cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9082
Views
40
Helpful
35
Replies

Ask the Expert: Plan, Design, and Implement Mobile Remote Access, the Cisco Collaboration Edge Architecture

ciscomoderator
Community Manager
Community Manager

Welcome to the Cisco® Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about planning, designing, and implementing mobile remote access (Cisco Collaboration Edge Architecture) with Cisco subject matter experts Aashish Jolly and Abhijit Anand.

Cisco Collaboration Edge Architecture is an architecture that provides VPN-less access of Cisco Unified Communications resources to Cisco Jabber® users. This discussion is dedicated to addressing questions about design best practices while implementing mobile remote access.

For more information, refer to the Unified Communications Mobile and Remote Access via Cisco VCS deployment guide. 

Aashish Jolly is a network consulting engineer who is currently serving as the Cisco Unified Communications consultant for the ExxonMobil Global account. Earlier at Cisco, he was part of the Cisco Technical Assistance Center (TAC), where he helped Cisco partners with installation, configuring, and troubleshooting Cisco Unified Communications products such as Cisco Unified Communications Manager and Manager Express, Cisco Unity® solutions, Cisco Unified Border Element, voice gateways and gatekeepers, and more. He has been associated with Cisco Unified Communications for more than seven years. He holds a bachelor of technology degree as well as Cisco CCIE® Voice (#18500), CCNP® Voice, and CCNA® certifications and VMware VCP5 and Red Hat RHCE certifications.

Abhijit Singh Anand is a network consulting engineer with the Cisco Advanced Services field delivery team in New Delhi. His current role involves designing, implementing, and optimizing large-scale collaboration solutions for enterprise and defense customers. He has also been an engineer at the Cisco TAC. Having worked on multiple technologies including wireless and LAN switching, he has been associated with Cisco Unified Communications technologies since 2006. He holds a master’s degree in computer applications and multiple certifications, including CCIE Voice (#19590), RHCE, and CWSP and CWNP.

Remember to use the rating system to let Aashish and Abhijit know if you have received an adequate response. 

Because of the volume expected during this event, our experts might not be able to answer every question. Remember that you can continue the conversation on the Cisco Support Community Collaboration, Voice and Video page, in the Jabber Clients subcommunity, shortly after the event. This event lasts through June 20, 2014. Visit this forum often to view responses to your questions and the questions of other Cisco Support Community members.

35 Replies 35

Hi guys,

thanks for giving us this opportunity to dig deeper into MRA feature! Here is my question: can you please elaborate or point to the right places where we can find more about three key capabilities that make MRA possible:

- XCP router for XMPP traffic

- HTTPS reverse proxy

- proxy SIP registrations

This info was part of the presentation I attended during Cisco Live event but never had a chance to hear anything more about "three key capabilities".

Thanks,

Tenaro

Hi Tenaro,

   I would like to know what specific details you're looking for those features as there aren't any documents that dig deep into the specifics of these features. Here's the ciscolive presentation - http://www.cisco.com/web/HR/ciscoconnect/2014/pdfs/20140403_cisco_connect_see_expressway.pdf

 

 

Regards,

Aashish

Thanks for providing the right link, I'm referring to the slide 13 in that presentation. Can you please explain what is XCP Router or what is the purpose of the "HTTPS Reverse proxy"? Are all "3 key capabilities" always necessary for MRA feature to work? What if we are using Jabber for Windows client in phone-only mode?

Can we compare yellow cylinder in that picture with the SSH tunnel that is mentioned in Expressway's GUI (under Status -> Unified Communications -> View ssh tunnel status)?

Is there are way to see separately status of every of these 3 key capabilities?

Thanks,

Tenaro

Hi Tenaro,

    I'll try and answer it to the best of my knowledge. There aren't any documents that provide details on the same.

 

XCP Router : This is required for XMPP routing of data to CUPS server. It routes XMPP data to the other active XCP services on Cisco Unified Presence.

 

HTTPS Reverse Proxy : This service helps communicating with CUCM & CUPS in the internal network and that is why a discovery of CUCM, CUPS is done on Exp-C. The internet communicates to Exp-E which is an element sitting in the DMZ, Exp-E has a secure traversal zone with Exp-C which has visibility of CUCM & CUPS internal servers. So it acts as a proxy for external Jabber clients. With that being said, the role of Reverse Proxy is limited to Collaboration Edge and is not a general purpose reverse proxy for other applications.

 

Proxy SIP Registrations : This is similar to HTTPS Reverse Proxy in the sense that this feature enables endpoints to register to CUCM.

 

All three are required for Collaboration Edge and there's no serviceability to disable either of the services.

For Jabber Phone-mode, I see no restriction on it not being supported with Collaboration Edge. For such a deployment, CUPS discovery won't be needed as Presence is not needed in Phone-mode.

 

HTH,

Aashish

Forgot to mention, the SSH tunnel is nothing but connection to Exp-E, so yes the yellow cylinder in Slide # 13 is depicting that tunnel.

 

Cheers!

Aashish

Hi,

 

just want to check, for expressway-e mra, support 3rd party reverse proxy deployment?

 

regards

charlie

Hello Both, Are we good to go with Jabber for guest to deploy for customers?.A separate server is required right?..Can you please provide specific design documents for Jabber guest..?

Great question,

I was told it should be supported with X8.1.1 but now I'm not sure anymore. Is it out yet or it will be part of X8.2? When can we expect X8..2?

Guys,

   Jabber Guest will be available from x8.2 and I'm checking internally to get an ETA on FCS.

 

 

Regards,

Aashish

Guys,

  VCS X8.2 should be out by next week.

 

 

Regards,

Aashish

I have two more questions, both related to licensing:

1. Let's imagine customer has CUCM 10.x and don't know anything about Expressway product line, but is currently using 100 Jabber for Windows clients together with the VPN clients. Can customer download/install/license/configure Expressway Core plus Edge and start using same 100 Jabber clients (and no VPN clients anymore) without ANY new costs?

2. Status Overview page in Exp-E (attached) is making distinction between Unified CM calls and RMS calls. Can you please explain the purpose of RMS call type: as far as I understand Expressway devices are not capable to register endpoints (that's the main difference when compared with VCS product line), instead EXP-C/E combination is tunneling Jabber clients through the firewalls so it can stay registered with the CUCM. Can you please explain then why should we buy RMS licenses if we have same scenario as in first question?

Thanks for all previous answers!

Hi Tenaro,

   For query 1, I would appreciate if you could reach out to your Cisco Sales Representative and discuss the same.

 

For query 2, Rich Media Session (RMS) licenses is optional for Expressway and is used only for Jabber Guest or B2B Video. If your deployment is for VPN-less Jabber, this license is not required and infact doesn't even come with regular Expressway licenses. Only Unified CM Calls section is used, if you make a call and view the status page, RMS should show 0 and Unified CM should show 1. I would suggest having a look at the Cisco Live Expressway slide deck and refer to slides 21, 22, 25 and 26.

https://www.ciscolive.com/online/connect/sessionDetail.ww?SESSION_ID=78766&backBtn=true

 

BRKUCC-2801 is the session

 

 

Regards,

Aashish

sean Riley
Level 4
Level 4

Does the Cisco Collaboration Edge Architecture offer High Availability?  We would want this to be available in a DR scenario so users could still tunnel in if the primary data center is offline.  Our future goal is to have our Publishers in our main datacenter with subscribers at our DR site.  We would have PRI access at both sites.  Just trying to figure out how Cisco Collaboration Edge Architecture plays into our DR.  Thanks.

Hi Sriley,

   Yes, Collab Edge does offer high availability. The scenario is very much possible. Please have a look at the following guides to

Cisco Expressway Cluster Creation and Maintenance Deployment Guide, Release X8.1.1

http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-1/Cisco-Expressway-Cluster-Creation-and-Maintenance-Deployment-Guide-X8-1-1.pdf

Hi,

I have a situation for MRA, where internal and external domains are different,

eg  :

internal domain is example.net  ( resolvable from intranet)

external domian is example.com ( resolvable only from internet)

 

Can you advice if there any specific  steps to be followed,  Attached the jabber error report

 

Regards

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: