Cisco Cisco Expressway メンテナンスマニュアル
Configuring the HTTP server allow list (whitelist) on Expressway-C
Jabber client endpoints may need to access additional web services inside the enterprise. This requires an
"allow list" of servers to be configured to which the Expressway will grant access for HTTP traffic originating
from outside the enterprise.
"allow list" of servers to be configured to which the Expressway will grant access for HTTP traffic originating
from outside the enterprise.
The features and services that may be required, and would need whitelisting, include:
n
Visual Voicemail
n
Jabber Update Server
n
Custom HTML tabs / icons
n
Directory Photo Host
To configure the set of addresses to which HTTP access will be allowed:
1. On Expressway-C, go to
Configuration > Unified Communications > Configuration
.
2. Click HTTP server allow list.
3. Configure the hostnames or IP addresses of any HTTP servers that external Jabber clients are allowed to
access.
Access is granted if the server portion of the client-supplied URI matches one of the names entered here,
or if it resolves via DNS lookup to a specified IP address.
Access is granted if the server portion of the client-supplied URI matches one of the names entered here,
or if it resolves via DNS lookup to a specified IP address.
Expressway-C automatically whitelists the IP addresses of all discovered Unified CM nodes (that are
running the CallManager or TFTP service), IM and Presence Service nodes, and Cisco Unity Connection
nodes. These entries cannot be deleted. They are displayed in the
running the CallManager or TFTP service), IM and Presence Service nodes, and Cisco Unity Connection
nodes. These entries cannot be deleted. They are displayed in the
Auto-configured allow list
section of the
HTTP server allow list
page.
Setting up the Expressway-E
This section describes the configuration steps required on the Expressway-E.
Configuring DNS and NTP settings
Check and configure the basic system settings on Expressway:
1. Ensure that System host name and Domain name are specified (
System > DNS
).
Note that <System host name>.<Domain name> is the FQDN of this Expressway-E. Ensure that this
FQDN is resolvable in public DNS.
FQDN is resolvable in public DNS.
2. Ensure that public DNS servers are specified (
System > DNS
).
3. Ensure that all Expressway systems are synchronized to a reliable NTP service (
System > Time
). Use
an Authentication method in accordance with your local policy.
If you have a cluster of Expressways you must do this for every peer.
Enabling the Expressway-E for mobile and remote access
To enable mobile and remote access functionality:
1. Go to
Configuration > Unified Communications > Configuration
.
2. Set Unified Communications mode to Mobile and remote access.
3. Click Save.
Cisco Expressway Administrator Guide (X8.5)
Page 70 of 394
Unified Communications
Mobile and remote access