I am installing VCS to enable vpnless remote jabber on CUCM9.1
I have refered to Cisco TelePresenceVideo Communication Server Basic Configuration (Control with Expressway) Deployment Guide which refers to designs with 2 x ASAs. In the advanced networking section (Appendix 4: Advanced network deployments) it refers to having a VCS-E in the DMZ but with 2 x interfaces (lan1 & lan2) and this requires the Dual Interface option key but it refers to a hardware appliance with 2 x physical lan ports.
My question is is this deployment supported on vmware ? So, i have a single vmware host with a single ethernet to my asa but this needs to have 2 x lan ports on it so i have to trunk this to the asa (with internal & dmz vlans) ? I can then put a internal IP on lan1 and the nat'd dmz ip address on lan2. Apply the dual nic license. When i install vcs-e it will see the lan1 & lan2 and nat between them.
Yes you can have a single physical interface on the host, create a vSwitch for each VLAN (Internal & External) and assign them to the relevant vNICS on the Expressway-E (or VCS-E).
Just need to note that you may need to add static routes to the DMZ expressway so it can access your internal network (VCS Control/ExpresswayC, DNS, NTP, etc) , example below
xconfig IP Route 1 address: "10.0.0.0" xconfig IP Route 1 prefixlength: 8 xconfig IP Route 1 gateway: "10.1.1.1" xconfig IP Route 1 interface: LAN2 (or LAN1 if that is your internal)
xconfig IP Route 2 address: "172.16.0.0" xconfig IP Route 2 prefixlength: 16 xconfig IP Route 2 gateway: "10.1.1.1" xconfig IP Route 2 interface: LAN2 (or LAN1 if that is your internal)
To make things a bit more secure is if you have a DMZ switch, look at setting private VLANs set a private VLAN for two separate ports and connect them to two separate ASA ports. Then have a Dot1Q to the host.
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: email@example.com Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...