09-01-2011 09:46 AM - edited 03-17-2019 10:27 PM
Dear all,
I have created movi account manually in the TMS, and it work fine with VCS - control.
However, It can't register to VCS-expressway. Is it compulsory to have a Name Authority Pointer record in DNS?
For example, we configure abc.com as SIP domain of VCS expressway,is it compulsory to resolve abc.com as public IP address of VCS expressway by DNS server?
Thank you,
Ben
Solved! Go to Solution.
09-05-2011 03:47 AM
thats mean you are not nating to the AMZ just direct to the Public IP of the VCSE
if this is the case at lease you should see registration attempts if nothing can be seen then you need to look into the firewall level
is it ASA ? try tp do packet capture and see why you arew not hitting the VCSE using SIP
as it might be firewall issue !
HTH
09-01-2011 10:00 AM
Not as far as I know. I can't test it right now though. Are you even seeing the registration attempt in the logs of the Expressway?
If you're not seeing that, then check out your Movi config to make sure the External VCS FQDN or IP is correct. If that's correct, you should at least see the registration attempt. If not...there must be something blocking it. Is your expressway unblocked (i.e. no network filtering devices like a firewall in the way)? Movi registers in the 50,000+ port range.
09-01-2011 10:06 AM
Hi Anthony Thomson,
I have checked the VCS Expressways, and there isn't any registration attempts.
The VCS Expressways is configured with public IP address, and I will take your suggestions to check any blocking issue.
Thank you a lot,
Ben
09-01-2011 06:53 PM
Hi Ben,
first of all not sure if you are registering the endpoints from external to the VCS expressway or you just using the VCSE as SIP proxy
in anyway
form external you need to have the external DNS to resolve the SIP domain to the VCS express way + the VCS expressway (external ) name has to resolve the name to the express way public IP
if you VCSE in the DMZ and you ar eusing 1 interface i recommend you to use direct Public IP and do not NAT from the public Internet to the DMZ VCSE IP
your DNS has to have DNS SRV records for th SIP signaling
please refer to the the deployment example bellow which i am sure it will be helpful
HTH
if helpful Rate
09-02-2011 08:49 AM
We are registering the endpoints from external to the VCS expressway that configured with a public address.
Also, we do not have the DNS resolving service because our equipment is configured as a lab environment. Do anyone knows any free DNS service?
09-02-2011 01:05 PM
Movi can use IP or DNS addresses to locate the Cisco VCSs.
You need a DNS entry if you are waiting a call from a endpoint that is not registered on your VCS...
or if you need to make calls using DNS zone to endpoints from "another" VCS.
BR. Oleksandr
09-04-2011 01:17 AM
if this is a lab then
- are using VCS E in the DMZ with public IP ? ifyes how many interface are yo using ? if one are NATing in the firewall the public IP to a private IP in the DMZ for the VCS E ?
- if you are registering to the VCS E you need to have the SIP domain configured in Movi same as the SIP domain configured in the VCS E
- you need to have a rule for the internal SIP domain
if you are using same SIP domain then you need to have rule to point to local VCS E and to VCS C too
HTH
09-05-2011 03:17 AM
Dear Marwanshawi,
The VCS -E is just configure with a public IP address with one interface.
In our lab environment, we are configured with same sip domain (for example abc.com) in both VCS-C and VCS-E.
There are some Tandberg endpoints separately registered to VCS-C and VCS-E, and they can make video calls.
09-05-2011 03:47 AM
thats mean you are not nating to the AMZ just direct to the Public IP of the VCSE
if this is the case at lease you should see registration attempts if nothing can be seen then you need to look into the firewall level
is it ASA ? try tp do packet capture and see why you arew not hitting the VCSE using SIP
as it might be firewall issue !
HTH
09-05-2011 06:38 AM
Hi marwanshawi,
You are right, it might be firewall issue.
We have logged into both VCS-C and VCS-E, from the event log, we found registeration at VCS-E
is failed with following reason,
tvcs: Event="Registration Rejected
" Reason="Received from unauthenticated source "
Thank you:)
09-05-2011 07:34 AM
Hi marwanshawi,
I solved the problem finally, thx so much
Ben
09-03-2011 07:50 PM
Lai,
In your TMS, check to make sure that the external sip server address is the ip address of your expressway.
09-05-2011 03:27 AM
hi Vernon Depee,
I have checked the TMS configuration, the external sip server address is the VCS-E address while SIP Server Address is the VCS-C address.
Thx
09-05-2011 09:05 AM
Dear all,
The problem has been solved by configured as follow,
add your endpoints' credentials(movi account and password) to the Authentication database of the VCS-Expressway.
However, we supposed the VCS-E will relay to the provisioning VCS control.
Can anyone provide some suggestions on this?
09-05-2011 04:25 PM
Hi Ben
so it is not Firewall issue rather authentication issue
before i used the VCE E as SIP proxy where i send the registration to the VCS S and it is integrated with TMS for provisioning i found it better than registering the endpoint to the VCS E as you can have all your call control configs on one place VCS C and the E is just like proxy to SIP Signaling and registration
not sure this is might be communication issue between the VCS E and TMS if the accounts are in TMS, this is in the case you are using TMS logins
anyway thanks for the update
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: