Manual
Table Of Contents
- Preface
- Introduction
- Process Summary
- Prerequisites
- Run the Service Setup Wizard
- VCS System Configuration
- Routing Configuration
- Pre-search Transforms
- Search Rules
- Task 8: Configuring Transforms
- Task 9: Configuring Local Zone Search Rules
- Task 10: Configuring the Traversal Zone
- Neighboring Between VCS Clusters
- Task 11: Configuring Traversal Zone Search Rules
- Task 12: Configuring the DNS Zone
- Task 13: Configuring DNS Zone Search Rules
- Task 14: Configuring External (Unknown) IP Address Routing
- Endpoint Registration
- System Checks
- Maintenance Routine
- Optional Configuration Tasks
- Appendix 1: Configuration Details
- Appendix 2: DNS Records
- Appendix 3: Firewall and NAT Settings
- Appendix 4: Advanced Network Deployments
- Obtaining Documentation and Submitting a Service Request
- Cisco Legal Information
- Cisco Trademark
NAT Devices and Firewalls
The example deployment includes:
■ NAT (PAT) device performing port address translation functions for network traffic routed from the internal
network to addresses in the DMZ (and beyond — towards remote destinations on the internet).
■ Firewall device on the public-facing side of the DMZ. This device allows all outbound connections and
inbound connections on specific ports. See Appendix 3: Firewall and NAT Settings, page 59.
■ Home firewall NAT (PAT) device which performs port address and firewall functions for network traffic
originating from the EX60 device.
■ See Appendix 4: Advanced Network Deployments, page 63 for information about how to deploy your system
with a static NAT and Dual Network Interface architecture.
SIP and H.323 Domain
The example deployment is configured to route SIP (and H.323) signaling messages for calls made to URIs which use
the domain example.com. The DNS SRV configurations are described in Appendix 2: DNS Records, page 57.
■ DNS SRV records are configured in the public (external) and local (internal) network DNS server to enable
routing of signaling request messages to the relevant infrastructure elements (for example, before an external
endpoint registers, it will query the external DNS servers to determine the IP address of the VCS Expressway).
■ The internal SIP domain (example.com) is the same as the public DNS name. This enables both registered and
non-registered devices in the public internet to call endpoints registered to the VCS Control.
11
Cisco VCS Expressway and VCS Control - Basic Configuration Deployment Guide
Introduction