Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Note that:
■
You should configure the LAN 1 port and restart the VCS before configuring the LAN 2 port.
■
The LAN 1 and LAN 2 interfaces must be on different, non-overlapping subnets.
■
If you have Advanced Networking enabled but only want to configure one of the Ethernet ports, you must use
LAN 1.
LAN 1.
■
If the VCS Expressway is in the DMZ, the outside IP address of the VCS Expressway must be a public IP
address, or if static NAT mode is enabled, the static NAT address must be publicly accessible.
address, or if static NAT mode is enabled, the static NAT address must be publicly accessible.
■
The VCS Expressway may also be used to traverse internal firewalls within an enterprise. In this case the
"public" IP address may not be publicly accessible, but is an IP address accessible to other parts of the
enterprise.
"public" IP address may not be publicly accessible, but is an IP address accessible to other parts of the
enterprise.
■
If you need to change the IP addresses on one or both interfaces, you can do it via the UI or the CLI. You can
change both at the same time if required, and the new addresses take effect after a restart.
change both at the same time if required, and the new addresses take effect after a restart.
Configuring Static NAT
You can deploy the VCS Expressway behind a static NAT device, allowing it to have separate public and private IP
addresses. This feature is intended for use in deployments where the VCS Expressway is located in a DMZ, and has
the Advanced Networking feature enabled.
addresses. This feature is intended for use in deployments where the VCS Expressway is located in a DMZ, and has
the Advanced Networking feature enabled.
In these deployments, the externally-facing LAN port has static NAT enabled in order to use both a private and public
IPv4 address; the internally facing LAN port does not have static NAT enabled and uses a single IPv4 (or IPv6)
address.
IPv4 address; the internally facing LAN port does not have static NAT enabled and uses a single IPv4 (or IPv6)
address.
In such a deployment, traversal clients should be configured to use the internally-facing IP address of the VCS
Expressway.
Expressway.
To enable the use of a static NAT:
1.
Ensure that the Advanced Networking option key is installed.
2.
For the externally-facing LAN port:
a.
In the IPv4 address field, enter the VCS Expressway's private IP address.
b.
Set IPv4 static NAT mode to On.
c.
In the IPv4 static NAT address field, enter the VCS Expressway's public IP address - this is the IP address
of the outside of the NAT.
of the outside of the NAT.
Note:
The combination of having static NAT mode on and having the B2BUA engaged to do media
encryption/decryption can cause the firewall outside the VCS Expressway to mistrust packets originating from the
VCS Expressway. You can work around this by configuring the firewall to allow NAT reflection. If your firewall cannot
allow this, you must configure the traversal path such that the B2BUA on the VCS Expressway is not engaged.
VCS Expressway. You can work around this by configuring the firewall to allow NAT reflection. If your firewall cannot
allow this, you must configure the traversal path such that the B2BUA on the VCS Expressway is not engaged.
Configuring DNS Settings
The DNS page (System > DNS) is used to configure the VCS's DNS servers and DNS settings.
Configuring the System Host Name and Domain Name
The System host name defines the DNS host name that this VCS is known by.
■
It must be unique for each peer in a cluster.
■
It is used to identify the VCS on a remote log server (a default name of "TANDBERG" is used if the System
host name is not specified).
host name is not specified).
The Domain name is used when attempting to resolve unqualified server addresses (for example
ldapserver
). It is
appended to the unqualified server address before the query is sent to the DNS server. If the server address is fully
qualified (for example
qualified (for example
ldapserver.mydomain.com
) or is in the form of an IP address, the domain name is not appended
to the server address before querying the DNS server.
31
Cisco TelePresence Video Communication Server Administrator Guide
Network and System Settings