Cisco Expressway Basics

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
okay uh i believe now i'm live but from uh different links so hello everyone um my name is amit and i welcome all of you on this live session uh probably i'm gonna paste the link or share the link so if you guys can share the link on that event because that event has some issues and i'm not able to um you know start that event so i have just started another event so if you guys can join this event so probably i'm just gonna paste uh this event so please join in here i'm just gonna message it so that's the that's the live event uh that that i'm going live i'm sorry for the delay and uh yeah let's get quickly started i'm gonna hopefully okay so i'm just quickly gonna adjust my settings a little bit because there was some issue with the event that i already created so now hopefully um yeah you are maybe seeing some screens from train collab that's that's the that's the name of the channel from here on thank you guys for joining probably uh if any one of you are still in my other event i would request you to join in here and uh yeah i believe uh you guys can see some things and uh uh let me yeah i think now you guys can see me as well hello guys and welcome to this uh live event today for cisco collaboration or cisco expressway basics and um probably we are also gonna talk about a little bit about the uh design part of the expressways how we are gonna model uh the expressways how can we place the expressways uh where and when you know so to start with uh let me give you a brief introduction of myself my name is amit singh and uh i'm a ccie engineer she's a collaboration engineer and uh working for a cisco gold partner here in europe and supporting a lot of customers for their expressway deployments or you see collaboration deployment in cloud as well as in on on-prem you know so today what we are gonna see is uh basically we are gonna talk about um uh the basics of expressways i'm not gonna talk about how do you configure some parts of the express space or basically what i'm gonna talk about is um you know uh what are the the the information needed to understand those things you know so that's that's really important because configuration is really simple you know so that's that's uh um just uh yeah maybe following a document and you guys would be able to do all this configuration but what really important is is about um to understand those theories for example uh what do you mean by traversal zone you know and what do you mean by zone especially and on all those things so this is really for people who are new to expressway they are not aware about anything and uh you know for the expressways how it works and really um what are the things that you could do with the expressways that the thing that we are going to talk about today you know so um i i just request everyone again whoever is on the other live session or the event that i have scheduled unfortunately that has that link has some problems and i couldn't uh start that event so i would request you guys to join this link so that you would be able to hear me live and understand what's going on and what's not uh maybe we we are going to just wait for one more minute and we will quickly start so i'm also not sure you know if i'm gonna do it for complete two hours uh or maybe maybe a little bit less uh but for sure we are uh we are gonna come uh uh cover a lot of lot of stuffs today for the express race so guys who are uh who were excited maybe to understand a little bit uh i'm with you guys today and uh you can ask me any questions in the comment box of this live session you know and uh definitely definitely we are gonna learn uh uh something uh which would be interesting for a lot of you guys who are uh who have maybe uh in our facebook group who have said yes i want uh to learn expressway you know to understand something so so uh definitely we are going to learn something today and i'm really sorry that the event that i scheduled already it's not working it has some problems but uh hopefully this event is visible to everyone so anyone who could share the link again in the chat would be better and uh let me just see in my ipad if i'm really live and yeah because that's my first live session you know and uh um just give me a second i see that thank you thank you for joining and uh please do share these links in the facebook group as well um if you guys can uh would be great so that the other people can know in my group on the facebook page you know train collab facebook page also so that uh we understand what's going on really all right so let's get quickly started and uh let's understand what i was talking about you know so i was really uh so this was the uh so if you see uh on the uh probably yeah now you should be able to see the uc architecture you know so this is what uh you see architecture usually would look like and so you see here that we have um for the on-prem infrastructure what we have is uh uc communications manager and then we have unity connection probably and uh i it's not shown here but it's a part of unified communications manager we also have iman presence you know so these are the on-prem uc uh servers that we have apart from that we also have a lot of other servers and then we have some edge devices and on these edge devices we have you see something here called as expressway uh c and uh expressway e so that's the that's the uh server that we are gonna talk about today you know so why do we need this expressway and why is expressway used and uh that's that's the question that we are gonna answer today and then we are gonna see a lot of other things you know so my question is why is really expressway used you know so why do we need an expressway and uh to answer this it's it's very simple so it's used for providing the collaboration integration services you know so as to um extend the scope of the collaboration network so that the guys would just don't have to be limited to this on-prem infrastructure but they could also probably use this