Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
70
D14049.08
November 2010
November 2010
Grey Headline (continued)
CISCO TELEPRESENCE
VIDEO COMMUNICATION SERVER
ADMINISTRATOR GUIDE
Zones
Configuring traversal server zones
The following options are available (in addition
to the Name, Type and Hop count described in
the
to the Name, Type and Hop count described in
the
section) when configuring
a traversal server zone on the VCS Expressway.
Traversal server zones are used to enable a
connection from the local VCS Expressway to a
traversal client.
For full details on how traversal client zones and
traversal server zones work together to achieve
firewall traversal, see the
Traversal server zones are used to enable a
connection from the local VCS Expressway to a
traversal client.
For full details on how traversal client zones and
traversal server zones work together to achieve
firewall traversal, see the
section.
An
order for traversal zones to work.
Client authentication username
Traversal clients must always authenticate
with traversal servers by providing their
authentication credentials. The authentication
username is the name that the traversal client
must provide to the VCS Expressway.
with traversal servers by providing their
authentication credentials. The authentication
username is the name that the traversal client
must provide to the VCS Expressway.
•
If the traversal client is a VCS, this must be
its Authentication Username.
its Authentication Username.
•
If the traversal client is a TANDBERG
Gatekeeper, this is its System Name.
Gatekeeper, this is its System Name.
There must also be an entry in the VCS
Expressway's local authentication database
for the client’s authentication username and
password. To check the list of entries and add
it if necessary, go to the Local authentication
database page. Either:
Expressway's local authentication database
for the client’s authentication username and
password. To check the list of entries and add
it if necessary, go to the Local authentication
database page. Either:
•
click on the Add/Edit local authentication
database link
database link
•
go to VCS configuration > Authentication >
Local database
Local database
See the
section for more
information.
H.323
Mode
Determines whether H.323 calls are allowed to
and from the traversal client.
and from the traversal client.
Protocol
Determines the protocol (Assent or H.460.18) to
use to traverse the firewall/NAT. (See the
use to traverse the firewall/NAT. (See the
section for more
information.)
Port
The port on the local VCS Expressway to use for
H.323 calls to and from the traversal client.
H.323 calls to and from the traversal client.
H.460.19 demultiplexing mode
Determines whether or not the same two ports
are used for media by two or more calls.
On: all calls from the traversal client use the
same two ports for media.
Off: each call from the traversal client uses a
separate pair of ports for media.
are used for media by two or more calls.
On: all calls from the traversal client use the
same two ports for media.
Off: each call from the traversal client uses a
separate pair of ports for media.
SIP
Mode
Determines whether SIP calls are allowed to and
from the traversal client.
from the traversal client.
Port
The port on the local VCS Expressway to use for
SIP calls to and from the traversal client.
SIP calls to and from the traversal client.
Transport
Determines which transport type is used for
SIP calls to and from the traversal client. The
default is TLS.
SIP calls to and from the traversal client. The
default is TLS.
TLS verify mode and subject name
Controls X.509 certificate checking and mutual
authentication between this VCS and the
traversal client.
If TLS verify mode is enabled, a TLS verify
subject name must be specified. This is the
certificate holder's name to look for in the
traversal client's X.509 certificate.
See
authentication between this VCS and the
traversal client.
If TLS verify mode is enabled, a TLS verify
subject name must be specified. This is the
certificate holder's name to look for in the
traversal client's X.509 certificate.
See
for more information.
Accept proxied registrations
Controls whether proxied SIP registrations
routed through this zone are accepted.
This setting only applies to registration requests
for a domain for which the VCS is acting as a
Registrar. For requests for other domains the
SIP Registration Proxy Mode setting applies
(see
routed through this zone are accepted.
This setting only applies to registration requests
for a domain for which the VCS is acting as a
Registrar. For requests for other domains the
SIP Registration Proxy Mode setting applies
(see
).
Poison mode
Determines if SIP requests sent to systems
located via this zone are "poisoned" such that if
they are received by this VCS again they will be
rejected.
located via this zone are "poisoned" such that if
they are received by this VCS again they will be
rejected.
UDP/TCP probes
UDP retry interval
The frequency (in seconds) with which the client
sends a UDP probe to the VCS Expressway if a
keep alive confirmation has not been received.
sends a UDP probe to the VCS Expressway if a
keep alive confirmation has not been received.
UDP retry count
The number of times the client attempts to send
a UDP probe to the VCS Expressway during call
setup.
a UDP probe to the VCS Expressway during call
setup.
UDP keep alive interval
The interval (in seconds) with which the client
sends a UDP probe to the VCS Expressway
after a call is established, in order to keep the
firewall’s NAT bindings open.
sends a UDP probe to the VCS Expressway
after a call is established, in order to keep the
firewall’s NAT bindings open.
TCP retry interval
The interval (in seconds ) with which the
traversal client sends a TCP probe to the VCS
Expressway if a keep alive confirmation has not
been received.
traversal client sends a TCP probe to the VCS
Expressway if a keep alive confirmation has not
been received.
TCP retry count
The number of times the client attempts to send
a TCP probe to the VCS Expressway during call
setup.
a TCP probe to the VCS Expressway during call
setup.
TCP keep alive interval
The interval (in seconds) with which the
traversal client sends a TCP probe to the VCS
Expressway when a call is in place, in order to
maintain the firewall’s NAT bindings.
traversal client sends a TCP probe to the VCS
Expressway when a call is in place, in order to
maintain the firewall’s NAT bindings.
The default UDP and TCP probe retry
intervals are suitable for most
situations. However, if you experience
problems with NAT bindings timing out,
they may need to be changed.
intervals are suitable for most
situations. However, if you experience
problems with NAT bindings timing out,
they may need to be changed.