Take a look at this blog post and let me know what you think.
Now that administrators will have a choice, when would you allow mobile workers to connect to their collaboration services from outside the firewall via a secure TLS-connection?
And when would you want them to connect via a layer 3 VPN client such as Cisco AnyConnect?
Are there situations where both are needed?
Cisco Collaboration Edge architecture is purely for collaboration endpoints such as TelePresence, Phones, Jabber, H.323/SIP endpoints, Jabber Guest. Ideally all collaboration endpoints will connect through Expressway.
You'll still need AnyConnect to connect into the corporate network to access IPv4 resources unless you have deployed a NAT64 tunneling solution.
Both are still needed to provide an "office chair" user experience.
Expressway is designed specifically not to need a VPN tunnel. You would set up a DNS with your Service Provider to point to your Expressway in the DMZ. As long as the device you are using to connect to the Expressway has access to the Internet it should be able to reach your Expressway and thus communicate with the internal devices on the other end.
That being said traditional endpoints, "phones," would still have to VPN into your internal network first because they would have to register with either CUCM or VCS. As jwarcop above has already stated Expressway is specifically for collaboration endpoints such as Jabber.
Srini and All,
Can you point me to a design document for end to end collaboration. Aim of this set-up is to allow Jabber client running on all the end user endpoints (iPAD,iPhone,Android device,LapTop, Samsung Glaxy Notebook) using which any enterprise user can use corporate infrastructure for inbound/outbound telephone calls, IM/Presence without using a separate VPN client or don't have to worry about installing a dedicated client for Audio/Video or IM/Presence.
The PoC set-up topology look like as stated below :
Jabber UNIFIED Client ----->Internet ---->Internet FW----->VCS_Expressway_8.1E----->Internal FW----->Application Segment(VCS-ExpresswayC) ----> CUCM Servers---->IPT Servers-----> Enterprise Phone/Video End points
Q) Looking towards clarity on Positioning of Expressway E , FQDN , DNS entry and clarity on call path in detail
Q) Clarity on Firewall port end to end. I was going through the document
"Cisco Expressway X8.1-D15066.01 December 2013" but not able to find out what will be the firewall rule for communication between VCS Expressway E and C?
If my question is a repeat then please point me to the right document.
Thanks for your kind attention.
See these links, these should help you out
Definitely on the roadmap for CY15 for 7800 and 8800 Series as a known priority item - but don't have timeline locked down from BU yet to offer at this point. BU working through those details.
9900 Series and 7900 Series - no discussions on either series that am aware of.