cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
942
Views
0
Helpful
5
Replies

VCS Expressway Starter Pack

wouter.hammer
Level 1
Level 1

Hi All,

First let me say that I'm kind of new to the "Tandberg" part of telepresence.

I'm going to implement a VCS Expressway starter pack (with the Dual network interface option) next week at our customer.

I've read the VCS Expressway SP deployment guide but I still got a few questions:

- What is the best location to place the VCSe SP?  (inside network,DMZ or Public network)

  We will hear tomorrow if the customer has a DMZ or not.

- I understand that the outside firewall needs to forward ports 5060, 5061 and range 50000/52399 to the VCSe SP

  If there is a DMZ do we need to open up ports on the inside firewall as well?

- Is is possible with the VCSe SP to receive video calls from not (locally) registred endpoints? (For example: a E20 from another company) If so, do we need to open up more ports on the firewall?

Thank you in advance,

Wouter

2 Accepted Solutions

Accepted Solutions

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi Wouter,

Check the below link for the more information.

http://www.cisco.com/en/US/prod/collateral/ps7060/ps11305/ps11315/ps11337/data_sheet_c78-697075.html

It gives answer to some of your questions, like which is the best place to install the VCS-SP in network.

Normally we have seen lot of cusotmers put the box in DMZ and use for making outgoing and incoming calls both.

Although the deployment is specifically depends on once network design and requirement.

Also check the deployment guide for VCS starter pack.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Expressway_Starter_Pack_Deployment_Guide_X7-1.pdf

it has given some of the port information, and also check the port usage document at below link.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_IP_Port_Usage_for_Firewall_Traversal_Deployment_Guide_X4_to_X7.pdf

and answering to your last questions, yes its possible to receive the video call from the endpoint not registered locally to VCS-SP but then you require the DNS SRV records for your video domain or you need to call using VCS-SP ip-address.

DNS srv is preferable method.

Thanks

Alok

View solution in original post

Haydn von Imhof
Level 4
Level 4

Hi Wouter

I addition to what Alok said..

A great guide to read is the Cisco TelePresence Video Communication Server Basic Configuration Cisco VCS Control with Cisco VCS Expressway Deployment Guide (X7.1) guide.

The VCS Expressway SP guide does not give a lot of information.

I would say the best location is in the DMZ.

Firewall configuration would need to be done on both the internal and external firewalls.

Is is possible with the VCSe SP to receive video calls from not (locally) registred endpoints? (For example: a E20 from another company) If so, do we need to open up more ports on the firewall?

Yes this will be possible. Only the ports in the quide should need to be configured.

View solution in original post

5 Replies 5

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi Wouter,

Check the below link for the more information.

http://www.cisco.com/en/US/prod/collateral/ps7060/ps11305/ps11315/ps11337/data_sheet_c78-697075.html

It gives answer to some of your questions, like which is the best place to install the VCS-SP in network.

Normally we have seen lot of cusotmers put the box in DMZ and use for making outgoing and incoming calls both.

Although the deployment is specifically depends on once network design and requirement.

Also check the deployment guide for VCS starter pack.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Expressway_Starter_Pack_Deployment_Guide_X7-1.pdf

it has given some of the port information, and also check the port usage document at below link.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_IP_Port_Usage_for_Firewall_Traversal_Deployment_Guide_X4_to_X7.pdf

and answering to your last questions, yes its possible to receive the video call from the endpoint not registered locally to VCS-SP but then you require the DNS SRV records for your video domain or you need to call using VCS-SP ip-address.

DNS srv is preferable method.

Thanks

Alok

Haydn von Imhof
Level 4
Level 4

Hi Wouter

I addition to what Alok said..

A great guide to read is the Cisco TelePresence Video Communication Server Basic Configuration Cisco VCS Control with Cisco VCS Expressway Deployment Guide (X7.1) guide.

The VCS Expressway SP guide does not give a lot of information.

I would say the best location is in the DMZ.

Firewall configuration would need to be done on both the internal and external firewalls.

Is is possible with the VCSe SP to receive video calls from not (locally) registred endpoints? (For example: a E20 from another company) If so, do we need to open up more ports on the firewall?

Yes this will be possible. Only the ports in the quide should need to be configured.

Hi Guys,

Thank you for assisting me so quickly! And I'm sorry  for the late response I've installed the VCS starter pack and registred  some MOVI clients. I can register from the local LAN and on the  internet. Calls go through perfectly. There is only one issue left. I  have configured a DNS zone with a DNS search rule and added 2 public DNS  servers. But when I try to call my collegue (external SIP URI) the call  doesn't go through. The search history shows this:

  • SearchRule (2)

Name: DNS Zone Search Rule

Zone (1)

Name: DNSZone

Type: DNS

Protocol: SIP

Found: False

Reason: Resolution failed

Gatekeeper (1)

Alias (1)

Type: Url

Origin: Unknown

Value: name@domain.com

Zone (2)

Name: DNSZone

Type: DNS

Protocol: H323

Found: False

Reason: Request timeout

Gatekeeper (1)

Alias (1)

Type: Url

Origin: Unknown

Value: name@domain.com

I think it's weird that it doesn't resolve anything because the DNS lookup tool in VCS can resolve external domains.

Is there anything else that needs to be configured?

Thank you in advance!!

Hi Wouter,

The domain where you are calling has srv records created??? you should have srv records created for remote domain ?

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Basic_Configuration_Cisco_VCS_Control_with_Cisco_VCS_Expressway_Deployment_Guide_X7-1.pdf

Page 53 onwards.

Thanks

Alok

Hi Alok,

I figured out what the issue is. Currently the firewall is configured for SIP calls only and the domain I was trying to call has only a H323 srv record.  Dialing my Jabber account works perfectly.

I will ask the client to configure the H323 ports as well. Thank you so much for your support!

Thanks,

Wouter

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: