cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
7884
Views
20
Helpful
25
Replies

Ask the Experts: Single Sign-On with Cisco WebEx Meetings Server, Internet Reverse Proxy, and Enterprise License Manager Solutions

ciscomoderator
Community Manager
Community Manager

Ask the Expert About Single Sign-On with Cisco WebEx Meetings Server, Internet Reverse Proxy, and Enterprise License Manager Solutions with Arun KumarWith Arun Kumar

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about Single Sign-On (SSO) with Cisco WebEx Meetings Server (Cisco WMS), Internet Reverse Proxy (IRP), and Enterprise License Manager (ELM) solutions.

SSO standards such as Security Assertion Markup Language (SAML) 2.0 provide secure mechanisms for passing credentials and related information between different websites that have their own authorization and authentication systems. SSO enables simplified user authentication and management.

IRP provides public access, enabling users to host or attend meetings from the Internet and mobile devices. Although IRP is optional, Cisco encourages its use because it provides a better user experience for your mobile workforce.

Example question topics include:

  • SSO profiles and SAML 2.0 Identity providers (IdPs) supported in Cisco WMS
  • Basic configuration of IdPs
  • Interaction between IdPs and Cisco WMS
  • Difference between the cloud client implementation and Cisco WMS
  • Meeting access behavior in a split-horizon network topology with SSO
  • How to enable public access to Cisco WMS
  • Cisco WMS ELM operations
  • Cisco WMS ELM compared to other unified communications ELM or standalone ELM and compatibility/inoperability between them

Arun Kumar is a team lead in the San Jose Conferencing Technical Assistance Center. He has over eight years of experience in conferencing technology and specializes in Cisco Unified Meeting Place Express and Cisco WebEx Meeting Server. He joined Cisco in 2010 as an escalation engineer for the Cisco Telepresence group. Before joining Cisco he worked for the UK's third-largest internet service provider Supanet on VoIP technology and the *Nix domain. Kumar holds a master of science degree in computer science from Sikkim Manipal University in India, and he holds CCIE (Voice) and VMware Certified Professional certifications.

Remember to use the rating system to let Arun know if you have received an adequate response.

Arun might not be able to answer each question because of the volume expected during this event. Remember that you can continue the conversation on the Collaboration, Voice, and Video community Other Subjects subcommunity shortly after the event. This event lasts through Monday May 17, 2013. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

25 Replies 25

alpepate
Cisco Employee
Cisco Employee

Product:  Cisco WebEx Meetings Server (CWMS)

Design: Split-Network with Public Access (IRP in the DMZ)

Are there any additional firewall ports that need to be accessed in order to add public access when adding IRP servers?  Another words, from the internal firewall, do the internal virtual machines (presumably Admin virtual machine) need to communicate to Public VIP in order to add the IRP servers successfully, outside of the firewall ports listed in the Planning Guide section: 

http://www.cisco.com/en/US/docs/collaboration/CWMS/1_1/b_planningGuide_chapter_011.html#reference_CB65D7FE4B3746DDAF1649884AD777CE

Thank You,

Alpesh Patel

Hi Alpesh,

Port list you mentioned are required to be opned on Public VIP of IRP to access from outside/external. If these ports are not opened external users will not be able to access CWMS user site url and other features like, not able to join/start any meeting, playback recording etc.

To add IRP from Admin node, we need to make sure below ports are opened:

Check section 'Port Access in the Internal Firewall' of

http://www.cisco.com/en/US/docs/collaboration/CWMS/1_1/b_planningGuide_chapter_011.html#reference_CB65D7FE4B3746DDAF1649884AD777CE

Please let me know if need any futher details.

Thanks, Arun

mr.arun
Level 1
Level 1

Is Jabber for Windows and Mac supported with CWMS?

Hi Arun,

Currently CWMS has support for Jabber for windows not MAC.

MAC support is on the roadmap.

Thanks, Arun

steven.mcmaster
Level 1
Level 1

Hi Arun.

Can you please provide a level of integration either currently possible or in the roadmap for;

VCS/VCSe integration

Direct SIP access via CME / IOS or standard based SIP 2.0 Trunk (ie without UCM)

Hi Steven,

Currently VCS/VCSE integration is not supported directly by CWMS and nor currently on roadmap too.

You can use these in combination with your CUCM.

Kindly check below link for Cisco WebEx Meetings Server Integration Matrix:

http://www.cisco.com/en/US/docs/collaboration/CWMS/1_1/b_System_Requirements_chapter_01.html

Please let me know if any other question.

Thanks, Arun

Mobile Service
Level 1
Level 1

Hi, Arun!

Could you please share a docs where to find more details regarding Jabber for Windows and CWMS integration - what servers do we need to use, configurations and etc.

Also, could you please share a docs regarding integration of CWMS with corporate directory using SAML.

Thanks a lot!

We really want to try this out -

"allowing you to escalate an IM chat to a full WebEx meeting from within the Jabber client".

Hello Mobile Service,

CWMS and Jabber integrations:

http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_1/JABW_BK_E4CC9599_00_environment-configuration-guide_chapter_01.html#JABW_TK_SF2ED5E1_00

In above link start from section: Set Up Cisco WebEx Meetings Server on Cisco Unified Presence

Conf-Server-Config.JPG

then move to section: Add Cisco WebEx Meetings Server to a Profile

Once done, move to section: Specify Conferencing Credentials in the Client side. You will see above server already listed there, just go ahead and enter your username and password (pleae make sure this user already exists on your CWMS) and accept any certificate/s if presented. Jabber Integration is done and you can start testing the same.

Attached CWMS - AFDS integration doc.

Please let me know if any furhter question.

Thanks, Arun

Arun, thank you very much for the doc!!

Regarding the Jabber and CWMS - sorry, my bad - didn't look till the end of the configuration guide.

Regarding the CWMS - i see that the doc is a part of CWMS configuration Lab - is it somehow possible to receive the full version of the document in order to catch all the tips and best practices from Cisco regarding configuring/monitoring/troubleshooting the CWMS?

Hello Mobile Service,

Sure, no problem.

You can get the full doc from:

http://www.cisco.com/web/learning/le36/learning_partner_e-learning_connection_tool_launch.html

Search for CWMS Gold Lab and there you will have option to download the same.

Thanks, Arun

Hello Mobile Service,

Just to add there are some more very good docs on partner community too:

https://communities.cisco.com/community/partner/collaboration/webex?view=documents

You will find them very useful from all prespective like pre-sales, BOM, sales ppt, tech doc etc.

Thanks, Arun

Mobile Service
Level 1
Level 1

thank you very much!

Mobile Service
Level 1
Level 1

Arun, i have another question:

is it possible to change the parameter

MAIL FROM:<

admin@gowebex.epam.com>,

by mistake i've placed a wrong e-mail address when the CWMS was installing.

I tried to change it in the

Settings->Email->Variables->From Name:

on the real e-mail address but it didn't help.

So now, as i'm not allowed to send from admin@gowebex.epam.com, i connot create new users/passwords for them.

Hello Mobile Service,

Try From Name with just domain name without admin like:

gowebex.epam.com not admin@

Also make sure your mail server is configured to allow realy from all your admin and web node VM's IP address.

Thanks, Arun

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: