Cisco Cisco TelePresence Video Communication Server Expressway
trusted by the VCS Control and the VCS Expressway.
n
Bandwidth restrictions: The Maximum Session Bit Rate for Video Calls on the default region on
Cisco Unified Communications Manager is 384 kbps by default. The Default call bandwidth on VCS
Control is also 384 kbps by default. These settings may be too low to deliver the expected video quality for
the DX Series.
Cisco Unified Communications Manager is 384 kbps by default. The Default call bandwidth on VCS
Control is also 384 kbps by default. These settings may be too low to deliver the expected video quality for
the DX Series.
Configuration summary
EX/MX/SX Series endpoints (running TC software)
Ensure that the provisioning mode is set to Cisco UCM via Expressway.
On Unified CM, you need to ensure that the IP Addressing Mode for these endpoints is set to IPV4_ONLY.
These endpoints must verify the identity of the VCS Expressway they are connecting to by validating its
server certificate. To do this, they must have the certificate authority that was used to sign the VCS
Expressway's server certificate in their list of trusted CAs.
server certificate. To do this, they must have the certificate authority that was used to sign the VCS
Expressway's server certificate in their list of trusted CAs.
These endpoints ship with a list of default CAs which cover the most common providers (Verisign, Thawte,
etc). If the relevant CA is not included, it must be added. See 'Managing the list of trusted certificate
authorities' in the endpoint's administrator guide.
etc). If the relevant CA is not included, it must be added. See 'Managing the list of trusted certificate
authorities' in the endpoint's administrator guide.
Mutual authentication is optional; these endpoints are not required to provide client certificates. If you do
want to configure mutual TLS, you cannot use CAPF enrolment to provision the client certificates; you must
manually apply the certificates to the endpoints. The client certificates must be signed by an authority that is
trusted by the VCS Expressway.
want to configure mutual TLS, you cannot use CAPF enrolment to provision the client certificates; you must
manually apply the certificates to the endpoints. The client certificates must be signed by an authority that is
trusted by the VCS Expressway.
Jabber clients
Jabber clients must verify the identity of the VCS Expressway they are connecting to by validating its server
certificate. To do this, they must have the certificate authority that was used to sign the VCS Expressway's
server certificate in their list of trusted CAs.
certificate. To do this, they must have the certificate authority that was used to sign the VCS Expressway's
server certificate in their list of trusted CAs.
Jabber uses the underlying operating system's certificate mechanism:
n
Windows: Certificate Manager
n
MAC OS X: Key chain access
n
IOS: Trust store
n
Android: Location & Security settings
Jabber client configuration details for mobile and remote access is contained within the relevant installation
and configuration for that Jabber client:
and configuration for that Jabber client:
n
n
n
n
(requires X8.2 or later)
DNS records
This section summarizes the public (external) and local (internal) DNS requirements. For more information,
see
see
.
Unified Communications Mobile and Remote Access via Cisco VCS Deployment Guide (X8.6)
Page 12 of 55
Configuration overview