expressway for the external devices for example uh workers working from home right so for this uh such kind of scenarios where people would like to work from home and then they would still like to use the on-prem resources for the collaboration you could place the expressway c and expressway e servers okay so what are we gonna answer today so today we are gonna answer these three important questions the first question is why do we deploy the expressway servers okay the next question that we are going to answer is when do we deploy the expressway servers in the cisco world as you know and then the third question that we are going to answer today is how do we deploy the expressway servers is it like just placing the expressway servers and this is done is it the same thing or do we need to plan a little bit you know about this expressway servers so these are the main important question that an collaboration engineer would should be able to um answer before even deploying or suggesting the deployment to the customer so that's that's the uh three questions uh you should be able to uh answer so let's talk about the first question which is about why do we deploy an expressway server okay so before even talking about why do we deploy the expressway servers let's talk about something such a kind of a scenario let's say for example how does this communication happens between between these devices so for example between cisco jabber and let's say you have a cisco iphone in the uh in the uh on-prem uh infrastructure and you have a cisco driver that is being used by a user at his home you know so how do this device communicate of course they will use some kind of protocol right to communicate with each other this protocol communication protocol will help them to communicate with each other so what are the kind of protocols that we are going to use so we can use let's say sip or uh yeah in this case sip of course then but there could be another xmpp protocol for example for chat messages of course not with the cisco telephone um yeah there will be in case a jabber on the in-prem on-prem um infrastructure let's say okay um nh323 for example if you have a gatekeeper or something and your device needs to communicate with this h323 gatekeeper for calling so in that case you will need this h323 protocol right but uh if the cisco phone is inside the on-prem infrastructure so it's in the corporate network let's say and your jabber is on the public network or on the internet what is the limitation i mean even before talking about the limitation how does the sip communicate you know so at the end what the sip protocol will do is use the ip addresses right so ip addresses from jabber or the soft phone or the device on which the jabber is installed with the ip address of this yphone right and these two ip addresses they are the private ip addresses right and this ip addresses will be packed inside the tcp payload or the tcp packet that would be sent over the internet between these two devices right but what happens is will my internet be able to understand my private ip address so for example if this device uh let's say sends a request to uh to cisco jabber and then the ip address of the cisco ip phone it goes to the internet and then when this device decodes this packet it says okay that's the private ip address this is the packet on which i have to respond right and if this device tries to respond on that packet the routing fails right it cannot happen why the reason is it's a private ip and the private ip on the internet is not directly routable you need a certain kind of mechanism uh where the internet would be able to uh to um understand basically um how can i route this ip address so if it is a private iep then of course it is not routable on the internet cloud right so what is it uh even if let's say the private ip was routable what is the next limitation that comes in with this private ip addresses the next limitation is that with the layer 7 packets right what happens with sip is that with the layer 7 packets they still have the ip addresses right and the layer 7 packet of the rtp or the udp packets will still contain the private ip addresses right and these packets are still blocked by the firewall because of the port ranges and everything right the udp packets will not be able to cross the border of the corporate environment or or the corporate firewall right so this way this hinders um the protocols or this limits the protocol to make use of the private ip addresses uh to communicate the devices which are inside the corporate uh network with devices which are on the internet right okay so what is what is the uh so it's not only for mra right it's not only for jabber mre if you're only talking about mri no it's also about b2b communication how would uh it be possible right it will not be possible that's why what is the limitation so of course that's that's what i told um it cannot address directly the need to talk to the devices behind the firewall right so let's talk about another scenario wherein you have your cisco unified communications manager and your cisco jabber is on the internet right and if your cisco jabber wants to communicate with your cisco unified communications manager or if for any other reason there is another third-party device or pbx on the other side and they want to communicate with this cisco unified communications manager will it be possible will it be possible to have a direct communication with the internet so of course this ucm is inside your corporate network right and if they want to have the communication directly with the devices on the internet of course no one is a fool to open their uh uh security firewall to allow anyone and everyone inside their network right so that's also a complete no right that's not possible that's not gonna happen so what is the uh what is the other probability that you could have if you want to have a direct communication with the internet um the other thing that you could have is basically a vpn right so if you have a vpn for your company and the jabber or your laptop has a vpn installed so that you can configure your vpn and then you can use your vpn to connect to the private network then of course it works right that's one of the um one of the ways to connect to the cisco unified communications manager or the collaboration resources but then what happens if your vpn is over provisioned if you want to have to purchase a lot of let's say vpn routers right they are expensive and then you need to have a support for those vpn devices and everything that means that's an expensive solution right so that's what i said what if the vpn is overloaded with a lot of things what happens in case i had for example a problem that the customer provided me with a vpn and then suddenly one day i was not able to reach to their vpn and the customer says ah okay the complete licenses have been used uh you cannot have an extra connection so you need to be very fast you know you need to run and then um if not then you have to wait until someone uh locks out of their vpn and then you will be another user who can use the vpn right in that case as well you are not able to use cisco jabber from outside or for any other reason b2b communications or other things right so um that's also a limited solution i can say right so that's where um for also for the b2b communication it cannot happen directly right will you for someone uh you just open the door for anyone and everyone inside your house is that possible no right for the same very same reason cisco unified communications manager will also not allow such entries right this is why we need something that can communicate with uh from uh from the outside world you know with the inside corporate network and this is where your expressway comes into the picture right this is why we need expressway which can help with the nat and firewall traversal that's the very reason why cisco acquired handbook that's the very reason why cisco said okay let's use expressway because it has a very solid firewall traversal and nat capabilities you know and that's of course for the media so the way we can address this problem is by placing this expressway c and expressway e servers between these devices so expressway c and expressways e will be able to handle the signaling and media routing problems for this sip h323 and xmpp and they will still maintain the standards interoperability so what will happen now is that when someone from outside let's say this phone is now on the internet a cisco phone is on the internet you have taken a cisco phone at your home and then you want to uh use it to communicate with the corporate network what you could do is uh you could connect a phone to your to your home and then pro provide some uh username and password and then you would be able to connect via jabber mr a or vyam mobile and remote access so that what happens next is whenever the request comes into the expressway e the expressway e will be able to change the packet headers you know it can convert those private ip addresses coming from outside or the public addresses of the host device coming from outside into a private ip address which can be um yeah of course accessed by the expressway c you know so that's the that's the very same reason so that the that the packets can traverse the firewall and then can reach the inside corporate network right so now uh this way you would be able to address the problem of the firewall you know okay so um yeah before when i move further um i would request again to you guys uh if you are still on the if someone is still on the old event please ask them to or share uh the link for this new event in the in the group um so that people can join in here i believe they might be waiting on the another event and then complaining okay what's going on and uh i don't want to keep them um waiting there so i have already uh put up the link for the new event here and hopefully you guys would be able to join in here let me see maybe i believe yes so this this link has been placed and i see a couple of people joining in so good good to know thank you all right so let's uh continue further all right so let's now if we understood now that uh what is the need why should an expressway be placed uh let's understand some roles of the expressway c and expressway e for the internet access why are these expressway c and expressway e used for you know so we already i already of course talked about but let's go into a little bit more details of course i'm just going to talk about the basic stuffs today i'm not gonna go in detail to understand uh to help you understand all these things but if you want to help to to get uh in-depth understanding of all these technicalities you can of course visit our train collab facebook page and then you could request some more information where uh we will be sharing our session or you can book some trainings of course we are planning to have some trainings uh for the cisco collaboration products and uh you can book some trainings there and in a couple of weeks we are gonna also have uh the website ready so that you could directly book from the website the trainings the needed trainings and also the the racks needed to practice those collaboration uh products you know so that's that's the main idea behind it so i'm not mainly uh behind the certification things uh so main idea for me is for people to understand the product you know get information of this product learn about that product go to their customers and confidently work on those products and help make customers uh uh happy you know so so what are the roles of expressway c and expressway e for internet access so basically uh you will be using this for jabber mra or business to business calls using firewall traversal mechanisms or you can use it for interworking between protocols or between the between the ipv4 and ipv6 protocol for example and between h323 and zip devices for example i have a device which just talks h323 it can't speak sip you know and and i have another device which speaks uh just sip it can't do h323 and if these two