06-11-2014 04:57 AM - edited 03-19-2019 08:17 AM
Hi,
We are planning integration CUCM with Cisco expressway for VPN less Jabber.
But have few queries:
a) Can Cisco expressway E be implemented on stick in DMZ zone with static NAT with public IP.?
b) Is it must to have certification given by public authority as it communicates over TLS ?? (like VeriSign , Equifax etc)
c) What would be DNS entries on public and private DNS servers..?
(for eg: my domain name is siddu.com).
d) what field we need to change in jabber-config.xml fille in order to enable the MRA.?
Thanks in Advance....
... Siddu
06-11-2014 06:33 AM
Have you reviewed the configuration guides??
http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide/X8-1/Mobile-Remote-Access-via-VCS-Deployment-Guide-X8-1-1.pdf
I have it working with an internal CA, but then I would need to push the certs to all devices, you can avoid this by using a public CA.
Jabber 9.7 shouldn't need this, but if you see that it's necessary, add under policies
<RemoteAccess>ON</RemoteAccess>
06-11-2014 07:45 AM
Hi Jaime,
Thanks a lot for the details provided.
is it possible to disable the requirement of certificate for jabber calling from internet.?
We are not having any CA server and getting public CA would be difficult.
...Siddu
06-11-2014 07:48 AM
Absolutely NOT, we depend on the certificates from all components as this goes over secure channels. That's the whole point of this!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide