Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
676
Views
0
Helpful
3
Replies

Best way to separate the endspoints and Movi/Jabber

BW Dijk
Level 1
Level 1

‎04-11-2012 04:01 AM - edited ‎03-17-2019 11:02 PM

Hello

I'm working on a tipical VCS c & VCSe configuration with TMS & movi

I have 3 IP ranges (office locations).

To separate the these locations I created 3 Subzones using Subzone membership rules. This works for the endpoits.

But I have trouble to make the autentication of the movi users work, they can register to the VCS but the passwords don't work

What is the best way to have movi clients register in regard with

- Default Zone             Do not check credentials - Treat as authenticated or Check credentials

- Default Subzone       Do not check credentials - Treat as authenticated or Check credentials

- Subzones                Do not check credentials - Treat as authenticated or Check credentials

What is the best and easiest way to separate the endpoints from the movi clients, all units are on the same IP range end subnet.

So that autentication of the movi users work and that the endpoits can register

Best regards,

Bert-Wietze

Labels:
0 Helpful
3 Replies 3

Patrick Pettit
Cisco Employee
Cisco Employee

‎04-11-2012 04:46 AM

HI Bert - If you want to try and put MOVI into one subzone on VCS, try REGEX pattern to match to the device URI pattern you have in TMS. 

So we have a MOVI subzone allocated on our lab VCS with subzone membership rule: (.*).movi@tacsupport.lab

Device URI in TMS is set to the following for MOVI: {username}.{device.model}@tacsupport.lab

We set this MOVI subzone to check credentials, and when running a log, you *should* see the 401 Unauthorized and then the re-subscribe with MOVI sending the credentials. 

Give it a shot and let us know if this works for you.

VR

Patrick

0 Helpful

Alok Jaiswal
Cisco Employee
Cisco Employee

‎04-12-2012 09:31 AM

In addition to what patrick has said, i would suggest followoing settings for your scenario.

Default zone  -- check credentials --> necessary as all initial subscribe would be passed through this zone and will be challenged for credentials. If you set it to "treat as authenticated" any password would work.

Default subzone for MOVI -- check credentials or treat as authenticated as phonebook or presence requires this to be authenticated.

Subzone for endpoint -- Treat as authenticated -- so that if you do not use the authentication  for registration your registration should work.

Also creating different subzones will allow you to manage bandwidth proeprly.

Thanks

Alok

0 Helpful

BW Dijk
Level 1
Level 1
In response to Alok Jaiswal

‎04-13-2012 05:05 AM

Hello Alok and Patrick,

I got it done and it works fine, thanks for the answers.

Best regards,

Bert-Wietze

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents