Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

C-series endpoint can do FW Traversal?

In the productsheets of the C-series I see:

Firewall Traversal:

- Cisco TelePresence Expressway technology

- H.460.18 H.460.19 Firewall Traversal

Does this means these endpoints can do traversal directly with a VCS-Expressway without needing a VCS-Control?

rgds, Geert.

Everyone's tags (5)
3 REPLIES

C-series endpoint can do FW Traversal?

Hi Geert!

I am not 100% sure what you are wondering about and how your deployment is planned.

(maybe you should give some info about your thougts, or you could talk to your Cisco Partner

who will be able to find a solution for you).

If you have an internal ,most likely enterprise network where all devices can and should talk directly to each other

you would use a VCS-C

If you have this network and you want to talk to devices on the internet or behind nat/firewalls you would use in addition a VCS-E

If you have endpoints behind NAT, like home office systems you would need a VCS-E as well.

In that case the C Series endpoint will utilize its firewall traversal capabilities together with the VCS-E.

If you only have external endpoints or you can live with the VCS-E im most cases bind the

traffic to itself (instead of going directly from endpoint to endpoint like on a VCS-E), then yes

you could depoy just the VCS-E with the TC (C-Series) TE (E20), Movi or MXP endpoints.

Martin

Please remember to rate helpful responses and identify

New Member

C-series endpoint can do FW Traversal?

Hi Martin,

Thanks for your feedback.

I've been asked to make a demo VC network where I have only 1 VCS-E and several type of endpoints, E20, EX60/90, dual profile 52 (C60) and Movi-clients and a MCU4501.

I've also a Internet connection with about 8 public addresses.

I've an old PIX-515 FW and FE switches.

So I was thinking of putting the VCS-E on the inside together with the MCU and the endpoints. But for this I then need the dual-network key for the VCS-E to do NATting.

But when I put the VCS-E on the outside I do not need that option key. But will the endpoints be able to register on the VCS-E and make VC-call to the outside. And is this via the traversal protocol? Anything to activated/configured on the endpoints?

rgds, Geert Folens.

C-series endpoint can do FW Traversal?

In this deployment the only things which need to be on public IP addreses would be the VCS-E and the MCU.

If you can put the MCU directly on a public IP you do not need the dual interface option key.

The rest can be in the same network on public ips as well, or they can come from a network with nat.

If you need external systems to reach your setup the MCU needs the RTP ports open to the internet as well

(the mcu does not support h460.18)

And yes, the endpoints, TC (Ex60/90, Profile), TE (E20), Movi, ... will work fine with the VCS-E on a public IP

without a dual interface option. You might want to have a TMS on a public IP as well.

Martin

Please remember to rate helpful responses and identify

687
Views
0
Helpful
3
Replies
CreatePlease login to create content