01-20-2014 07:40 AM - edited 03-18-2019 02:27 AM
If you build a VCS Expressway cluster with static NAT you normally would need 2 public IP addresses, one for each VCS-E.
Is it also possible to use 1 public IP address instead and use a load balancer to send connection requests to each VCS-E?
/-> VCS-E-1
SRV -> public IP -> load balancer
\-> VCS-E-2
I could not find this in the available doc.
If yes, will Cisco support this type of configuration?
rgds, Geert.
01-20-2014 07:42 AM
No. Each peer should have it's own public address.
Thanks,
Guy
01-20-2014 08:25 AM
Hi,
In addition to what Guy said, to give you more details, that is not possible because of a design matter. When using NAT with VCSe, you must to configure the NAT address on VCS configuration. This NAT address will be used in SIP and H323 headers when VCS is connecting to internet. And that is the point, when VCSe makes an outbound connection, the firewall should do a NAT using the same external address configured on the VCSe, otherwise the connection wont work. Therefore, to have 1 to 1 NAT, you must to have one IP address for each VCS Expressway, because it is impossible to have 1 to 1 NAT with 2 different sources.
You see? I guess this is the point your are missing, you are considering only inbound connectinos, however, you should also consider outbound connections, that is the main point here.
Go ahead and get 2 IP addresses. =)
Regards
Paulo Souza
Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".
06-13-2018 06:37 AM
Hello all,
I chase up this case.
I'd know if it's always necessary to have 1 ip public address by Expressway-E.
I have a deployment where the customer has 1 ip address public for 2 Expressway-E.
The actions will be to use NAT in FW to forward packets to both IP external Expressway-E.
SRV -> 1 IP address public -> Fiwerall (NAT) -> both IP addresses.
On Expressway-E, it seems possible to enable/disable IPv4 static NAT mode on the LAN2.
Thank you.
Christophe.
06-13-2018 10:35 AM
Hi!,
This is not supported and will cause more problems than it solves.
Mostly with media, the expressway advertises its NAT address (if it has one) on the payload (Invite and 200ok) for the far end to know where to send the media, if no NAT address is configured the expressway will advertise a private IP, in this case media will not get there since the far end wont know that IP.
If you configure the same NAT address on both using a load balance, the media might get to the other server which is not expecting the media as it does not know the call so the media will be dropped.
The expressways need to know it public address and it needs to be an individual IP per server, 1:1 NAT.
Hope this helps.
06-13-2018 11:49 PM
It's clear! That confirmed the previous information.
Thank you for that.
Christophe.
09-21-2019 11:10 PM
09-22-2019 08:58 PM
@Sanjay_555_07 wrote:
Is is possible to deploy Expressway E Primary and Secondary with one public IP Address ?
If you read the replies in the thread, they already answer that question. The answer is No, it is not supported, and may cause you more issues than getting a second public IP address.
Please remember to mark helpful responses and to set your question as answered if appropriate.
04-25-2020 12:30 AM
Hi,
Can you please provide a supporting document to show customer.
Thanks in Advance
04-25-2020 05:01 AM
Use Google to search for this. I’m sure it will take you all but a minute to find it.
04-25-2020 05:03 AM
04-26-2020 09:33 AM - edited 04-26-2020 09:34 AM
+5 Roger 🙂
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide