Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6480
Views
0
Helpful
7
Replies

Cisco CMS Turn Server configuration

Go to solution
Tawat Kittivanichayakul
Level 1
Level 1

‎05-11-2017 12:03 PM - edited ‎03-18-2019 01:06 PM

Hi all ,

i'm trying to setup a lap with Cisco CMS and right now i'm stuck with the turn server configuration , here is a scenario

CMS Server with single deployment 

int a , 192.168.0.1

int b , 10.0.0.1

guest account URI both from inside and outside will be use " https://join.test.com " which i put this URI in " Guest account client URI " and " Web Bridge URI " on webadmin page.

callbridge , xmpp and webbridge are enable and working fine from inside.

right now what i'm stuck is a turn server i look at document and configure accordingly , this is what i did.

- turn credentials turn cisco test.com

- for certification i use selfsigned cert the same that callbridge use.

- turn listen on port b with 443 

- on webadmin page i configure " Turn server address (CMS) " using ip 10.0.0.1 

- leave CMA to blank since in the test environment i want to use 10.0.0.1 as public ip address

- username and password use the same that i configure in command line

right now i configure dns to solve https://join.test.com to 10.0.0.1 and try browsing with URI and it show only blank page and when i browse with ip address ( 10.0.0.1 ) it's said something like i'm unable to reach that page.

would anyone had any experience troubleshooting these kind of problems ? or any suggestion would a big help for me. 

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Stephen Carr
Level 1
Level 1
In response to Tawat Kittivanichayakul

‎05-15-2017 09:32 AM

Either way will work but at one point I was chatting with Cisco support about other topics and asked their recommendation on this subject and they mentioned sticking with one interface for TURN and webbridge with a different port for the TURN TCP (447 for example) to keep it simpler.

Steve

View solution in original post

0 Helpful
7 Replies 7

Go to solution
Stephen Carr
Level 1
Level 1

‎05-11-2017 04:36 PM

what interface is the webbridge on? If you have the TURN server using 443 then it can't be on the same interface of the webbridge. You https://join.test.com is for the webbridge, the TURN server just comes into play to manage NAT\STUN\ICE type connectvity for the clients. Does that make sense?

Steve

0 Helpful

Go to solution
Tawat Kittivanichayakul
Level 1
Level 1
In response to Stephen Carr

‎05-11-2017 08:30 PM

Hi Stephen ,

Turn is on interface b so it wouldnt have a problem.

About turn server so the question is

from outside what ip address the URI join.test.com should resolve ? Turn ip or webbridge ip address ? And if in real depolyment which involve NAT what ip address i should map from outside to inside , is it webbridge ip or turn ip?

the same thing with h323 video call from outside should i call with ip address of callbridge or turn server ?

thanks

0 Helpful

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni
In response to Tawat Kittivanichayakul

‎05-11-2017 08:41 PM

join.test.com should resolve to the Web Bridge.

TURN and Web Bridge should be resolvable externally if you want external guests to connect.

0 Helpful

Go to solution
Tawat Kittivanichayakul
Level 1
Level 1
In response to Patrick Sparkman

‎05-11-2017 09:39 PM

Hi Patrick ,

So in real environment if i have NAT and want external endpoint to call to CMS Space and use web conference , could you verify my setting as below ?

External 

public ip : 1.1.1.1 NAT to inside IP address of webbridge

DNS should resolve https://join.test.com to 1.1.1.1

Internal

Turn server with IP 10.0.0.1 , webbridge IP : 192.168.0.1

DNS resolve https://join.test.com to 192.168.0.1

if this is correct when external endpoint call with h323 do they call with IP 1.1.1.1 to reach a space in Cisco CMS ? and if turn server is use a public ip such as 1.1.1.1 without NAT so which IP address should https://join.test.com resolve ?

Thank you 

0 Helpful

Go to solution
Patrick Sparkman
VIP Alumni
VIP Alumni
In response to Tawat Kittivanichayakul

‎05-11-2017 11:04 PM

Endpoints will call the IP address that the Call Bridge is configured to use, or the SIP Edge if deployed, because you reference 1.1.1.1 for the Web Bridge and Call Bridge, I assume they're listening on the same interface.

As long as the Web Bridge and TURN both don't use the same 443 port, they can reside on the same interface, however if they are on separate interfaces, both will need to be accessible from the external network.

Take a look at the diagram in Chapter 2 of the CMS 2.1 SIngle Combined Deployment Guide, as well as the list of ports in Appendix B.

0 Helpful

Go to solution
Tawat Kittivanichayakul
Level 1
Level 1
In response to Patrick Sparkman

‎05-12-2017 01:12 AM

Hi Patrick ,

Thanks for help clarifying from what you just explain meaning that Turn server will operate on itself when there are conference call or web conference to CMS am i right ?

when user want to web conference or conference call from outside i need to NAT to Callbridge IP Address directly is it correct ?

so here the question , are there any different between using second interface for turn server or use the the first interface but different port in term of how user access to web conference or using endpoint call from external network.  

0 Helpful

Go to solution
Stephen Carr
Level 1
Level 1
In response to Tawat Kittivanichayakul

‎05-15-2017 09:32 AM

Either way will work but at one point I was chatting with Cisco support about other topics and asked their recommendation on this subject and they mentioned sticking with one interface for TURN and webbridge with a different port for the TURN TCP (447 for example) to keep it simpler.

Steve

0 Helpful
Customers Also Viewed These Support Documents