Vcs As A Firewall Traversal Server - Cisco TelePresence Administrator's Manual
Video communication server
Hide thumbs
Also See for TelePresence:
- Administrator's manual (498 pages) ,
- Manual (24 pages) ,
- Specifications (7 pages)
Table of Contents
Advertisement
Firewall traversal
You do this by adding a traversal client zone on the VCS client
configuring it with the details of the traversal server. See
information. You can create more than one traversal client zone if you want to connect to multiple traversal
servers.
Note that:
In most cases, you will use a VCS Control as a firewall traversal client. However, a VCS Expressway can
n
also act as a firewall traversal client.
The firewall traversal server used by the VCS client must be a VCS Expressway.
n
VCS as a firewall traversal server
The VCS Expressway has all the functionality of a VCS Control (including being able to act as a firewall
traversal client). However, its main feature is that it can act as a firewall traversal server for other Cisco
systems and any traversal-enabled endpoints that are registered directly to it. It can also provide TURN relay
services to ICE-enabled endpoints.
Configuring traversal server zones
For the VCS Expressway to act as a firewall traversal server for Cisco systems, you must create a traversal
server zone on the VCS Expressway
the traversal client. See
Configuring traversal server zones [p.146]
You must create a separate traversal server zone for every system that is its traversal client.
Configuring other traversal server features
For the VCS Expressway to act as a firewall traversal server for traversal-enabled endpoints (such as
n
Cisco MXP endpoints and any other endpoints that support the ITU H.460.18 and H.460.19 standards), no
additional configuration is required. See
[p.62]
for more information.
To enable TURN relay services and find out more about ICE, see
n
To reconfigure the default ports used by the VCS Expressway, see
n
[p.58].
Firewall traversal and Advanced Networking
The Advanced Networking option key enables the LAN 2 interface on the VCS Expressway (the option is not
available on a VCS Control). The LAN 2 interface is used in situations where the VCS Expressway is located
in a DMZ that consists of two separate networks - an inner DMZ and an outer DMZ - and your network is
configured to prevent direct communication between the two.
With the LAN 2 interface enabled, you can configure the VCS with two separate IP addresses, one for each
network in the DMZ. Your VCS then acts as a proxy server between the two networks, allowing calls to pass
between the internal and outer firewalls that make up your DMZ.
When Advanced Networking is enabled, all ports configured on the VCS, including those relating to firewall
traversal, apply to both IP addresses; you cannot configure ports separately for each IP address.
Cisco VCS Administrator Guide (X8.1.1)
(Configuration > Zones >
Configuring traversal client zones [p.144]
(Configuration > Zones >
Configuring Expressway and traversal endpoint communications
Zones) and configure it with the details of
for more information.
About ICE and TURN services
Configuring ports for firewall traversal
About firewall traversal
Zones) and
for more
[p.63].
Page 56 of 507
Advertisement
Table of Contents
