browser checking of DNS SRV settings28Dig command to check DNS SRV settings28Appendix 5 — Active Directory (direct): Movi PC and AD server compatibility configuration30LMCompatibility level for Movi and the AD server30NtlmMinClientSec and session security level31Appendix 6 — IP Ports used on VCS for authentication32H.350 directory service32Active Directory (direct)32Appendix 7 — Active Directory (direct): Checking domain information and VCS status33Domain_management33Net ads info33Net ads testjoin34Appendix 8 — Active Directory (direct): Leaving a domain35Appendix 9 — Certificates for TLS36Appendix 10 — Use with Cisco VCS clusters37Active Directory (direct)37Appendix 11 — Example process for moving Movi / Jabber Video users to AD direct authentication38Appendix 12 — Example AD direct authentication deployments39VCS Control with Active Directory (direct) authentication39VCS Control and VCS Expressway, each with Active Directory (direct) authentication41VCS Control and VCS Expressway with Active Directory (direct) authentication on VCS Control43VCS Control and VCS Expressway with Active Directory (direct) authentication for proxied registrations46Document revision history49Size: 690 KBPages: 50Language: EnglishOpen manual
/en/manuals/1610408/Table of ContentsAbout device authentication4Authentication policy6Configuring VCS authentication policy6Controlling system behavior for authenticated and non-authenticated devices7Authentication policy configuration options8Zone-level authentication policy8Subzone-level authentication policy10SIP authentication trust11Configuring delegated credential checking (SIP only)12Configuring your video communications network for delegated credential checking12Device provisioning and authentication policy15Presence and authentication policy17Hierarchical dial plans and authentication policy18Practical configuration of authentication policy19Authentication methods20Configuring VCS authentication methods20Authentication mechanism21Endpoint credentials used for authentication21Configuring authentication to use the local database22Using an H.350 directory service lookup via LDAP23Using an H.350 directory with other authentication mechanisms25Using Active Directory database (direct)26Configuration prerequisites26Configuring the connection to Active Directory Service (ADS)27Configuring the Active Directory Service settings27Clustered VCS systems30Enabling NTLM authentication challenges30Configuring Jabber Video and testing Active Directory database (direct) authe...30Ports31Authenticating with external systems32Appendix 1: Troubleshooting33Local database troubleshooting33H.350 directory service troubleshooting33Active Directory (direct) troubleshooting33Jabber Video fails to authenticate33Device provisioning (TMSPE mode) and presence34Appendix 2: Additional information36Device authentication port reference36H.350 directory service36Active Directory (direct)36Certificates for TLS36Use with VCS clusters36Active Directory (direct)36IT requisition37H.350 directory service: IT requisition (for LDAP access to H.350 directory s...37Active directory (direct):IT requisition (for access to Active Directory server)38Appendix 3: Active Directory (direct)39SIP messages for a provisioning subscription39Example DNS SRV configuration for AD40Expected DNS SRV values40Checking DNS SRV settings40Checking DNS SRV settings (Dig command)40Jabber Video PC and AD server compatibility configuration41LMCompatibility level for Jabber Video and the AD server41NtlmMinClientSec and session security level42Checking domain information and VCS status43Domain_management43Net ads info44Net ads testjoin44Leaving a domain44Example process for moving Jabber Video users to AD direct authentication45Example AD direct authentication deployments46VCS Control with Active Directory (direct) authentication46VCS Control and VCS Expressway, each with Active Directory (direct) authentic...48VCS Expressway with Active Directory (direct) authentication delegated to the...51Document revision history54Size: 1.02 MBPages: 55Language: EnglishOpen manual
/en/manuals/1610406/Table of ContentsAbout device authentication4Authentication policy6Configuring VCS authentication policy6Controlling system behavior for authenticated and non-authenticated devices7Authentication policy configuration options8Zone-level authentication policy8Subzone-level authentication policy10SIP authentication trust11Configuring delegated credential checking (SIP only)12Configuring your video communications network for delegated credential checking12Device provisioning and authentication policy15Presence and authentication policy17Hierarchical dial plans and authentication policy18Practical configuration of authentication policy19Authentication methods20Configuring VCS authentication methods20Authentication mechanism21Endpoint credentials used for authentication21Configuring authentication to use the local database22Using an H.350 directory service lookup via LDAP23Using an H.350 directory with other authentication mechanisms25Using Active Directory database (direct)26Configuration prerequisites26Configuring the connection to Active Directory Service (ADS)27Configuring the Active Directory Service settings27Clustered VCS systems30Enabling NTLM authentication challenges30Configuring Jabber Video and testing Active Directory database (direct) authe...30Ports31Authenticating with external systems32Appendix 1: Troubleshooting33Local database troubleshooting33H.350 directory service troubleshooting33Active Directory (direct) troubleshooting33Jabber Video fails to authenticate33Device provisioning (TMSPE mode) and presence34Appendix 2: Additional information36Device authentication port reference36H.350 directory service36Active Directory (direct)36Certificates for TLS36Use with VCS clusters36Active Directory (direct)36IT requisition37H.350 directory service: IT requisition (for LDAP access to H.350 directory s...37Active directory (direct):IT requisition (for access to Active Directory server)38Appendix 3: Active Directory (direct)39SIP messages for a provisioning subscription39Example DNS SRV configuration for AD40Expected DNS SRV values40Checking DNS SRV settings40Checking DNS SRV settings (Dig command)40Jabber Video PC and AD server compatibility configuration41LMCompatibility level for Jabber Video and the AD server41NtlmMinClientSec and session security level42Checking domain information and VCS status43Domain_management43Net ads info44Net ads testjoin44Leaving a domain44Example process for moving Jabber Video users to AD direct authentication45Example AD direct authentication deployments46VCS Control with Active Directory (direct) authentication46VCS Control and VCS Expressway, each with Active Directory (direct) authentic...48VCS Expressway with Active Directory (direct) authentication delegated to the...51Document revision history54Size: 1.02 MBPages: 55Language: EnglishOpen manual
/en/manuals/1610400/Table of ContentsAbout device authentication4Authentication policy6Configuring VCS authentication policy6Controlling system behavior for authenticated and non-authenticated devices7Authentication policy configuration options8Zone-level authentication policy8Subzone-level authentication policy10SIP authentication trust11Configuring delegated credential checking (SIP only)12Configuring your video communications network for delegated credential checking12Device provisioning and authentication policy15Presence and authentication policy17Hierarchical dial plans and authentication policy18Practical configuration of authentication policy19Authentication methods20Configuring VCS authentication methods20Authentication mechanism21Endpoint credentials used for authentication21Configuring authentication to use the local database22Using an H.350 directory service lookup via LDAP23Using an H.350 directory with other authentication mechanisms25Using Active Directory database (direct)26Configuration prerequisites26Configuring the connection to Active Directory Service (ADS)27Configuring the Active Directory Service settings27Clustered VCS systems30Enabling NTLM authentication challenges30Configuring Jabber Video and testing Active Directory database (direct) authe...30Ports31Authenticating with external systems32Appendix 1: Troubleshooting33Local database troubleshooting33H.350 directory service troubleshooting33Active Directory (direct) troubleshooting33Jabber Video fails to authenticate33Device provisioning (TMSPE mode) and presence34Appendix 2: Additional information36Device authentication port reference36H.350 directory service36Active Directory (direct)36Certificates for TLS36Use with VCS clusters36Active Directory (direct)36IT requisition37H.350 directory service: IT requisition (for LDAP access to H.350 directory s...37Active directory (direct):IT requisition (for access to Active Directory server)38Appendix 3: Active Directory (direct)39SIP messages for a provisioning subscription39Example DNS SRV configuration for AD40Expected DNS SRV values40Checking DNS SRV settings40Checking DNS SRV settings (Dig command)40Jabber Video PC and AD server compatibility configuration41LMCompatibility level for Jabber Video and the AD server41NtlmMinClientSec and session security level42Checking domain information and VCS status43Domain_management43Net ads info44Net ads testjoin44Leaving a domain44Example process for moving Jabber Video users to AD direct authentication45Example AD direct authentication deployments46VCS Control with Active Directory (direct) authentication46VCS Control and VCS Expressway, each with Active Directory (direct) authentic...48VCS Expressway with Active Directory (direct) authentication delegated to the...51Document revision history54Size: 1.04 MBPages: 55Language: EnglishOpen manual
/en/manuals/1610399/Table of ContentsAbout Device Authentication3Authentication Policy5Configuring VCS Authentication Policy5Controlling System Behavior for Authenticated and Non-authenticated Devices6Authentication Policy Configuration Options6Zone-level Authentication Policy7Subzone-level Authentication Policy9SIP Authentication Trust9Configuring Delegated Credential Checking (SIP Only)11Configuring Your Video Communications Network for Delegated Credential Checking11Device Provisioning and Authentication Policy14Presence and Authentication Policy16Hierarchical Dial Plans and Authentication Policy17Practical Configuration of Authentication Policy18Authentication Methods19Configuring VCS Authentication Methods19Authentication Mechanism20Endpoint Credentials Used for Authentication20Configuring Authentication to Use the Local Database21Using an H.350 Directory Service Lookup via LDAP22Using an H.350 Directory with Other Authentication Mechanisms24Using Active Directory Database (Direct)25Configuration Prerequisites25Configuring the Connection to Active Directory Service (ADS)26Configuring the Active Directory Service Settings26Clustered VCS Systems29Enabling NTLM Authentication Challenges29Configuring Jabber Video and Testing Active Directory Database (Direct) Authe...29Ports30Authenticating with External Systems31Appendix 1: Troubleshooting32Local Database Troubleshooting32H.350 Directory Service Troubleshooting32Active Directory (Direct) Troubleshooting32Jabber Video Fails to Authenticate32Device Provisioning (TMSPE Mode) and Presence33Appendix 2: Additional Information34Device Authentication Port Reference34H.350 Directory Service34Active Directory (Direct)34Certificates for TLS34Use with VCS Clusters34Active Directory (Direct)34IT Requisition35H.350 Directory Service: IT Requisition (for LDAP Access to H.350 Directory S...35Active Directory (Direct):IT Requisition (for Access to Active Directory Server)36Appendix 3: Active Directory (Direct)38SIP Messages for a Provisioning Subscription38Example DNS SRV Configuration for AD39Expected DNS SRV Values39Checking DNS SRV Settings39Checking DNS SRV Settings (Dig Command)39Jabber Video PC and AD Server Compatibility Configuration40LMCompatibility Level for Jabber Video and the AD Server40NtlmMinClientSec and Session Security Level41Checking Domain Information and VCS Status41Domain_management42Net Ads Info42Net Ads Testjoin43Leaving a Domain43Example Process for Moving Jabber Video Users to AD Direct Authentication43Example AD Direct Authentication Deployments45VCS Control with Active Directory (Direct) Authentication45VCS Control and VCS Expressway, each with Active Directory (Direct) Authentic...47VCS Expressway with Active Directory (direct) Authentication Delegated to the...50Document Revision History53Cisco Legal Information53Cisco Trademark54Size: 983 KBPages: 54Language: EnglishOpen manual
/en/manuals/1610379/Table of ContentsContents2Introduction3Usage3VCS configuration4Configure LDAP server details on VCS4Status messages on the Login account LDAP configuration page6State = Active6State = Failed6Configure DNS server6Define groups on VCS7Groups for administrator login7Groups for user login8Define groups in the authentication server8Set login authentication to use remote database8Appendix 1 – IT requisition (for access to authentication server)10Appendix 2 – IT requisition (for group configuration)11Appendix 3 – Active Directory structure12Appendix 4 – Configuring groups in Active Directory14Create a group object14Make a user a member of a group15Appendix 5 – Troubleshooting16Viewing / searching LDAP database16Unable to log in after switching to remote authentication16AD “Domain Users” group fails to allow login16Appendix 6 – Certificates for TLS17Appendix 7 – Use with VCS clusters18Document revision history19Size: 430 KBPages: 20Language: EnglishOpen manual
/en/manuals/1610378/Table of ContentsDocument revision history3Introduction4Usage4Cisco VCS configuration5Configure LDAP server details on Cisco VCS5Status messages on Login account LDAP configuration page7State = Active7State = Failed7Configure DNS server8Define groups on Cisco VCS9Groups for administrator login9Groups for user login10Define Groups in the AD or other authentication server10Set login authentication to use remote database10Appendix 1 – IT requisition (for access to authentication server)12Appendix 2 – IT requisition (for group configuration)13Appendix 3 – Active Directory structure14Appendix 4 – Configuring groups in Active Directory16Create a group object16Make a user a member of a group17Appendix 5 – Troubleshooting18Viewing / searching LDAP database18Windows18Unix / Linux18Unable to log in after switching to remote authentication18AD “Domain Users” group fails to allow login18Appendix 6 – Certificates for TLS19Appendix 7 – Use with Cisco VCS clusters20Size: 340 KBPages: 21Language: EnglishOpen manual
/en/manuals/1610374/Table of ContentsIntroduction3Process summary3LDAP accessible authentication server configuration4Define groups in the authentication server4VCS configuration5Configure DNS server5Configure LDAP server details on VCS5Connection status8Define groups on VCS8Groups for administrator login8Groups for user login9Appendix 1: Troubleshooting11Viewing / searching LDAP database11Unable to log in after switching to remote authentication11AD “Domain Users” group fails to allow login11Appendix 2: Additional information12Certificates for TLS12Use with VCS clusters12IT requisition (for access to authentication server)13IT requisition (for group configuration)14Appendix 3: Example Active Directory structure15Appendix 4: Configuring groups in Active Directory17Create a group object17Make a user a member of a group17Document revision history19Size: 420 KBPages: 20Language: EnglishOpen manual
/en/manuals/1610371/Table of ContentsIntroduction3Process summary3LDAP accessible authentication server configuration4Define groups in the authentication server4VCS configuration5Configure DNS server5Configure LDAP server details on VCS5Connection status8Define groups on VCS8Groups for administrator login8Groups for user login9Appendix 1: Troubleshooting11Viewing / searching LDAP database11Unable to log in after switching to remote authentication11AD “Domain Users” group fails to allow login11Appendix 2: Additional information12Certificates for TLS12Use with VCS clusters12IT requisition (for access to authentication server)13IT requisition (for group configuration)14Appendix 3: Example Active Directory structure15Appendix 4: Configuring groups in Active Directory17Create a group object17Make a user a member of a group17Document revision history19Size: 417 KBPages: 20Language: EnglishOpen manual
/en/manuals/1610368/Table of ContentsIntroduction3Process summary3LDAP accessible authentication server configuration4Define groups in the authentication server4VCS configuration5Configure DNS server5Configure LDAP server details on VCS5Connection status8Define groups on VCS9Groups for administrator login9Groups for user login10Appendix 1: Troubleshooting12Viewing / searching LDAP database12Unable to log in after switching to remote authentication12AD “Domain Users” group fails to allow login12Appendix 2: Additional information13Certificates for TLS13Use with VCS clusters13IT requisition (for access to authentication server)14IT requisition (for group configuration)15Appendix 3: Example Active Directory structure16Appendix 4: Configuring groups in Active Directory18Create a group object18Make a user a member of a group18Document revision history20Size: 431 KBPages: 21Language: EnglishOpen manual
/en/manuals/1610351/Table of ContentsIntroduction3Process Summary3LDAP Accessible Authentication Server Configuration4Define Groups in the Authentication Server4VCS Configuration4Configure DNS Server4Configure LDAP Server Details on VCS4Connection Status7Define Groups on VCS8Appendix 1: Troubleshooting11Viewing / Searching LDAP Database11Unable to Log in After Switching to Remote Authentication11AD “Domain Users” Group Fails to Allow Login11Appendix 2: Additional Information12Certificates for TLS12Use with VCS Clusters12IT Requisition for Access to Authentication Server13IT Requisition for Group Configuration14Appendix 3: Example Active Directory Structure15Appendix 4: Configuring Groups in Active Directory16Create a Group Object16Make a User a Member of a Group16Document Revision History18Cisco Legal Information18Cisco Trademark19Size: 369 KBPages: 19Language: EnglishOpen manual
/en/manuals/1610350/Table of ContentsIntroduction3Deciding between VCS or IM and Presence Service for XMPP Federation3How to use this Deployment Guide3Related Documentation3External XMPP Federation through VCS4Task Flow for XMPP Federation through VCS7Server Certificate Requirements for Unified Communications8VCS Control Server Certificate Requirements8VCS Expressway Server Certificate Requirements9Configuring Local Domains for XMPP Federation on VCS11Configuring VCS Expressway for XMPP Federation11Configuring how XMPP Servers for Federated Domains and Chat Node Aliases are ...14To use DNS Lookups:14To use Static Routes:14Configuring the Allow and Deny Lists for Federated Domains and Chat Node Aliases15DNS SRV Records for XMPP Federation16Port Usage for XMPP Federation17Checking XMPP Federation Status18Viewing Federated Connections18Troubleshooting External XMPP Federation19XMPP Federation through IM and Presence Service23Supported Systems23Intercluster and Multinode Deployments23Example of XMPP Federated Network between IM and Presence Service and IBM Sam...24Task Flow for XMPP Federation through IM and Presence Service25Configuring IM and Presence Service for XMPP Federation26DNS Configuration for XMPP Federation29Configure DNS SRV Record for XMPP Federation Chat Node33Policy Settings Configuration for XMPP Federation35Configure the Cisco Adaptive Security Appliance for XMPP Federation37Turn on XMPP Federation Service39Security Certificate Configuration for XMPP Federation40Email Address for Federation Configuration44Serviceability Configuration for Federation49Federation Integration Verification51Troubleshooting an XMPP Federation Integration52High Availability for XMPP Federation53Document Revision History54Cisco Legal Information55Cisco Trademark55Size: 1000 KBPages: 56Language: EnglishOpen manual
/en/manuals/1610313/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing4Deployment scenario5Summary of configuration process5Prerequisites for system configuration5Cisco VCS configuration7Cisco VCS and H.323 MCU7Cisco VCS and SIP MCU8Cisco VCS and MCU supporting both H.323 and SIP9Cisco VCS with H.323 endpoints initiating a Multiway™ conference9SIP endpoints with SIP MCU9SIP endpoints with H.323 MCU10H.323 endpoints with H.323 MCU10H.323 endpoints with SIP MCU10Cisco VCS configuration: in a cluster10Cisco VCS configuration: in a network of Cisco VCSs10Cisco VCS configuration: with OCS10OCS R110OCS R211Cisco VCS configuration: with CUCM11Cisco TelePresence MCU configuration12H.32312SIP13Endpoint configuration(those that can initiate a Multiway™ conference)14E2014MXP – F Series14MXP – L Series15Endpoint requirements (those that can be joined to a Multiway™ conference)16H.32316SIP16Other devices (IP PBXs, gateways etc …)16Appendix 1 - Troubleshooting17Problems connecting Cisco VCS Control local calls17Check for errors18Tracing calls18My MXP will not create a Multiway™ call18Appendix 2 – Known interworking limitations19Multiple MCUs for capacity and resilience19Appendix 3 – Call flows for Multiway™20Overview of Multiway™ call flow20SIP20H.32323Appendix 4 – Multiway Beta on TANDBERG Gatekeeper24Size: 529 KBPages: 25Language: EnglishOpen manual
/en/manuals/1610311/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing4Deployment scenario5Summary of configuration process5Prerequisites for system configuration5Cisco VCS configuration7Cisco VCS and H.323 MCU7Cisco VCS and SIP MCU8Cisco VCS and MCU supporting both H.323 and SIP9Cisco VCS with H.323 endpoints initiating a Multiway™ conference10SIP endpoints with SIP MCU10SIP endpoints with H.323 MCU10H.323 endpoints with H.323 MCU10H.323 endpoints with SIP MCU10Cisco VCS configuration: in a cluster10Cisco VCS configuration: in a network of VCSs11Cisco VCS configuration: with OCS11OCS R111OCS R211Cisco VCS configuration: with CUCM11Cisco TelePresence MCU configuration12H.32312SIP13Endpoint configuration(those that can initiate a Multiway™ conference)15Cisco IP Video Phone E2015Cisco TelePresence System EX Series15Cisco TelePresence System Profiles using C Series codecs15Cisco TelePresence System MXP Series15TANDBERG MXP – L Series16Endpoint requirements (those that can be joined to a Multiway™ conference)17H.32317SIP17Other devices (IP PBXs, gateways and so on)17Appendix 1 - Troubleshooting18Problems connecting Cisco VCS Control local calls18Check for errors19Tracing calls19My MXP will not create a Multiway™ call19Appendix 2 – Known interworking limitations21Multiple MCUs for capacity and resilience21Appendix 3 – Call flows for Multiway™22Overview of Multiway™ call flow22SIP22H.32325Appendix 4 – Multiway Beta on TANDBERG Gatekeeper26Appendix 5 – Using Cisco TelePresence Conductor and Multiway27Size: 503 KBPages: 28Language: EnglishOpen manual
/en/manuals/1610308/Table of ContentsContents2Introduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing4Cisco Multiway with Conductor5The advantages of using Conductor and Multiway5Deployment scenario6Prerequisites6Designing a dial plan7Summary of configuration process7Configuring a search rule on the VCS7Configuring a search rule towards Conductor:7Configuring a Multiway conference alias on the Cisco TelePresence Conductor8Configuring the endpoints using TMS Provisioning Extension9Configuring the endpoints manually for use with Conductor9Cisco Multiway without Conductor10Deployment scenario10Summary of configuration process10Prerequisites for system configuration11Cisco VCS configuration11Cisco VCS and H.323 MCU12Cisco VCS and SIP MCU13Cisco VCS and MCU supporting both H.323 and SIP14Cisco VCS with H.323 endpoints initiating a Multiway conference14SIP endpoints with SIP MCU14SIP endpoints with H.323 MCU14H.323 endpoints with H.323 MCU15H.323 endpoints with SIP MCU15Cisco VCS configuration: in a cluster15Cisco VCS configuration: in a network of VCSs15Cisco VCS configuration: with OCS/Lync15Cisco VCS configuration: with CUCM16Cisco TelePresence MCU configuration16Endpoint configuration (with or without Conductor)19Endpoints that can initiate a Multiway conference19Cisco IP Video Phone E2019Cisco TelePresence System EX Series19Cisco TelePresence System Profiles using C Series codecs19Cisco TelePresence System MXP Series19TANDBERG MXP – L Series20Endpoint requirements (those that can be joined to a Multiway conference)21H.32321SIP21Other devices (IP PBXs, gateways and so on)21Optimizing the Multiway user experience22Appendix 1 - Troubleshooting23Problems connecting Cisco VCS Control local calls23Check for errors24Tracing calls24MXP will not create a Multiway call24Appendix 2 – Known interworking limitations without Conductor25Multiple MCUs for capacity and resilience25Appendix 3 – Call flows for Multiway without Conductor26Overview of Multiway call flow26SIP26H.32329Appendix 4 – Multiway Beta on TANDBERG Gatekeeper32Appendix 5 – Cisco TelePresence product integration33Using Cisco ISDN gateway with Multiway33Legal notices34Intellectual property rights34Copyright notice34Size: 645 KBPages: 35Language: EnglishOpen manual
/en/manuals/1610306/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing5Cisco Multiway with TelePresence Conductor6The advantages of using TelePresence Conductor and Multiway6Deployment scenario6Prerequisites7Designing a dial plan8Summary of configuration process8Configuring a search rule on the VCS8Configuring a Multiway conference alias on the TelePresence Conductor9Configuring the endpoints using Cisco TMSPE10Configuring the endpoints manually for use with TelePresence Conductor10Cisco Multiway without TelePresence Conductor11Deployment scenario11Summary of configuration process11Prerequisites for system configuration12VCS configuration12VCS and H.323 MCU13VCS and SIP MCU14VCS and MCU supporting both H.323 and SIP15VCS with H.323 endpoints initiating a Multiway conference16SIP endpoints with SIP MCU16SIP endpoints with H.323 MCU16H.323 endpoints with H.323 MCU16H.323 endpoints with SIP MCU16VCS configuration: in a cluster16VCS configuration: in a network of VCSs16VCS configuration: with Lync17VCS configuration: with CUCM17Cisco TelePresence MCU configuration17Endpoint configuration (with or without TelePresence Conductor)20Endpoints that can initiate a Multiway conference20Cisco IP Video Phone E2020Cisco TelePresence System EX Series20Cisco TelePresence System Profiles using C Series codecs20Cisco TelePresence System MXP Series21TANDBERG MXP – L Series22Endpoint requirements (those that can be joined to a Multiway conference)22H.32322SIP22Other devices (IP PBXs, gateways and so on)22Optimizing the Multiway user experience on an MCU (without TelePresence Condu...23Appendix 1 - Troubleshooting24Problems connecting VCS Control local calls24Check for errors25Tracing calls25MXP will not create a Multiway call25Appendix 2 – Known interworking limitations without TelePresence Conductor26Multiple MCUs for capacity and resilience26Appendix 3 – Call flows for Multiway without TelePresence Conductor27Overview of Multiway call flow27SIP27H.32330Appendix 4 – Cisco TelePresence product integration34Using Cisco TelePresence ISDN Gateway with Multiway34Size: 670 KBPages: 35Language: EnglishOpen manual
/en/manuals/1610299/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing5Cisco Multiway with TelePresence Conductor6The advantages of using TelePresence Conductor and Multiway6Deployment scenario6Prerequisites7Designing a dial plan8Summary of configuration process8Configuring a search rule on the VCS8Configuring a Multiway conference alias on the TelePresence Conductor9Configuring the endpoints using Cisco TMSPE10Configuring the endpoints manually for use with TelePresence Conductor10Cisco Multiway without TelePresence Conductor11Deployment scenario11Summary of configuration process11Prerequisites for system configuration12VCS configuration12VCS and H.323 MCU13VCS and SIP MCU14VCS and MCU supporting both H.323 and SIP15VCS with H.323 endpoints initiating a Multiway conference16SIP endpoints with SIP MCU16SIP endpoints with H.323 MCU16H.323 endpoints with H.323 MCU16H.323 endpoints with SIP MCU16VCS configuration: in a cluster16VCS configuration: in a network of VCSs16VCS configuration: with Lync17VCS configuration: with CUCM17Cisco TelePresence MCU configuration17Endpoint configuration (with or without TelePresence Conductor)20Endpoints that can initiate a Multiway conference20Cisco IP Video Phone E2020Cisco TelePresence System EX Series20Cisco TelePresence System Profiles using C Series codecs20Cisco TelePresence System MXP Series21TANDBERG MXP – L Series22Endpoint requirements (those that can be joined to a Multiway conference)22H.32322SIP22Other devices (IP PBXs, gateways and so on)22Optimizing the Multiway user experience on an MCU (without TelePresence Condu...23Appendix 1: Troubleshooting25Problems connecting VCS Control local calls25Check for errors26Tracing calls26MXP will not create a Multiway call26Calls use less bandwidth than expected26Appendix 2: Known interworking limitations without TelePresence Conductor28Multiple MCUs for capacity and resilience28Appendix 3: Call flows for Multiway without TelePresence Conductor29Overview of Multiway call flow29SIP29H.32332Appendix 4: Cisco TelePresence product integration36Using Cisco TelePresence ISDN Gateway with Multiway36Appendix 5: Deployment with TelePresence Conductor connected to Cisco Unified CM37Deployment scenario37Conference creation process37Configuration tasks38Task 1: Checking that the VCS Conference Factory application uses numeric prefixes only38Task 2: Configuring a SIP trunk between VCS and Cisco Unified CM38Task 3: Adding additional configuration on the VCS38Task 4: Configuring a SIP trunk between Cisco Unified CM and TelePresence Conductor39Task 5: Adding additional configuration on Cisco Unified CM39Task 6: Adding additional configuration on the TelePresence Conductor40Size: 847 KBPages: 41Language: EnglishOpen manual
/en/manuals/1610283/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing4Cisco Multiway with Conductor5The advantages of using Conductor and Multiway5Deployment scenario6Prerequisites6Designing a dial plan7Summary of configuration process7Configuring a search rule on the VCS7Configuring a search rule towards Conductor:7Configuring a Multiway conference alias on the Cisco TelePresence Conductor8Configuring the endpoints using TMS Provisioning Extension9Configuring the endpoints manually for use with Conductor9Cisco Multiway without Conductor10Deployment scenario10Summary of configuration process10Prerequisites for system configuration11Cisco VCS configuration11Cisco VCS and H.323 MCU13Cisco VCS and SIP MCU14Cisco VCS and MCU supporting both H.323 and SIP14Cisco VCS with H.323 endpoints initiating a Multiway conference15SIP endpoints with SIP MCU15SIP endpoints with H.323 MCU15H.323 endpoints with H.323 MCU15H.323 endpoints with SIP MCU15Cisco VCS configuration: in a cluster15Cisco VCS configuration: in a network of VCSs16Cisco VCS configuration: with OCS/Lync16Cisco VCS configuration: with CUCM16Cisco TelePresence MCU configuration16Manual endpoint configuration with or without Conductor19Configuration for endpoints that can initiate a Multiway conference)19Cisco IP Video Phone E2019Cisco TelePresence System EX Series19Cisco TelePresence System Profiles using C Series codecs19Cisco TelePresence System MXP Series20TANDBERG MXP – L Series20Endpoint requirements (those that can be joined to a Multiway conference)21H.32321SIP21Other devices (IP PBXs, gateways and so on)21Optimizing the Multiway user experience22Appendix 1 - Troubleshooting23Problems connecting Cisco VCS Control local calls23Check for errors24Tracing calls24My MXP will not create a Multiway call24Appendix 2 – Known interworking limitations without Conductor25Multiple MCUs for capacity and resilience25Appendix 3 – Call flows for Multiway without Conductor26Overview of Multiway call flow26SIP26H.32329Appendix 4 – Multiway Beta on TANDBERG Gatekeeper32Appendix 5 – Cisco TelePresence product integration33Using Cisco ISDN gateway with Multiway33Legal notices34Intellectual property rights34Copyright notice34Size: 625 KBPages: 35Language: EnglishOpen manual
/en/manuals/1610276/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing5Cisco Multiway with TelePresence Conductor6The advantages of using TelePresence Conductor and Multiway6Deployment scenario6Prerequisites7Designing a dial plan8Summary of configuration process8Configuring a search rule on the VCS8Configuring a Multiway conference alias on the TelePresence Conductor9Configuring the endpoints using Cisco TMSPE10Configuring the endpoints manually for use with TelePresence Conductor10Cisco Multiway without TelePresence Conductor11Deployment scenario11Summary of configuration process11Prerequisites for system configuration12VCS configuration12VCS and H.323 MCU13VCS and SIP MCU14VCS and MCU supporting both H.323 and SIP15VCS with H.323 endpoints initiating a Multiway conference15SIP endpoints with SIP MCU16SIP endpoints with H.323 MCU16H.323 endpoints with H.323 MCU16H.323 endpoints with SIP MCU16VCS configuration: in a cluster16VCS configuration: in a network of VCSs16VCS configuration: with Lync16VCS configuration: with Unified CM17Cisco TelePresence MCU configuration17Endpoint configuration (with or without TelePresence Conductor)20Endpoints that can initiate a Multiway conference20Cisco IP Video Phone E2020Cisco TelePresence System EX Series20Cisco TelePresence System Profiles using C Series codecs20Cisco TelePresence System MXP Series21TANDBERG MXP – L Series22Endpoint requirements (those that can be joined to a Multiway conference)22H.32322SIP22Other devices (IP PBXs, gateways and so on)22Optimizing the Multiway user experience on an MCU (without TelePresence Condu...23Appendix 1: Troubleshooting24Problems connecting VCS Control local calls24Check for errors25Tracing calls25MXP will not create a Multiway call25Calls use less bandwidth than expected25Appendix 2: Known interworking limitations without TelePresence Conductor27Multiple MCUs for capacity and resilience27Appendix 3: Call flows for Multiway without TelePresence Conductor28Overview of Multiway call flow28SIP28H.32331Appendix 4: Cisco TelePresence product integration35Using Cisco TelePresence ISDN Gateway with Multiway35Size: 1010 KBPages: 36Language: EnglishOpen manual
/en/manuals/1610274/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing5Cisco Multiway with TelePresence Conductor6The advantages of using TelePresence Conductor and Multiway6Deployment scenario6Prerequisites7Designing a dial plan8Summary of configuration process8Configuring a search rule on the VCS8Configuring a Multiway conference alias on the TelePresence Conductor9Configuring the endpoints using Cisco TMSPE10Configuring the endpoints manually for use with TelePresence Conductor10Cisco Multiway without TelePresence Conductor11Deployment scenario11Summary of configuration process11Prerequisites for system configuration12VCS configuration12VCS and H.323 MCU13VCS and SIP MCU14VCS and MCU supporting both H.323 and SIP15VCS with H.323 endpoints initiating a Multiway conference15SIP endpoints with SIP MCU16SIP endpoints with H.323 MCU16H.323 endpoints with H.323 MCU16H.323 endpoints with SIP MCU16VCS configuration: in a cluster16VCS configuration: in a network of VCSs16VCS configuration: with Lync16VCS configuration: with Unified CM17Cisco TelePresence MCU configuration17Endpoint configuration (with or without TelePresence Conductor)20Endpoints that can initiate a Multiway conference20Cisco IP Video Phone E2020Cisco TelePresence System EX Series20Cisco TelePresence System Profiles using C Series codecs20Cisco TelePresence System MXP Series21TANDBERG MXP – L Series22Endpoint requirements (those that can be joined to a Multiway conference)22H.32322SIP22Other devices (IP PBXs, gateways and so on)22Optimizing the Multiway user experience on an MCU (without TelePresence Condu...23Appendix 1: Troubleshooting24Problems connecting VCS Control local calls24Check for errors25Tracing calls25MXP will not create a Multiway call25Calls use less bandwidth than expected25Appendix 2: Known interworking limitations without TelePresence Conductor27Multiple MCUs for capacity and resilience27Appendix 3: Call flows for Multiway without TelePresence Conductor28Overview of Multiway call flow28SIP28H.32331Appendix 4: Cisco TelePresence product integration35Using Cisco TelePresence ISDN Gateway with Multiway35Size: 1010 KBPages: 36Language: EnglishOpen manual
/en/manuals/1610268/Table of ContentsIntroduction4Objectives and intended audience4Overview of Multiway™4Centralized resources for conferencing4Intuitive conferencing5Cisco Multiway with TelePresence Conductor6The advantages of using TelePresence Conductor and Multiway6Deployment scenario6Prerequisites7Designing a dial plan8Summary of configuration process8Configuring a search rule on the VCS8Configuring a Multiway conference alias on the TelePresence Conductor9Configuring the endpoints using Cisco TMSPE10Configuring the endpoints manually for use with TelePresence Conductor10Testing your Multiway deployment with TelePresence Conductor10Cisco Multiway without TelePresence Conductor12Deployment scenario12Summary of configuration process12Prerequisites for system configuration13VCS configuration13VCS and H.323 MCU14VCS and SIP MCU15VCS and MCU supporting both H.323 and SIP16VCS with H.323 endpoints initiating a Multiway conference16SIP endpoints with SIP MCU17SIP endpoints with H.323 MCU17H.323 endpoints with H.323 MCU17H.323 endpoints with SIP MCU17VCS configuration: in a cluster17VCS configuration: in a network of VCSs17VCS configuration: with Lync17VCS configuration: with Unified CM18Cisco TelePresence MCU configuration18Testing your Multiway deployment without TelePresence Conductor20Endpoint configuration (with or without TelePresence Conductor)21Endpoints that can initiate a Multiway conference21Cisco IP Video Phone E2021Cisco TelePresence System EX Series21Cisco TelePresence System Profiles using C Series codecs21Cisco TelePresence System MXP Series22TANDBERG MXP – L Series23Endpoint requirements (those that can be joined to a Multiway conference)23H.32323SIP23Other devices (IP PBXs, gateways and so on)23Optimizing the Multiway user experience on an MCU (without TelePresence Condu...24Appendix 1: Troubleshooting26Problems connecting VCS Control local calls26Check for errors27Tracing calls27MXP will not create a Multiway call27Calls use less bandwidth than expected27Appendix 2: Known interworking limitations without TelePresence Conductor29Multiple MCUs for capacity and resilience29Appendix 3: Call flows for Multiway without TelePresence Conductor30Overview of Multiway call flow30SIP30H.32333Appendix 4: Cisco TelePresence product integration37Using Cisco TelePresence ISDN Gateway with Multiway37Appendix 5: Deployment with TelePresence Conductor connected to Unified CM38Deployment scenario38Limitations38Conference creation process38Configuration tasks39Task 1: Configuring a SIP trunk between VCS and Unified CM39Task 2: Checking the zone configuration on the VCS39Task 3: Checking the SIP profile configuration on Unified CM39Task 4: Configuring a SIP trunk between Unified CM and TelePresence Conductor39Task 5: Creating a route pattern on Unified CM39Task 6: Checking the search rule configuration on the VCS40Task 7: Checking the conference template configuration on the TelePresence Conductor40Task 8: Creating a conference alias on the TelePresence Conductor40Task 9: Configuring the endpoints for Multiway41Task 10: Testing the Multiway deployment41Size: 1.28 MBPages: 42Language: EnglishOpen manual
Developer's GuideTable of ContentsDocument revision history3Introduction4Objectives and intended audience4Deployment scenario4Summary of configuration process4Cisco VCS setup for CUC integration5Cisco TMS setup for CUC integration8CUC setup9Supplementary information14FindMe14Integrating CUC with a Cisco VCS cluster14Message Waiting Indicator to alphanumeric extensions15Size: 410 KBPages: 16Language: EnglishOpen manual
