cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
419
Views
0
Helpful
7
Replies

Video conference untis registered into VCS-control

baselzind
Level 6
Level 6

i have a vcs-control connected to a vcs-expressway , i was wondering if i register my video conference units into the vcs-control how will they get out of my network and with which ip address? will it get the vcs-c ip address or will the call get diverted into the expressway and get its ip address? and if so which ip address the local ip address or the dmz ip address because as you know vcs-expressway have two ethernet connections one to the inside and one to the outside "DMZ" i need to know so that i can create firewall rules to establish video calls?

7 Replies 7

Patrick Sparkman
VIP Alumni
VIP Alumni

Call from endpoints registered to your VCS-C will traverse your firewall to the VCS-E, then out to your DNS and routed to whomever you're calling.  Suggest you take a look at the VCS Basic Configuration (Control with Expressway) Deployment Guide (X8.8), it goes over how to deploy your VCS-C/E and setup a DNS zone for making B2B calls to external endpoints.

If I remember right, H323 calls will appear as alias@IP I believe, but it has been awhile since I've made an H323 call. However for SIP, the other endpoint will see your address as "alias@domain", and H323 calls can also be formatted this way as well.  Regardless of the protocol you use for calls, you need to have SRV records setup on your external DNS that point to your VCS-E, refer to Appendix 2 of the deployment guide.

No firewall ports are needed to be opened between the VCS-C/E, as the communication is always from the -C to the -E, where the -E will reply back on the open port created by the -C.  However, the VCS-E will need firewall ports open to allow in/outbound calls, refer to the port reference in the VCS X8.8 Admin Guide on pg 391, and also suggest you also look through the VCS X8.7 IP Port Usage for Firewall Traversal.

thank you for the input , actually my vcs-c is connected to my vcs-expressway with no firewall in the middle , also yes im using sip calling so the alias will be like you said "alias@domain" , but my question let us say one vcs have this alias "vc1@domain" so on the outisde firewall how can i make a rule for this specific vc? i dont think i can make firewall rules for sip alias so could it be expressway ip address?

Open your firewall for the VCS-E, as any calls going in/out of your organization will be going through it.

yes but my vcs-e is behind a firewall and that firewall is connected to the wan so you mean calls coming into the vcs-e from vcs-c and going to the outside firewall will have the vcs-e ip address? not the vc unit own ip address?

They will appear as coming from the VCS-E, because that is the entry/exit point for your network to be able to reach your internal endpoints registered to the VCS-C.

assuming it the traffic from a video conference unit get the ip of the vcs-expressway , does it get the vcs-e lan ip or the vcs-e dmz ip??? and in my case the dmz ip is natted so should i make a rule for the natted ip or the dmz ip? it is very confusing

Should get the DMZ IP.  Refer to Appendix 3 and 4 in the deployment, it goes over firewall and NAT settings as well as using the advanced network feature of the VCS-E.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: