Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
53
D14049.08
November 2010
November 2010
Grey Headline (continued)
CISCO TELEPRESENCE
VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Registration control
Endpoint registration
For an endpoint to use the VCS as its H.323 gatekeeper or SIP
registrar, the endpoint must first register with the VCS. The
VCS can be configured to control which devices are allowed to
register with it. Two separate mechanisms are provided:
registrar, the endpoint must first register with the VCS. The
VCS can be configured to control which devices are allowed to
register with it. Two separate mechanisms are provided:
•
based on the username and
password supplied by the endpoint
•
a simple Registration Restriction Policy that uses
to specify which aliases can and cannot register
with the VCS, and the ability to control registrations based on
IP addresses and subnet ranges through the specification of
subzone membership rules and
IP addresses and subnet ranges through the specification of
subzone membership rules and
.
It is possible to use both mechanisms together. For example,
you can use authentication to verify an endpoint’s identity from a
corporate directory, and registration restriction to control which
of those authenticated endpoints may register with a particular
VCS.
This section gives an overview of how endpoints and other
devices register with the VCS, and then describes the two
mechanisms by which registrations can be restricted.
you can use authentication to verify an endpoint’s identity from a
corporate directory, and registration restriction to control which
of those authenticated endpoints may register with a particular
VCS.
This section gives an overview of how endpoints and other
devices register with the VCS, and then describes the two
mechanisms by which registrations can be restricted.
For specific information about how registrations are
managed across peers in a cluster, see the
managed across peers in a cluster, see the
section.
Registration overview
MCU, gateway and Content Server registration
H.323 systems such as gateways, MCUs and Content Servers
can also register with a VCS. They are known as locally
registered services. These systems are configured with their own
prefix, which they provide to the VCS when registering. The VCS
will then know to route all calls that begin with that prefix to the
gateway, MCU or Content Server as appropriate. These prefixes
can also be used to control registrations.
SIP devices cannot register prefixes. If your dial plan dictates
that a SIP device should be reached via a particular prefix,
then you should add the device as a neighbor zone with an
associated search rule using a pattern match equal to the prefix
to be used.
can also register with a VCS. They are known as locally
registered services. These systems are configured with their own
prefix, which they provide to the VCS when registering. The VCS
will then know to route all calls that begin with that prefix to the
gateway, MCU or Content Server as appropriate. These prefixes
can also be used to control registrations.
SIP devices cannot register prefixes. If your dial plan dictates
that a SIP device should be reached via a particular prefix,
then you should add the device as a neighbor zone with an
associated search rule using a pattern match equal to the prefix
to be used.
The Cisco TelePresence MPS 200 and MPS 800, and the
Cisco TelePresence Content Server both support
Expressway. They can therefore register directly with a
VCS Expressway for firewall traversal.
Cisco TelePresence Content Server both support
Expressway. They can therefore register directly with a
VCS Expressway for firewall traversal.
Registrations on a Cisco VCS Expressway
If a traversal-enabled endpoint registers directly with a VCS
Expressway, the VCS Expressway will provide the same services
to that endpoint as a VCS Control, with the addition of firewall
traversal. Traversal-enabled endpoints include all Cisco
TelePresence Expressway™ endpoints and third party endpoints
which support the ITU H.460.18 and H.460.19 standards.
Endpoints that are not traversal-enabled can still register with
a VCS Expressway, but they may not be able to make or receive
calls through the firewall successfully. This will depend on a
number of factors:
Expressway, the VCS Expressway will provide the same services
to that endpoint as a VCS Control, with the addition of firewall
traversal. Traversal-enabled endpoints include all Cisco
TelePresence Expressway™ endpoints and third party endpoints
which support the ITU H.460.18 and H.460.19 standards.
Endpoints that are not traversal-enabled can still register with
a VCS Expressway, but they may not be able to make or receive
calls through the firewall successfully. This will depend on a
number of factors:
•
whether the endpoint is using SIP or H.323
•
the endpoint’s position in relation to the firewall
•
whether there is a NAT in use
•
whether the endpoint is using a public IP address
For example, if an endpoint is behind a NAT or firewall, it may not
be able to receive incoming calls and may not be able to receive
media for calls it has initiated. SIP endpoints can also work
behind a NAT but can only receive video if they send it as well.
To ensure firewall traversal will work successfully for H.323
endpoints behind a NAT, the endpoint must be traversal-enabled.
be able to receive incoming calls and may not be able to receive
media for calls it has initiated. SIP endpoints can also work
behind a NAT but can only receive video if they send it as well.
To ensure firewall traversal will work successfully for H.323
endpoints behind a NAT, the endpoint must be traversal-enabled.