/en/manuals/1610246/Table of ContentsCisco TelePresence Video Communication Server (Cisco VCS) IP port usage for firewall traversal1Contents: Cisco VCS IP port usage2Guide to this document: format of information3Administration: Cisco VCS Expressway4Administration: Cisco VCS Expressway5Administration: Cisco VCS Expressway6Administration: Cisco VCS Expressway7SIP traversal call8SIP call to endpoint with public IP address9SIP call to endpoint behind non SIP-aware firewall10SIP – additional ports for ICE (from VCS X6.0)11H.323 traversal call using Assent12H.323 traversal call using H.460.18 / 19 non-mux media13H.323 traversal call using H.460.18 / 19 multiplexed media14H.323 call with registered endpoint with public IP address15H.323 call with a non-registered endpoint with public IP16H.323 call with endpoint supporting Assent behind firewall17H.323 call with endpoint supporting H.460.18 / 19 non-mux media18H.323 call with endpoint supporting H460.18 / 19 multiplexed media19SIP/H.323 Authentication: Cisco VCS Expressway20Administration: Cisco VCS Control21Administration: Cisco VCS Control22Administration: local endpoint23Administration: local endpoint24SIP: internal25H.323: internal26SIP B2BUA (for calls to Microsoft OCS/Lync devices)27Size: 874 KBPages: 28Language: EnglishOpen manual
/en/manuals/1610242/Table of ContentsDocument revision history3Introduction4Related documents4Set up FindMe5Create user accounts and FindMe profiles7Manual creation of user accounts and FindMe profiles7Using Cisco TMS to mass provision user accounts and FindMe profiles8Create FindMe devices automatically from provisioned devices10User account (FindMe) login authentication11Sending and returning calls via ISDN gateways12Using FindMe to convert E.164 numbers to FindMe IDs12Using ENUM to convert E.164 numbers to FindMe IDs12H.323 gateway prefix12Replicating the FindMe database with TMS14Clustered VCSs or a single VCS using TMS provisioning14Non-clustered VCS which does not use TMS provisioning14Appendix 1 – FindMe in a VCS cluster16OCS Relay16Appendix 2 – FindMe on different VCSs in a network17Appendix 3 – FindMe and Presence18Appendix 4 – Troubleshooting19Using search history to diagnose FindMe19Appendix 5 – Known limitations20Microsoft Office Communication Server (OCS) – MOC device IDs as FindMe devices20Overwriting caller IDs with E.164 phone numbers for H.323 ISDN gateways20X5.020X5.1 and later20Phone numbers from Active Directory (AD)20Appendix 6 – Individual and group FindMe types21Individual21Group21Appendix 7 – Cisco TMS device URI patterns22Appendix 8 – Determining the FindMe ID for a caller23Appendix 9 – Characters allowed in SIP URIs24Size: 334 KBPages: 25Language: EnglishOpen manual
/en/manuals/1610231/Table of ContentsDocument revision history4Introduction5New features in AM GW 1.16Prerequisites to setting up a Cisco AM GW7Required configuration information7Configuring the Cisco VCS8Cisco VCS in B2BUA mode8Specify the Cisco AM GWs: B2BUA mode8Configure the Cisco AM GWs as trusted hosts: B2BUA mode8Cisco VCS in non-B2BUA mode9Configure the neighbor zone to the Cisco AM GW: non-B2BUA mode9Specify the Cisco AM GW zone: Non-B2BUA mode10Specify the Cisco AM GW routing policy12What should I allow?12Configuring the Cisco AM GW14Network port A settings14DNS settings14Network services15System settings15Resource settings16Time17Proxies17Shut down and restart the Cisco AM GW18Requirements and usage of MOC/Lync client19PC requirements19Increasing the resolution of a MOC/Lync client call19Appendix 1 – Troubleshooting21Cisco VCS and OCS/Lync21Cisco VCS search history and Status > Calls21MOC/Lync client debug21OCS/Lync debug21Cisco VCS / Cisco AM GW21Cisco VCS search history and Status > Calls21Cisco AM GW Event log21Cisco AM GW SIP log22Cisco AM GW CDRs22Appendix 2 – Known limitations23Restrictions23Duo Video23Simultaneous answer23AVMCU / livemeeting calls23Removed restrictions23Call transfer23Multiway23OCS/Lync Edge Server23Encrypted calls23Calls from OCS clear after 22 minutes24Appendix 3 – Reaching Cisco AM GW capacity25Appendix 4 – Bandwidth control26Non-B2BUA mode26B2BUA mode26Appendix 5 – Call license usage27Non-B2BUA mode27B2BUA mode27Appendix 6 – Endpoint specific configuration28AMGW 1.028AMGW 1.128Appendix 7 – Communicator for MAC29Size: 818 KBPages: 30Language: EnglishOpen manual
/en/manuals/1610230/Table of ContentsIntroduction3Configuring the Cisco VCS4Configuring an ENUM zone and search rule4To configure an ENUM zone:4To configure a search rule:4Configuring the Cisco VCS with a DNS server6Configuring NAPTR on a DNS server7BIND style configuration7/etc/named.conf file7/var/named/<filename>8Appendix 1 – Troubleshooting9Wireshark9Dig9Dig of a specific entry9Appendix 2 – Using Regex features of NAPTR10Size: 157 KBPages: 11Language: EnglishOpen manual
/en/manuals/1610227/Table of ContentsDocument revision history3Introduction4Objectives and intended audience4PKI Introduction4Overview of certificate use on the Cisco VCS4Certificate generation overview5Loading certificates onto Cisco VCS6Certificate generation process using Microsoft Certification Authority and OpenSSL7Authorize certificate request and generate a PEM certificate file using Microsoft Certification Authority8Get the Microsoft CA certificate8Certificate generation process using OpenSSL11OpenSSL and Mac OS X or Linux11OpenSSL and Windows11Configuring OpenSSL to act as a CA12Create a signed certificate using OpenSSL13Creating self-signed certificates using OpenSSL13Certificate generation process using Microsoft OCS15Generate a certificate request15Authorize certificate request and generate a PEM certificate file using OCS18Process the ‘cert_inf.pem’ file into server certificate, CA certificate and private key23Load certificates and private key onto VCS25Appendix 1 – Converting a DER certificate file to PEM format26Converting a DER certificate file to a PEM file using OpenSSL26Converting a DER certificate file to a PEM file using Microsoft Windows26Appendix 2 - Example certificate29Appendix 3 - Example certificate with a root CA and secondary CA30Appendix 4 – Decoding certificates32Decoding certificates using OpenSSL32Decoding certificates using Firefox32Size: 762 KBPages: 33Language: EnglishOpen manual
/en/manuals/1610220/Table of ContentsDocument revision history3Introduction4Usage4Cisco VCS configuration5Configure LDAP server details on Cisco VCS5Status messages on the Login account LDAP configuration page7State = Active7State = Failed7Configure DNS server7Define groups on Cisco VCS8Groups for administrator login8Groups for user login9Define groups in the authentication server9Set login authentication to use remote database10Appendix 1 – IT requisition (for access to authentication server)11Appendix 2 – IT requisition (for group configuration)12Appendix 3 – Active Directory structure13Appendix 4 – Configuring groups in Active Directory15Create a group object15Make a user a member of a group16Appendix 5 – Troubleshooting17Viewing / searching LDAP database17Windows17Unix / Linux17Unable to log in after switching to remote authentication17AD “Domain Users” group fails to allow login17Appendix 6 – Certificates for TLS18Appendix 7 – Use with Cisco VCS clusters19Size: 405 KBPages: 20Language: EnglishOpen manual
/en/manuals/1610103/Table of ContentsIntroduction3Setting up FindMe4Setting up user accounts and FindMe profiles6Configuring user account login authentication8Sending and returning calls via ISDN gateways9Using FindMe to convert E.164 numbers to FindMe IDs9Using ENUM to convert E.164 numbers to FindMe IDs9Including the ISDN gateway prefix in the caller ID9Additional information11Determining how to overwrite a caller ID with a FindMe ID11FindMe in a VCS cluster11Microsoft OCS/Lync and the VCS B2BUA11FindMe accounts hosted on different VCSs in a network11FindMe and Presence12Individual and group FindMe types12Characters allowed in SIP URIs12Troubleshooting14Using search history to diagnose FindMe issues14Known limitations15Microsoft OCS/Lync device IDs as FindMe devices15Bibliography16Document revision history17Size: 443 KBPages: 18Language: EnglishOpen manual
/en/manuals/1607079/Table of ContentsIntroduction3Setting up FindMe4Check FindMe option key4Set up a cluster name4Enable and configure FindMe settings4Setting up user accounts and FindMe profiles6Configuring user account login authentication8Sending and returning calls via ISDN gateways9Using FindMe to convert E.164 numbers to FindMe IDs9Using ENUM to convert E.164 numbers to FindMe IDs9Including the ISDN gateway prefix in the caller ID9Additional information11Determining how to overwrite a caller ID with a FindMe ID11FindMe in a VCS cluster11Microsoft Lync and the VCS B2BUA11FindMe accounts hosted on different VCSs in a network11FindMe and Presence12Individual and group FindMe types12Characters allowed in SIP URIs12Troubleshooting14Using search history to diagnose FindMe issues14Known limitations15Microsoft Lync device IDs as FindMe devices15Bibliography16Document revision history17Size: 492 KBPages: 18Language: EnglishOpen manual
/en/manuals/1606817/Table of ContentsIntroduction3Setting up FindMe4Check FindMe option key4Set up a cluster name4Enable and configure FindMe settings4Setting up user accounts and FindMe profiles6Configuring user account login authentication8Sending and returning calls via ISDN gateways9Using FindMe to convert E.164 numbers to FindMe IDs9Using ENUM to convert E.164 numbers to FindMe IDs9Including the ISDN gateway prefix in the caller ID9Additional information11Determining how to overwrite a caller ID with a FindMe ID11FindMe in a Cisco VCS cluster11Microsoft Lync and the Cisco VCS B2BUA11FindMe accounts hosted on different Cisco VCSs in a network11FindMe and Presence12Individual and group FindMe types12Characters allowed in SIP URIs12Troubleshooting14Using search history to diagnose FindMe issues14Known limitations15Microsoft Lync device IDs as FindMe devices15Bibliography16Document revision history17Size: 350 KBPages: 18Language: EnglishOpen manual
/en/manuals/1606812/Table of ContentsIntroduction3Setting up FindMe4Check FindMe option key4Set up a cluster name4Enable and configure FindMe settings4Setting up user accounts and FindMe profiles6Configuring user account login authentication8Sending and returning calls via ISDN gateways9Using FindMe to convert E.164 Alias’s to FindMe IDs9Using ENUM to convert E.164 Alias’s to FindMe IDs9Including the ISDN gateway prefix in the caller ID9Additional information11Determining how to overwrite a caller ID with a FindMe ID11FindMe in a Cisco VCS cluster11Microsoft Lync and the Cisco VCS B2BUA11FindMe accounts hosted on different Cisco VCSs in a network11FindMe and Presence12Individual and group FindMe types12Characters allowed in SIP URIs12Troubleshooting14Using search history to diagnose FindMe issues14Known limitations15Microsoft Lync device IDs as FindMe devices15Bibliography16Document revision history17Size: 347 KBPages: 18Language: EnglishOpen manual
/en/manuals/1606810/Table of ContentsIntroduction3Related documents3Set up FindMe4Create user accounts and FindMe profiles6Manual creation of user accounts and FindMe profiles6Using Cisco TMS to mass provision user accounts and FindMe profiles7Create FindMe devices automatically from provisioned devices9User account (FindMe) login authentication10Sending and returning calls via ISDN gateways11Using FindMe to convert E.164 numbers to FindMe IDs11Using ENUM to convert E.164 numbers to FindMe IDs11H.323 gateway prefix11Replicating the FindMe database with Cisco TMS13Clustered Cisco VCSs or a single Cisco VCS using Cisco TMS provisioning13Non-clustered Cisco VCS which does not use Cisco TMS Provisioning13Appendix 1 – FindMe in a Cisco VCS cluster15OCS Relay15Appendix 2 – FindMe on different Cisco VCSs in a network16Appendix 3 – FindMe and Presence17Appendix 4 – Troubleshooting18Using search history to diagnose FindMe18Appendix 5 – Known limitations19Microsoft Office Communication Server (OCS) – MOC device IDs as FindMe devices19Overwriting caller IDs with E.164 phone numbers for H.323 ISDN gateways19X5.019X5.1 and later19Phone numbers from Active Directory (AD)19Appendix 6 – Individual and group FindMe types20Individual20Group20Appendix 7 – Cisco TMS device URI patterns21Appendix 8 – Determining the FindMe ID for a caller22Appendix 9 – Characters allowed in SIP URIs23Size: 341 KBPages: 24Language: EnglishOpen manual
/en/manuals/1606806/Table of ContentsExternal policy overview3Using an external policy server3Configuring VCS to use an external policy server6Configuring Registration Policy to use an external service6Configuring Call Policy to use an external service7Configuring search rules to use an external service8Default CPL for policy services10Policy server status and resiliency11Viewing policy server status via the VCS11External policy request parameters12Appendix 1: Design examples14Call Policy design examples14Using a policy service to allow or deny calls14Using a policy service to route calls17Using a policy service to implement FindMe (User Policy)20Search rule design examples21Round-robin routing to a member of a group21Forwarding calls to other members of a group in a round-robin style21Registration Policy design examples22Allowing or denying registrations based on protocol22Appendix 2: CPL snippet examples23CPL snippets for call processing23Allow CPL23Reject CPL23Route CPL23Forking CPL24Conditional routing CPL24CPL snippets for registration requests24Registration allow CPL25Registration reject CPL25Appendix 3: Message logging26Trace example: Call Policy request and response26Trace example: Registration Policy request and response26Document revision history28Size: 609 KBPages: 29Language: EnglishOpen manual