05-01-2012 09:43 AM - edited 03-07-2019 06:26 AM
Community,
We are looking to get started with our first ASR, to support a pair of Webex Node spa modules.
We believe our config for the service interfaces are correct,, but we are confused in regards to actually getting the services interfaces to communicate through the shared ethernet port adapter..
We tried to assign the ip address to the shared gig interface, however you can't assign the same IP's to the SPA's,, which sorta throws our config for a loop.
Anyone have any explanations of how this works?
Thanks in advance!
05-01-2012 09:44 AM
Sample config:
interface Service-Engine0/0/0
ip address 192.168.1.42 255.255.255.0
ip nat inside
ip virtual-reassembly
shutdown
service-engine ip address 192.168.1.43 255.255.255.0
service-engine default-gateway 192.168.1.42
service-engine nameserver 192.168.1.95 192.168.1.60
service-engine hostname wbxnode-mtg shared.com
!
interface Service-Engine0/1/0
ip address 192.168.1.44 255.255.255.0
ip nat inside
ip virtual-reassembly
shutdown
service-engine ip address 192.168.1.45 255.255.255.0
service-engine default-gateway 192.168.1.44
service-engine nameserver 192.168.1.95 192.168.1.60
service-engine hostname wbxnode-av shared.com
!
interface GigabitEthernet1/0/0
description Primary Ethernet Interface for WebEx Node
no ip address
negotiation auto
interface Service-Engine0/0/0
ip address 192.168.1.42 255.255.255.0
ip nat inside
ip virtual-reassembly
shutdown
service-engine ip address 192.168.1.43 255.255.255.0
service-engine default-gateway 192.168.1.42
service-engine nameserver 192.168.1.95 192.168.1.60
service-engine hostname wbxnode-mtg shared.com
!
interface Service-Engine0/1/0
ip address 192.168.1.44 255.255.255.0
ip nat inside
ip virtual-reassembly
shutdown
service-engine ip address 192.168.1.45 255.255.255.0
service-engine default-gateway 192.168.1.44
service-engine nameserver 192.168.1.95 192.168.1.60
service-engine hostname wbxnode-av shared.com
!
interface GigabitEthernet1/0/0
description Primary Ethernet Interface for WebEx Node
no ip address
negotiation auto
09-20-2012 02:25 PM
Jacob,
Did you ever finalize a working config? Can you per haps send me or post the sample config and perhaps even a diagram? I am going to be implementing 2 ASR1002's with WebEx nodes. Any help would be greatly appreciated!
Thanks,
Andrew
09-21-2012 04:26 AM
Sure,
It's working well. I wouldn't recommend the internal NAT configuration on the router as shown above for what ever reason we had nothing but headaches with it.
interface Service-Engine0/0/0
description WebEx Node - Meeting Mode
ip address 192.168.10.5 255.255.255.252
ip virtual-reassembly
service-engine ip address 192.168.10.6 255.255.255.252
service-engine default-gateway 192.168.10.5
service-engine nameserver 192.168.100.95 192.168.100.60
service-engine hostname wbxnode-mtg internal.corp
service-engine wma-url https://wma.webex.com/wmams
service-engine wma-token xxxx-xxxx-xxxx-xxxx
service-engine wma-passcode mtg_wbxnode-mtg 12345678910111213
!
interface Service-Engine0/1/0
description WebEx Node - A-V Mode
ip address 192.168.10.9 255.255.255.252
ip virtual-reassembly
service-engine ip address 192.168.10.10 255.255.255.252
service-engine default-gateway 192.168.10.9
service-engine nameserver 192.168.100.95 192.168.100.60
service-engine hostname wbxnode-av internal.corp
service-engine wma-url https://wma.webex.com/wmams
service-engine wma-token xxxx-xxxx-xxxx-xxxx
service-engine wma-passcode Audio_wbxnode-av 12345678910111213
interface GigabitEthernet1/0/0
description Primary Ethernet Interface for WebEx Node
ip address 192.168.9.40 255.255.255.0
ip flow ingress
ip flow egress
ip virtual-reassembly
media-type rj45
negotiation auto
cdp enable
ip route 0.0.0.0 0.0.0.0 192.168.9.1
Few extra thoughts:
1) Make sure you give each node an A record on the internal dns domain (your clients will use this to resolve the nodes)
2) Get your webex account team to create your login for the webex node management portal - this has your node config info and monitoring for the node
3) Make sure your node is running this code or higher.. the version ours shipped with was not compatible with the newer version of webex... asr1000rp1-sipspawmak9.03.06.00.S.152-2.S.pkg
4) If you have a netflow collector.. point the ASR's LAN interfaces netflow to them.. this is really useful to ensure you are saving bandwidth.
Hope it helps!
09-24-2012 08:03 AM
That does help I have one more quick clarifcation if you don't mind. I didn't really understand the reason to NAT per the guide in the first place... I am trying to understand does the device need and external IP associated to it or an external DNS? I was thinking if it did I would just perform that translation at the firewall, but from your example it sounds like it may not even need one. We bought two ASR 1002s instead of the 1004 with two nodes because the cost was about the same and are thought was if we ever needed to add another we could just add another appliance.
So again what I am trying to understand is when you register with webex it looks like you have to specify a hostname and what I am trying to understand is that just something that is given to the cilent for internal dns or does cisco webex actually try to resolve that name externally. I think if I get this clarified I am ready to go!
Thanks,
Andrew
09-24-2012 08:12 AM
You could probably deploy it so it's internet accessible if you wanted all of your external folks to be able to use it. We don't want that situation, so no you don't have to give it an external ip address, just let your firewall handle the outbound like any other host would. Other than a deploy that requires external connectivity for your webex hosts.. I can't see a reason to nat.
The important thing is that your internal hosts can see the internal dns name you gave to each of the spa modules. The webex servers don't need to see it, the node itself will connect out to the webex servers to do that communication. No Outside-In rules neccessary.
10-30-2012 01:48 PM
Jacob,
Question for you? How did you get your webex node registered? Did you get access to the site wma.webex.com like the instructions say or did cisco or a vendor have to register the node for you? We purchased through a vendor and I am having a heck of a time trying to get access to that site per the instructions and I was curious what your experience was?
Thanks,
Andrew
10-31-2012 05:00 AM
Andrew,
You'll probably have to go through your Webex account team, or contact your local Cisco sales team. Either should be able to start the provisioning process for you. Initially we recieved the registration codes from the Webex Account team, however the wma portal does contain the information as well. You might get lucky by contacting Webex support and see if they can setup your accounts for you, they do support the WMA.
Hope that helps.
Jake
12-04-2012 08:13 AM
Dear Jacob,
Do you know email address for Webex Account Team, are there email like license@cisco.com which responsible for license.
Regard
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide