Presence and authentication policy
The Presence Server on VCS accepts presence PUBLISH messages only if they have already been
authenticated:
The authentication of presence messages by the VCS is controlled by the authentication policy setting on
n
the Default Subzone (or relevant alternative subzone) if the endpoint is registered (which is the usual case),
or by the authentication policy setting on the Default Zone if the endpoint is not registered.
The relevant Authentication policy must be set to either Check credentials or Treat as authenticated,
n
otherwise PUBLISH messages will fail, meaning that endpoints will not be able to publish their presence
status.
The following diagram shows the flow of presence messages from an endpoint to the Presence Server:
In each case, the VCS performs its authentication checking against the appropriate credential store,
according to whichever authentication methods are configured. Note that if the VCS is using the local
database, this will include any credentials supplied by TMS (in either TMS Agent legacy mode or TMS
Provisioning Extension mode).
Cisco VCS Administrator Guide (X7.2)
Device authentication
Page 108 of 498