I have just now deloyment CUCM , UNITY CONNECTION AND CUPS with the following versions:
System version: 220.127.116.1100-5 - CUCM
System version: 18.104.22.16800-5 - CUPS
I have configured Jabber which is working internally perfectly. For using Jabber outside network is creating confusion for me. Some experts are saying configure Anyconnect VPN on firewall and start using Jabber from outside but i don't to deployment like this. Again through this forum i got to know about cisco expressway E/C which collobarate without using VPN.
I have again confused as i am not fimiliar about this application. some expert adviced me its a recommended solution from cisco therefore i want to follow this path. My aim is to use Jabber without VPN from outside but should be secure. Is it free application if someone using the above versions of cucm and cups.
One more thing , someone saying use VCS so what is the difference between VCS AND CISCO EXPRESSWAY E/C.
Please advice me step by step configuration procedure to acheive my aim. I will be very grateful for you experts forever. waiting for your help.
VCS Control is intended to be used on your internal network, while a VCS Expressway is normally placed somewhere outside your internal network so that parties from public networks such as the Internet can reach your internal video devices and resources. In a normal setup the VCS Expressway will be placed outside your local network/router, with a public IP address, although it can also be placed on the inside if you purchase the dual network interfaces option key and configure 1:1 static NAT in your NAT firewall and on the Expressway itself.
I think I know what you are asking and at times the way some of the TelePresence products are named and marketed is beyond confusing.
VCS is a solution that was basically brought on as part of the Tandberg purchase, and it was a great solution for Video TeleConferencing as it allowed Video endpoints to securely communicate over the internet without requiring NAT rules for every endpoint.
In a basic layout, the VCSc sat inside the corporate LAN and made a single outbound connection to the VCSe that resided either in the DMZ or the public internet. Internal devices registered to the VCSc, and when they made calls, it essentially gets trunked through the VCSc to the VCSe and we all of a sudden dont need firewall rules for everyone!
This created a trunk that would allow all internal devices to reach the outside world without the need for NAT on each internal device. The VCSc/VCSe solution is a gatekeeper, gateway, interworking (H323/SIP), and firewall traversal solution that allowed numerous devices with private IP addresses to reach the outside world using a "single" firewall rule and public IP address... And also inbound from the outside world to the inside only using a single IP/DNS name utilizing either H323 IDs or Sip URIs... Good stuff.
Fast forward, Cisco bought tandberg and started integrating this standalone solution with their video infrastructure as well as endpoints, and eventually allowed you to connect it to CUCM via a SIP trunk. This was cool but lacked functionality in some ways. Basically it was like connecting CUCM to a PBX and you had to more or less have separate dial plans, and they were separate systems.
Fast forward again (but were skipping some stuff that happened in the middle). the "Cisco Expressway" solution (also referred to as "collaboration edge"), utilizes the same devices as well as concepts of having two devices (Expressway and Control, much like VCSe and VCSc, notice the simlarity) to create a secure tunnel between an internal LAN server and a DMZ/Public server, and then allow outside devices to utilize that tunnel for CUCM registration, without the need to create firewall rules for every imaginable public IP address, or allow all into CUCM IP.
The Collaboration Edge or "Cisco Expressway" solution is essentially the same thing as the VCSc VCSe, but is aimed at only CUCM registration kind of.... It is a VPNless trunk into your internal CUCM that clients can register to. It is not fully functional yet and only supports Jabber clients and TC endpoints (EX, MX, and C to my knowledge). But it's gonna be cool once they get it straight. It's just not quite there yet.
Once cisco reaches across-the-board feature parity as well as allows all devices to register, it will be a bit of a game changer in my opinion.
Hope this helped!
Addendum, VCS and "Cisco Expressway" are essentially the same hardware/software. I recently turned a "VCSe" and "VCSc" into a "Cisco Expressway" and "Cisco Control". It is the same thing but only truly differentiated by licesning/configuration/capabilities. The difference in capabilities as that "Cisco Expressway/Control" is designed for cisco devices only (Jabber, CTS Endpoints, IP Phones) and VCS is more 3rd party interoperable and does not support native CUCM registration, however all of this is arguable as they haven't hardened the designs yet, but that is the intent as I have received it.
Also, get yourself to 9.1.2 at least if you intend to use the Cisco Expressway. It does not operate well with 9.1.1 in certain configurations. Or hold off for CUCM 10.5 and VCS x8.2 if you have the patience. There are several improvements there from what I have heard.
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: firstname.lastname@example.org Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...