Cisco Support Community
Community Member

MRA using Expressway C only



I have not yet deployed Cisco Jabber without VPN and i have Many questions about that:

I always like to "Make simple and straight"

  1. Can we deploy the MRA without DNS and use the IP Addresses instead ?
  2. Can we use only Expressway C and NAT the internal interface ?
  3. Is it required to import the certifications between Expressway and unified communcation or i can simply press "continue" when i get error message ?

I will have more questions but it's very important for me to clear these points first



Everyone's tags (1)

 Hi,I have deployed a couple



I have deployed a couple of these for production and you do require the DNS SRV records (internal and external)


There must be an ExpresswayC and ExpresswayE deployed, you do need a proper certificate validation (your own cert auth or through provider) between the ExpresswayC and ExpresswayE SIP/TLS for MRA. No wild card certificates can be used.


Certificates between the ExpresswayC and the Call Manager, Presence, Unity Connections you don't need validation or you can use TCP (you can also just click accept from the Jabber Clients also)


Check out the session PDF on this link (right hand side) which is very good run down and configuration.




Community Member

appreciate your response

appreciate your response heathrw yesand i want to rate it but i guess there is a problem either in my browser or the forms


So what should be the username in Cisco jabber application ?

it should be or


I will also try to use the cisco jabber lab in PEC to understand more


 No problems I would normally


No problems


I would normally do as users can relate to.


From my understanding effectively the Jabber client just uses the domain portion to find the SRV record for connection to the ExpresswayE server (or presence if internal) then presents the username portion only (without the domain) as LDAP sync would most likely have the SamAccountID.


Since traditionally users just enter their ID and don't care what the domain is, this can get complicated though say if the organisation email is different to their windows login could be their employee ID the user would have to ender and not their email i.e. There are ways to deploy jabber to have a default domain lookup  so users should just enter their ID only. Its really just a training thing.


Community Member

HeathrwI really apperciate


I really apperciate your help, now i can't proceed in my lab with expressway as the administration guide shows the configuration for expressway C and E but i can't find a way how to make the server E or C



CreatePlease to create content