cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
9858
Views
10
Helpful
22
Replies

Jabber VDI over MRA

pvarenholt
Level 5
Level 5

we are currently using MRA for Jabber on mobile and desk phone at home.

Is the VDI version of Jabber supported to work over MRA (i.e. vpn-less)?

Thanks,

Paul.

22 Replies 22

Wouldn’t the VDI already run in the inside corporate network? So there shouldn’t be a need for it to use MRA.



Response Signature


Ryan Vermeys
Level 1
Level 1

It's supposed to as of version 12.6.0, but I haven't had any luck getting it to work.  The client piece I put on my home PC is looking for my internal CUCM ip, and isn't registering through the Expressways.

The client is just a virtual instance of the virtual desktop interface that would be running on the virtual environment at the data centre. The traffic would be soured from the virtual environment at the data centre, not from you computer at home. Sounds like the VDI environment in your DC don’t have access to the CUCM. Have you checked if there are any firewalls in the path and/or if there is layer 3 routing between the networks?



Response Signature


Your understanding of how the VDI applications work is not correct. In addition to the Jabber client, there is an agent that is installed on the virtual desktop and a client piece that is installed on the device connecting to it.  When the client is installed on a device that is outside the corporate network, it's supposed to use Expressway MRA to register to CUCM.

 

There are no firewalls between my VDI environment and CUCM.  Everything works except for the Softphone mode.

The documentation is accurate.

Hi Ryan,

 

Is your internal domain (CUCM domain) different from your external domain (Expressway-E domain)?

 

 

Yes, they are different.  ad.domain.com vs. domain.com.

Anthony Holloway
Cisco Employee
Cisco Employee
If you are installing the agent software on your host machine, then your host machine needs direct access to the UC servers. It will not do this via MRA. So either, like Roger was getting at, don't install the Agent and run 100% via the VDI, or dont run the VDI and run 100% MRA. You cannot have a hybrid VDI+MRA deployment like how you might be thinking.

MARK MALLALUE
Level 1
Level 1

As someone who uses this all day every day (and has done for quite a long time), I can say that it works well. I have been doing this on each version it is supported with.

 

If you have Jabber mobile and Jabber desktop working VPN-less through MRA, then it should be a piece of cake.

 

The environment I work in is Citrix, and I access my VDI session through a Citrix Netscaler.

Ensure Jabber for Windows and JVDI agent are the same version in the HVD.

Follow the installation instructions for JVDI Client on the personal device, ensuring that JVDI client is installed or re-installed after any change to the Citrix Receiver / Workspace client. This piece may require a reboot.

 

Connect your Citrix session and start Jabber inside your HVD, you will see that the Cisco JVDI client is running on your personal machine. One caveat is to ensure you are not running Jabber desktop on the personal machine as they will fight for control of the CSF device.

Hold up, so are you telling me you can "split tunnel" Jabber, where part of it, like registration is over the corporate network via VDI but then media is over MRA? Or how does this...what in the...can you give more details?

I don't like the term "split tunnel" for what it does as that implies something slightly different (at least to me) and involves VPNs. However, if you are not accessing your VDI session through a VPN, but through a Netscaler portal and are familiar with how the JVDI Agent/Client mechanism works, then the only difference when it is with MRA is that the phone signaling and media are handled through the Expressway, while chat and presence are done within the HVD. Media does not traverse the Citrix ICA channel (unless you are using the 12.8 VDI fallback feature).

 

HTH

A VPN is just encrypted traffic, and well, so is a TLS connection. Either way.

This is news to me, so thank you for sharing your real-world experience. You wouldn't happen to have a source to cite, would you?

I'm still not having any luck.  I'm running inside a Horizon View vdi PC, connecting through a UAG. When I try to switch to softphone mode, the client on my local pc (my home pc) is trying to connect to the IPs of my my pub and sub, which it can't.  I'm guessing I have something configured wrong somewhere.

 

MRA is working with mobile clients and remote phones.