cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
910
Views
0
Helpful
3
Replies

VCS Expressway Private IP Address

John Faltys
Level 1
Level 1

I have a VCS Control and Express that seem to work properly with normal endpoints.

Also, Movi users can register from inside to the control without a problem.

I have the zones,etc. setup properly I believe.

What I am not sure about is

Control and Express have private IP addresses

Express has a 1:1 NAT from it's public address.

It does not have dual nic option.

Will this cause any problem for movi registration from the outside?

I do not even see the registration attempt in the event log.  I only see a subscribe.


Thanks

1 Accepted Solution

Accepted Solutions

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi John,

Yes, using a 1:1NAT with expressway you need a DUAL NIC option key. It will enable the option to configure the STATIC NAT address under IP Field configuration.

With this configuration expressway would come to know about the NAT address.

If you collect the logs then you would see the subscribe message however if you collect the wireshark trace or logs from MOVI/Jabber client you will see the jabber try to send the registration message to private ip-address of expressway and not the NAT'ed ip and then the registration will get failed.

to make the scenario working you need dual nic option key.

check the below link for more details.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Basic_Configuration_Cisco_VCS_Control_with_Cisco_VCS_Expressway_Deployment_Guide_X7-1.pdf

Appendix 4 on page no 59 has really good explanation.

Thanks

Alok

View solution in original post

3 Replies 3

Alok Jaiswal
Cisco Employee
Cisco Employee

Hi John,

Yes, using a 1:1NAT with expressway you need a DUAL NIC option key. It will enable the option to configure the STATIC NAT address under IP Field configuration.

With this configuration expressway would come to know about the NAT address.

If you collect the logs then you would see the subscribe message however if you collect the wireshark trace or logs from MOVI/Jabber client you will see the jabber try to send the registration message to private ip-address of expressway and not the NAT'ed ip and then the registration will get failed.

to make the scenario working you need dual nic option key.

check the below link for more details.

http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Basic_Configuration_Cisco_VCS_Control_with_Cisco_VCS_Expressway_Deployment_Guide_X7-1.pdf

Appendix 4 on page no 59 has really good explanation.

Thanks

Alok

Ok, that is what I thought, but looking at the wireshark, which I am capturing from the movi client machine

it looks like there is a bunch of packets going back and forth from my ip to the public ip.

I don't see the private address of the SIP server.  Is it within the packet?

Hi John,

Movi/Jabber registration i would say not a straight process, in initial subscribe messages you would see that VCS sends a 401 "un-authorized"or 407 message for "proxy authentication-required" depending on the deployment method you have for the jabber/movi authentication, followed by NOTIFY and then REGISTER.

Information related to provisioning is sent under xml data sent by provisioning server.

Thanks

Alok