cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4046
Views
35
Helpful
11
Replies

VCS Expressway Cluster use 1 public IP with Loadbalancer?

gfolens
Enthusiast
Enthusiast

If you build a VCS Expressway cluster with static NAT you normally would need 2 public IP addresses, one for each VCS-E.

Is it also possible to use 1 public IP address instead and use a load balancer to send connection requests to each VCS-E?

                                                       /-> VCS-E-1

SRV  -> public IP -> load balancer

                                                       \-> VCS-E-2

I could not find this in the available doc.

If yes, will Cisco support this type of configuration?

rgds, Geert.

11 Replies 11

gubadman
Participant
Participant

No. Each peer should have it's own public address.

Thanks,

Guy

Paulo Souza
Rising star
Rising star

Hi,

In addition to what Guy said, to give you more details, that is not possible because of a design matter. When using NAT with VCSe, you must to configure the NAT address on VCS configuration. This NAT address will be used in SIP and H323 headers when VCS is connecting to internet. And that is the point, when VCSe makes an outbound connection, the firewall should do a NAT using the same external address configured on the VCSe, otherwise the connection wont work. Therefore, to have 1 to 1 NAT, you must to have one IP address for each VCS Expressway, because it is impossible to have 1 to 1 NAT with 2 different sources.

You see? I guess this is the point your are missing, you are considering only inbound connectinos, however, you should also consider outbound connections, that is the main point here.

Go ahead and get 2 IP addresses.  =)

Regards

Paulo Souza

Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Paulo Souza Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Hello all,

I chase up this case.

I'd know if it's always necessary to have 1 ip public address by Expressway-E.

I have a deployment where the customer has 1 ip address public for 2 Expressway-E.

 

The actions will be to use NAT in FW to forward packets to both IP external Expressway-E.

 

SRV -> 1 IP address public -> Fiwerall (NAT) -> both IP addresses.

On Expressway-E, it seems possible to enable/disable IPv4 static NAT mode on the LAN2.

 

Thank you.

 

Christophe.

Hi!,

 

This is not supported and will cause more problems than it solves.

 

Mostly with media, the expressway advertises its NAT address (if it has one) on the payload (Invite and 200ok) for the far end to know where to send the media, if no NAT address is configured the expressway will advertise a private IP, in this case media will not get there since the far end wont know that IP.

 

If you configure the same NAT address on both using a load balance, the media might get to the other server which is not expecting the media as it does not know the call so the media will be dropped.

 

The expressways need to know it public address and it needs to be an individual IP per server, 1:1 NAT.

 

Hope this helps.

It's clear! That confirmed the previous information.

Thank you for that.

 

Christophe.

Sanjay_555_07
Beginner
Beginner
Dear Geert,

Did you managed to deploy this successful at your premise kindly share us your thought to implement Expressway E and C with F5 Load balancer as we have the same kind of deployment.


Is is possible to deploy Expressway E Primary and Secondary with one public IP Address ? My question is the same as My deployment is same like you.

Below is the attached like same as your deployment, but with Expressway E1 & E2


Is it possible to use 1 public IP address instead and use a load balancer to send connection requests to each Expressway-E1?

/-> Expressway-E-1

SRV -> public IP -> load balancer

\-> Expressway-E-2





Regards,
Sanjay


@Sanjay_555_07 wrote:
Is is possible to deploy Expressway E Primary and Secondary with one public IP Address ? 

If you read the replies in the thread, they already answer that question.   The answer is No, it is not supported, and may cause you more issues than getting a second public IP address.

Wayne
--
Please remember to mark helpful responses and to set your question as answered if appropriate.

Hi,

Can you please provide a supporting document to show customer.

Thanks in Advance

Use Google to search for this. I’m sure it will take you all but a minute to find it.



Response Signature


 +5 Roger 🙂

Please rate all useful posts
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers