03-23-2016 02:05 AM - edited 03-18-2019 05:44 AM
Hi Everybody,
After gone through the config guide of Mobile access via Expressway
http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-7/Mobile-Remote-Access-via-Expressway-Deployment-Guide-X8-7.pdf
I come up with a question.
If jabber client on mobile phone is the only client from the Internet,
is it possible to establish a non-secure connection between CUCM and Expressway-C?
Thanks in advance
Sam
03-23-2016 02:10 AM
Hello,
Yes. You can use a non-secure connection between CUCM and Expressway-C.
It's work.
br Oleksandr
03-23-2016 02:32 AM
Hi Kikhil and Oleksandr
Thanks for the quick response
However, I can't find the document about the non-secure settings.
It only mentioned the secured setting (start at page 13).
Where can I find the non-secure document?
Thanks in advance
Sam
03-23-2016 06:29 AM
Hi Sam
I think, you cannot find the confirmation in manuals. But you can change TLS to TCP as mentioned Nickil.
br Oleksandr
03-24-2016 03:00 AM
Hi Oleksandr,
However, in VCS-E,
goto Configuration > Zones > Zones
When I select the type "Unified Communications traversal"
it requires the "TLS verify subject name" as the compulsary field
How can I make it not to TLS?
Should I avoid to use the type "Unified Communications traversal"?
just using
"Traversal Client" type on VCS-C , and
"Traversal Server" Type on VCS-E
and make them to use TCP only?
Thank you
Sam
03-29-2016 11:14 PM
Hi Sam,
The purpose of the Unified Communications Traversal zone is for the communication to be secure between the EXP-C and the EXP-E.
You can have a non-secure connection between CUCM and the EXP-C as mentioned by Nikhil and Oleksandr. However, for MRA you will need to use the Unified Communications Traversal zone type between EXP-C and EXP-E which will always be secure.
The other Traversal zone type is not meant for MRA, but rather for B2B and other types of calls.
You will need to sign and upload certificates to your EXP-C and EXP-E in order for the Unified Communications Traversal zone to come up properly. You will also need to upload the CA trust chain to each expressway server.
For more information of certificate creation and application you can refer to the "Cisco Expressway Certificate Creation and Use" guide.
http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-7/Cisco-Expressway-Certificate-Creation-and-Use-Deployment-Guide-X8-7.pdf
Please let us know if this helps.
03-24-2016 12:50 AM
Hi Sam,
I think thread below will help you:
https://supportforums.cisco.com/discussion/12918956/jabber-client-vcs-expressway-encryption-using-mra#comment-11244841
br Oleksandr
03-23-2016 02:26 AM
you can use TCP protocol instead of TLS while integrating Exp-C with CUCM for MRA.
BR,
Nikhil
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: