Manual
Table Of Contents
- Preface
- Introduction
- Process Summary
- Prerequisites
- Run the Service Setup Wizard
- VCS System Configuration
- Routing Configuration
- Pre-search Transforms
- Search Rules
- Task 8: Configuring Transforms
- Task 9: Configuring Local Zone Search Rules
- Task 10: Configuring the Traversal Zone
- Neighboring Between VCS Clusters
- Task 11: Configuring Traversal Zone Search Rules
- Task 12: Configuring the DNS Zone
- Task 13: Configuring DNS Zone Search Rules
- Task 14: Configuring External (Unknown) IP Address Routing
- Endpoint Registration
- System Checks
- Maintenance Routine
- Optional Configuration Tasks
- Appendix 1: Configuration Details
- Appendix 2: DNS Records
- Appendix 3: Firewall and NAT Settings
- Appendix 4: Advanced Network Deployments
- Obtaining Documentation and Submitting a Service Request
- Cisco Legal Information
- Cisco Trademark
Appendix 4: Advanced Network Deployments
Prerequisites
■ Apply an Advanced Networking option key on any VCS Expressway that needs static NATor two
LANinterfaces.
The Advanced Networking option is available for both the VCS Expressway and VCS Control, but only the
VCS Expressway supports static NAT.
■ Disable SIP and H.323 ALGs (SIP / H.323 awareness) on routers/firewalls carrying network traffic to or from
the VCS Expressway.
We strongly recommend disabling this functionality on the firewall/s when deploying a VCS Expressway
behind a NAT, because our experience shows that they do not handle video traffic properly. You must use the
VCS to perform the static network address translation on its own interface. Read more in What About
Routers/Firewalls with SIP/H.323 ALG?, page 69.
Planning Your Deployment
Do Not Overlap Subnets
The recommended deployment of the VCS Expressway configures both LAN interfaces. The LAN1 and LAN2
interfaces must be located in non-overlapping subnets to ensure that traffic is sent out the correct interface.
Clustering
■ When the peers have the Advanced Networking option installed, you must use the LAN1 interface address of
each peer to create the cluster.
■ The LANinterface that you use for clustering must not have Static NAT mode enabled.
For these reasons, we recommend that you use LAN2 as the externally facing interface, and also enable static
NATon LAN2 when it's required.
External LAN Interface Setting
The External LAN interface configuration setting, on the IP configuration page, controls where the VCS
Expressway's TURN server allocates TURN relays. In the recommended dual NICdeployment, you should select the
externally-facing LAN interface (LAN2) on the VCS Expressway.
Recommended: Dual NIC Static NAT Deployment
The following example illustrates the recommended deployment. It shows the typical DMZconfiguration where the
internal and external firewalls cannot route directly to each other, and dual NIC devices such as VCS Expressway are
required to validate and forward the traffic between the isolated subnets.
The VCS Expressway has both NICs enabled, and it has static NATenabled on its outward-facing LANinterface. The
VCS Control inside the network is a traversal client of the VCS Expressway in the DMZ.
63
Cisco VCS Expressway and VCS Control - Basic Configuration Deployment Guide
Appendix 4: Advanced Network Deployments