cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
853
Views
0
Helpful
4
Replies

Expressway cluster with 3 port FW DMZ deployment

ripcisco
Level 1
Level 1

Hi,

We currently have a single Expressway C & E with the E deployed behind an ASA as per 3-Port FW DMZ with Single VCS Expressway LAN Interface (http://www.cisco.com/c/en/us/support/docs/unified-communications/expressway/118992-configure-nat-00.html#anc6) so the E has a DMZ IP address and uses only a single LAN port.

We need to deploy a new pair of C & E as a cluster for resilience.

My question is whether the cluster can be set up using the single LAN 1 DMZ IP address or whether we need to enable the LAN2 and connect this inside the network for the cluster communication. This is a Layer 2 deployment so if a second connection is required the E could have an IP Address for clustering on the same VLAN as the primary E.

Many thanks

Paul

2 Accepted Solutions

Accepted Solutions

Jonathan Schulenberg
Hall of Fame
Hall of Fame

For Expressway-E: yes, you must enable the LAN 2 interface. You will also have to make LAN 2 your public-facing address since only LAN 1 can be used for clustering. LAN 1 cannot have NAT enabled on it when there is a cluster. This is documented in the Cisco Expressway Cluster Creation and Maintenance Deployment Guide (page nine). Don't forget that that LAN 1 and LAN 2 must be in separate subnets so you can't just create a second host IPv4 address in your existing DMZ subnet.

View solution in original post

Expressway-C must be a separate cluster than Expressway-E. They serve distinctly different roles and the cluster is a way of increasing capacity and resiliency of a specific role. They do not share the same architecture/design constructs as CUCM.

View solution in original post

4 Replies 4

Jonathan Schulenberg
Hall of Fame
Hall of Fame

For Expressway-E: yes, you must enable the LAN 2 interface. You will also have to make LAN 2 your public-facing address since only LAN 1 can be used for clustering. LAN 1 cannot have NAT enabled on it when there is a cluster. This is documented in the Cisco Expressway Cluster Creation and Maintenance Deployment Guide (page nine). Don't forget that that LAN 1 and LAN 2 must be in separate subnets so you can't just create a second host IPv4 address in your existing DMZ subnet.

Thanks for the confirmation Jonathan. I read the guide and there was no *specific* mention of the 3 port dmz configuration so I didn't want to make any assumptions. Similarly the guide just mentions an expressway cluster but can you confirm if a cluster can consist of e's and c's together (ie. all 4 expressways) or is it necessary to create two clusters - one for the e's and one for the c's ?

Thanks again.

Expressway-C must be a separate cluster than Expressway-E. They serve distinctly different roles and the cluster is a way of increasing capacity and resiliency of a specific role. They do not share the same architecture/design constructs as CUCM.

Thanks for your assistance as always.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: