I am a newbie to deploying the Cisco VCS infrastructure and I only rely on knowledge I have seein in documentations for my deployment.
I want to install a VCS Expressway without a dual network interface.
I am currently sampling two options through which I would get this done, please correct me if I am wrong
1) Give the VCSe an IP address on the LAN and NAT it to a public IP
2) Make the VCSe face the internet directly and assign a public IP to it.
Also I would appreciate if anyone can help with how I can permit ports on my firewall to satisfy any of this scenario as the deployment guide I have with me on references deployments with Dual NIC and a VCSe in a DMZ
Waiting to hear from you all.
If you configure NAT IP address on VCS-E, then you will require dual network interface option on VCS-E.
VCS-E must know own IP address to communicate remote device therefore when deploy with NAT configuration, NAT address have to configured on VCS-E.
The dual network interface option enable NAT configuration (even just using single Ethernet port on VCS-E) and also enable 2nd Ethernet port on VCS-E.
Thank you for your response, however, I do not have the dual network interface option key installed. Since doing a NAT without this option key is not possible like you advised then I guess it would be right to assume that giving the VCSe a public IP would be the best option.
Yes, if you don’t have dual network interface option key, then you will need to configure public IP address on VCS-E.
However please carefully read through http://www.cisco.com/en/US/partner/docs/telepresence/infrastructure/articles/vcs_benefits_placing_expressway_dmz_not_public_internet_kb_196.shtml.
Also you should configure firewall rules on VCS-E to minimize/lockdown remote accessibility from wide range of network.
For firewall rules feature and configuration, please refer page 22-33 of https://supportforums.cisco.com/docs/DOC-26316
For firewall ports requirement, this is very depend on call scenario.
Please refer to http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_IP_Port_Usage_for_Firewall_Traversal_Deployment_Guide_X7-2.pdf for more detail ports requirement on each scenario.
For VCS-E basic configuration and few deployment example, please refer to http://www.cisco.com/en/US/docs/telepresence/infrastructure/vcs/config_guide/Cisco_VCS_Basic_Configuration_Cisco_VCS_Control_with_Cisco_VCS_Expressway_Deployment_Guide_X7-1.pdf