07-19-2017 01:12 AM - edited 03-18-2019 01:18 PM
In our existing sytem we have MCU, TCS 5.5 ,VCS-C and C20&SX20 Endpoints. Now we want to replace MCU with CMS, Since its my first deployment i need few clarification on this:
1) I need to create a Zone between CUCM and CMS , is it right ?
2) Create a Rendezvous escaltion between vcs and CMS?
3) I need to how the recording is happening in TCS Server in existing setup ?
4) In the new setup do i need to configure anything for CMS on recording ?
5) I am plan to use default certifcate ?
6) Customer dont have AD , will it be a issue?
7) How to configure Meeting APP with local user configuring CMS?
08-02-2017 11:44 PM
Thanks Prasad,
We are using internally.. As i mentioned you earlier we dont have Microsoft certificate authority in premises. So can we do self signed certificate.
08-02-2017 11:57 PM
So to make the app work you need to have XMPP server and Call Bridge.
The self-signed certificate is only recommended in the LAB environment and not in production.
But if you still want to go ahead with this you can only use this for call-bridge and not for XMPP.
[As per cisco the self-signed certificates can be used for Web Admin, for trunk/Load Balancer, and mutual authentication between the Call Bridge and Web Bridge. I have only used this for Call Bridge and Web Bridge integration in our lab.]
I will be happy if you can generate a self-signed certificate for the XMPP, but not sure how you going to mention the CN and all? If you are able to generate the same do let me know the procedure for my understanding.
08-03-2017 12:05 AM
Below is the configuration made for on premises my CMS 1000
pki selfsigned webadmin".
webadmin certs webadmin.key webadmin.crt
webadmin listen a 443
webadmin restart
webadmin enable
webadmin disable
webadmin listen a 445
webadmin enable
--------------------------------------------
pki selfsigned callbridge
callbridge certs callbridge.key callbridge.crt
callbridge listen a------------>WHAT PORT NEEDS to GIVE?
callbridge restart
---------------------------------
xmpp listen a b----------->WHAT PORT NEEDS to GIVE?
------------------------
Do i need to signed certificate for all services?
08-03-2017 12:43 AM
Your web bridge for WebRTC will work with a self signed cwertificate, but for cisco meeting app u need to have minimum internal signed certificate or CA sighned certificate.
I will recomend to have signalling traffic on one interface and media traffic on another.
So Web bridge and XMPP is for signalling so have them on interface b.
and Call bridge will be handeling the media traffic so have it on interface a.
08-03-2017 12:57 AM
Dear Prasad,
I created Pki csr commoncore CN:mil.ae SubjectAltName:cms.mil.ae
I am going to use same commoncore certificate for following services.
b. Web Bridge
c. XMPP
d. Web Admin
I seen in doccument we need to use seperate certifcate for call bridge?
Will it work if i use common certificate?
08-03-2017 03:27 AM
will check and update ni some time
08-03-2017 04:36 AM
Dear Prasad,
I installed the Microsft Certificate server, Reconfigured all the services: Please find the below configuration:
Webadmin:
CMS-JCSC> webadmin
Enabled : true
TLS listening interface : a
TLS listening port : 443
Key file : commoncore1.key
Certificate file : commoncore1.cer
CA Bundle file : CA.cer
HTTP redirect : Enabled
STATUS : webadmin running
-----------------------------------------------------------------
Webbridge:
CMS-JCSC> webbridge
Enabled : true
Interface whitelist : b:443
Key file : commoncore1.key
Certificate file : commoncore1.cer
CA Bundle file : CA.cer
Trust bundle : commoncore.cer
HTTP redirect : Disabled
Clickonce URL : none
MSI download URL : none
DMG download URL : none
iOS download URL : none
------------------------------------------------------
CMS-JCSC> callbridge
Listening interfaces : a
Preferred interface : none
Key file : commoncore1.key
Certificate file : commoncore1.cer
Address : none
CA Bundle file : CA.cer
-----------------------------------------------
CMS-JCSC> xmpp
Enabled : true
Clustered : false
Domain : jcsc.dir
Listening interfaces : a
Key file : commoncore1.key
Certificate file : commoncore1.cer
CA Bundle file : CA.cer
Max sessions per user : unlimited
STATUS : XMPP server running
-------------------------------------------------
08-04-2017 04:59 AM
Hi Siva,
Please refer below discussion for recording.
https://supportforums.cisco.com/discussion/11523701/scheduling-recorded-conference-tms
I will still suggest to use a recording server solution of CMS.
08-05-2017 11:41 PM
Dear Prasad,
Recording we keep as it is there is no change. On refeerence to above configuration do i need required anything addtional configuration for Meeting App internally?
08-06-2017 10:59 PM
this seems to be fine if you have any queriy or issue do let me know so we can work on it .
08-06-2017 11:31 PM
Sure Prasad.. Currently i am doing some work around for recording.. Soon i will post the updates..
08-07-2017 05:19 AM
Webbridge listen <interface name> <a>
The Web Bridge can listen on multiple interfaces, e.g. one on public IP and one on the internal network. (However, it cannot listen on more than one port on the same interface.) The following is an example where interfaces are set to interface A and B, both using port 443
Webbridge listen a:443 b:443
In your case you can use one interface to listen on internal traffic.
To add the Call Bridge certificate to the Web Bridge trust store:
webbridge trust <callbridgecert|cert-bundle> <callbridge cert>
cms>webbridge disable
cms>webbridge trust callbridge.crt
cms>webbridge enable
SUCCESS: Key and certificate pair match
SUCCESS: webbridge enabled
Enabled : true
Interface whitelist : a:443
Key file : webbridge.key
Certificate file : webbridge.crt
Trust bundle : callbridge.crt
HTTP redirect : Enabled
If you only want to use the browse u don’t have to use the redirect command to download the app.
https://www.cisco.com/c/dam/en/us/td/docs/conferencing/ciscoMeetingServer/Deployment_Guide/Version-2-2/Cisco-Meeting-Server-2-2-Single-Combined-Server-Deployment.pdf
08-07-2017 11:31 PM
Dear Prasad,
Thanks lot,
I configured Webbridge, but when in CMS GUI guest account:https://join.jcsc.dir
,Guest account JID DOMIN:Jcsc.dir and required parameter allowed.My question do i need to create A record resolving CMS IP for
guest account:https://join.jcsc.dir
08-08-2017 03:08 AM
The URL should resolve the CMS IP.
is the webRTC is working or you are geeting any error message?
08-07-2017 02:28 AM
Dear Prasad,
Can u suggest me on reference to above configuration. I needs to enable webrtc.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide