Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
section.
The Default Zone
The Default Zone represents any incoming calls from endpoints or other devices that are unregistered or not
recognized as belonging to the Local Zone or any of the existing configured zones.
recognized as belonging to the Local Zone or any of the existing configured zones.
the Traversal Subzone. Note that the Default Zone cannot be deleted.
Configuring the Default Zone
By configuring the Default Zone you can control how the VCS handles calls from unrecognized systems and
endpoints. To configure the Default Zone, go to Configuration > Zones > Zones and click on DefaultZone.
endpoints. To configure the Default Zone, go to Configuration > Zones > Zones and click on DefaultZone.
The configurable options are:
Field
Description
Usage tips
Authentication
policy
policy
The Authentication policy
setting controls how the VCS
challenges incoming messages
to the Default Zone.
setting controls how the VCS
challenges incoming messages
to the Default Zone.
for
more information.
Media
encryption
mode
encryption
mode
The Media encryption mode
setting controls the media
encryption capabilities for SIP
calls flowing through the
Default Zone.
setting controls the media
encryption capabilities for SIP
calls flowing through the
Default Zone.
for more
information.
ICE support
Controls whether ICE
messages are supported by the
devices in this zone.
messages are supported by the
devices in this zone.
information.
Use Default
Zone access
rules on port
Zone access
rules on port
This controls whether access
rules are applied to external
systems that attempt to
connect to the VCS TLS port
via the Default Zone.
rules are applied to external
systems that attempt to
connect to the VCS TLS port
via the Default Zone.
The default TLS port is 5061 and the default MTLS port is 5062.
This setting does not affect other connections to the Default
Zone (H.323 and SIP UDP/TCP).
This setting does not affect other connections to the Default
Zone (H.323 and SIP UDP/TCP).
TLS and MTLS: Access rules are enabled for Default Zone
connection attempts to the VCS TLS and MTLS ports.
connection attempts to the VCS TLS and MTLS ports.
MTLS Only: Access rules are disabled for Default Zone
connection attempts to the VCS TLS port. Access rules are
always enabled for Default Zone MTLS connection attempts.
connection attempts to the VCS TLS port. Access rules are
always enabled for Default Zone MTLS connection attempts.
There are no access rules by default. You need to create rules
before any connection attempts influenced by this setting will be
allowed. See
before any connection attempts influenced by this setting will be
allowed. See
for help on allowing matching systems to make TLS or
MTLS connections.
MTLS connections.
Using Links and Pipes to Manage Access and Bandwidth
associated
with the Default Zone. For example, you can:
■
delete the default links to prevent any incoming calls from unrecognized endpoints
■
apply pipes to the default links to control the bandwidth consumed by incoming calls from unrecognized
endpoints
endpoints
152
Cisco TelePresence Video Communication Server Administrator Guide