×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

Joining conference from public network through MCU firewall option

Answered Question
Oct 27th, 2014
User Badges:

Hi everybody! Lately we have a goal to jabber (without vpn) users from internet to join conferences inside our network. Our telepresence infrastructure consists of VCS, MCU and endpoints (MX,SX). I found out that MCU(4505) has a feature called video firewall option(through license). My question is whether it will be enough to achieve our goal? I also heard that for this purpose VCS expressway is used. What is the difference between those two?

Correct Answer by Jens Didriksen about 2 years 9 months ago

You would normally call the address of a preconfigured virtual meeting room; i.e. if your meeting room is 1234, then the JabberVideo client would call [email protected]_IP_address.

I guess they could call the public IP address which should send them to the auto-attendant, and then they would have to navigate to the correct conference hosted on the MCU from there. This may or may not work, depending on the JabberVideo client, i.e. "enterprise" or "free" versions, no guarantees as far as the latter goes as IP address format is not a native SIP type of address.

A VCS-C/VCS-E combination is a much more elegant solution and also gives you a lot more options.

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Correct Answer by Jens Didriksen about 2 years 9 months ago

The MCU firewall option just enables the second NIC so you can have one with a public IP and the second with a private IP (basically NAT'ed), and the internal and the external clients will connect to a pre-configured common virtual meeting room on the MCU.

The VCS-E (Expressway) works in tandem with your VCS-C to provide secure firewall traversal. VCS-C sits on the inside of you firewall and the VCS-E is normally in the DMZ.

This allows, among other things, external systems to call your systems using both H.323 and SIP URI dialling, this includes JabberVideo clients, but not Jabber the UC client.

For Jabber clients you would normally deploy expressway-e series, see http://www.cisco.com/c/en/us/products/collateral/unified-communications/expressway-series/datasheet-c78-730478.html and http://ciscocollab.wordpress.com/2014/01/29/deploying-collaboration-edge/ - whether this will work with your existing deployment is another story, you might be better off in the end looking at something like Pexip or Acano - both were developed by former TANDBERG/Codian/Cisco engineers.

/jens

Please rate replies and mark question(s) as "answered" if applicable.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Zhomart Asken Mon, 10/27/2014 - 22:24
User Badges:

Could someone reply to mu question. Any information would be appreciated

Thanks

Jens Didriksen Tue, 10/28/2014 - 01:21
User Badges:
  • Blue, 1500 points or more

Are you talking about JabberVideo or Jabber, the UC client?

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Zhomart Asken Tue, 10/28/2014 - 01:36
User Badges:

Hi Jens, im talking about connecting from internet to video conference through jabber that is not registered to our UC system(our telephony system runs on other vendor UC). 

 

Thank you!

Correct Answer
Jens Didriksen Tue, 10/28/2014 - 02:43
User Badges:
  • Blue, 1500 points or more

The MCU firewall option just enables the second NIC so you can have one with a public IP and the second with a private IP (basically NAT'ed), and the internal and the external clients will connect to a pre-configured common virtual meeting room on the MCU.

The VCS-E (Expressway) works in tandem with your VCS-C to provide secure firewall traversal. VCS-C sits on the inside of you firewall and the VCS-E is normally in the DMZ.

This allows, among other things, external systems to call your systems using both H.323 and SIP URI dialling, this includes JabberVideo clients, but not Jabber the UC client.

For Jabber clients you would normally deploy expressway-e series, see http://www.cisco.com/c/en/us/products/collateral/unified-communications/expressway-series/datasheet-c78-730478.html and http://ciscocollab.wordpress.com/2014/01/29/deploying-collaboration-edge/ - whether this will work with your existing deployment is another story, you might be better off in the end looking at something like Pexip or Acano - both were developed by former TANDBERG/Codian/Cisco engineers.

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Zhomart Asken Tue, 10/28/2014 - 03:25
User Badges:

Thank you! In MCU case can i make a call to this public ip address from internet from Jabber Video and join the conference(without VCS-E)?

Correct Answer
Jens Didriksen Tue, 10/28/2014 - 04:04
User Badges:
  • Blue, 1500 points or more

You would normally call the address of a preconfigured virtual meeting room; i.e. if your meeting room is 1234, then the JabberVideo client would call [email protected]_IP_address.

I guess they could call the public IP address which should send them to the auto-attendant, and then they would have to navigate to the correct conference hosted on the MCU from there. This may or may not work, depending on the JabberVideo client, i.e. "enterprise" or "free" versions, no guarantees as far as the latter goes as IP address format is not a native SIP type of address.

A VCS-C/VCS-E combination is a much more elegant solution and also gives you a lot more options.

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Zhomart Asken Tue, 10/28/2014 - 21:32
User Badges:

Thank you Jens for detailed answer. Could i ask one more question? What kind of restrictions does JabberVideo free has, for example how many JabberVideo free participants can join the conference in our network(simultaneously)?

Jens Didriksen Tue, 10/28/2014 - 22:10
User Badges:
  • Blue, 1500 points or more

Only limit is your resources, i.e. port availability on your MCU. Look at each JabberVideo client as a separate end-point.

The client itself is identical to the "enterprise" version, however, as this "free" version is provisioned by Cisco, you won't get presence, corporate directories, it is rate limited to a maximum of 1300kbps per call and support is only through the JabberVideo forum: https://supportforums.cisco.com/community/netpro/small-business/jabbervideosupport?view=discussions

Also bear in mind JabberVideo is now EOL/EOS so we really don't have any idea of how long the free version will be around for. Having said that, I don't believe it'll disappear anytime soon.

/jens

Please rate replies and mark question(s) as "answered" if applicable.

Actions

This Discussion