Cisco Cisco Expressway 维护手册
This automatically configures an appropriate traversal zone (a traversal client zone when selected on a Expressway-
C, or a traversal server zone when selected on an Expressway-E) that uses SIP TLS with TLS verify mode set to On,
and Media encryption mode set to Force encrypted.
C, or a traversal server zone when selected on an Expressway-E) that uses SIP TLS with TLS verify mode set to On,
and Media encryption mode set to Force encrypted.
This replaces the previous Unified Communications services setting that was available when configuring traversal
client and traversal server zones. Existing zones configured in previous software versions for Unified
Communications services are automatically converted to use the new Unified Communications traversal zone type.
client and traversal server zones. Existing zones configured in previous software versions for Unified
Communications services are automatically converted to use the new Unified Communications traversal zone type.
Note that this zone type applies to the web interface only, the underlying CLI configuration settings have not
changed.
changed.
Support for
X-cisco-srtp-fallback
Support has been added for the
X-cisco-srtp-fallback
package, allowing the Expressway's B2BUA to use Cisco
Unified Communications Manager-style best effort media encryption for the automatically generated TLS neighbor
zones.
zones.
RTP and RTCP media demultiplexing ports
In Small/Medium systems, 1 pair of RTP and RTCP media demultiplexing ports are used. These can now either be
explicitly specified (Configuration > Traversal > Ports) or they can be allocated from the start of the general range of
traversal media ports. In previous X8 releases they were always allocated from the start of the traversal media ports
range.
explicitly specified (Configuration > Traversal > Ports) or they can be allocated from the start of the general range of
traversal media ports. In previous X8 releases they were always allocated from the start of the traversal media ports
range.
In Large systems, 6 pairs of RTP and RTCP media demultiplexing ports are used. These are still always allocated from
the start of the traversal media ports range.
the start of the traversal media ports range.
After upgrading to X8.2, all existing traversal media port configurations / firewall requirements are maintained.
Diagnostic logging
The diagnostic logging feature has been extended to include:
■
an xconfig file
■
an xstatus file
■
enabling the tcpdump (if requested) cluster-wide
■
consolidating all of the files into a single downloadable diagnostic log archive (per peer)
■
an indication on the web administration page of which user / IP address initiated the logging
The xconfig and xstatus files are taken at the start of the logging process.
SIP REFER support
The Expressway B2BUA has SIP REFER message support. A SIP REFER mode advanced zone configuration
parameter has been introduced.
parameter has been introduced.
By default it will forward REFER messages, but it can be configured to terminate REFER messages and use the B2BUA
to perform the transfer (typically to a bridge) on behalf of the far endpoint.
to perform the transfer (typically to a bridge) on behalf of the far endpoint.
Other enhancements and usability improvements
■
The HTTP server allow list page (used for mobile and remote access clients to access additional web services
inside the enterprise) now displays any automatically configured entries.
inside the enterprise) now displays any automatically configured entries.
■
You can configure the timeout period for TLS socket handshake (Configuration > Protocols > SIP).
■
The TURN relay status page (Status > TURN relay usage) now provides a summary list of all the clients that
are connected to the TURN server. From there you can select a specific client to see all of the relays and ports
that it is using.
are connected to the TURN server. From there you can select a specific client to see all of the relays and ports
that it is using.
■
Ability to copy search rules. You can use the Clone action on the search rules listing page (Configuration
> Dial plan > Search rules) to copy and then edit an existing search rule.
> Dial plan > Search rules) to copy and then edit an existing search rule.
■
The DNS lookup tool allows you to select which DNS servers (from the configured set of default DNS servers)
to use for the lookup.
to use for the lookup.
■
The automated protection service now supports IPv6 addresses.
363
Cisco Expressway Administrator Guide