device wants to talk to each other how do i do it i can do it by using this expressway c and expressway e you know and then expressway c and expressway e are also able to handle all the collaboration data flows not only signaling they are also able to handle the media you know the rtp stream so that's the very that's the that's the role of the express space c and uh expressway e for uh internet access okay so let's talk about expressv placement where do we place this expressway c so uh do i just place it anywhere in the internet or do i just place it anywhere besides my cucm or where do i exactly place my expressway c that's the question that's the important thing right i have bought the express messy server but where do i keep it in my network right that's the important question so express space c is usually usually placed inside the internal corporate network you know so if you see here you we have this cisco unified communications manager inside the corporate network and the next thing that we have is expressway uh c server that is connected directly to this is quantified communications manager so of course you need to have a switch and all those stuffs yeah so directly i don't mean uh i don't mean directly over a lan cable you can just connect of course you need a switch here and then uh but you can place expressway c inside the corporate network and then uh you would be able to communicate with the cisco unified communications manager and express by c okay so this is all about expressway c placement a lot of customers they do also place the expressway c uh after their uh internal firewall they just want to have more security you know so they so they just don't want to place expressway c here so that's why they place it after the internal firewall as well so yeah i mean that's also possible but i haven't seen a lot of situations where customers do this but uh but yeah very uh secure related security related customers for example banks or someone they do it so yeah that's the another way to place your expressv server you know so this way by placing this expressvc inside the corporate network it would be able to provide the collaboration services to the sip and h323 endpoints you know it is it is also probably acting as a communication gateway for the cisco unified communications manager so for example if you have a webex people want to dial to webex how could they do it so they will just style meeting number or whatever it is and then there would be a sprout pattern on this ucm and this will route the call to the expressway c and from the expressway c the call can be routed via the traversal zone to the expressway e and then the call can uh using the dns zone or whatever on the expressway e the call can be routed outside the corporate uh network you know all right so let's now talk about if you understood now um why do we need expressway and then how can we place the expressway or where can we place the expressway let's now talk about the basic functionalities of the expressway you know so what are the basic functions of the expressway why is it used for so so these are the uh functions that we are going to talk about in a little bit uh detail one by one so so to register an end point you know it can act as a call controller just like cucm so why do we need expressway for call control why don't we use ucm you know that's the question that comes into mind why are you talking about using expressway as a call control server and not cucm and why do we register why the hell do we register um the devices on the expressway c and not directly on the um on the uh cisco unified communications manager yes you are right the right device as per the preferred architecture or the right server as per the preferred architecture to register the endpoints is cisco unified communications manager that is as per the preferred architecture 12.5 right but there are a lot of customers who just want to use uh cisco endpoints only for video you know for meetings for example and they do have another pbx for calling so in that case expressway c can act as a call control and they can register the device directly on the expressway c and can get a lot of features from them right which can't be possible when the device is registered as a third party on the third party pbx right that's the main reason why you have a registration capability on express pc the other uh functionality that expressway c provides is to manage the bandwidth for the audio and video calls just like cucm you could also do the bandwidth management on expressway c it could also do a protocol interworking you know and then it could also provide some security security related functionalities and then uh it is also able to integrate these standard and non-standard devices by doing the interworking as i told you already so let's look about so let's have a look at these points one by one and understand uh what's going on what what are the functions so the first functionality that we discussed was to register the endpoints directly to the vcs or the expressway right so yeah of course you can have a sip endpoint not all endpoints of course not the phones you can't register the cisco ip phone on the express pc it's not possible you could register the other devices for example dx80 or dx90 or you have some meeting room devices and you want to connect them directly or register them directly to the expressway c you know that's that's that's the one way that you could register the endpoints or the customer has a lot of third-party meeting rooms or devices video endpoints and they want to register it as a standards based uh sip endpoint to the expressway c for uh making audio and video calls or or just the video calls for example you know so that's where expressway registration becomes important now let's talk about bandwidth management so you would be able to uh manage the bandwidth between the zones and sub zones so what are these zones and sub zones we are going to talk about it in a while but to give you a brief uh overview what the zones and sub zones will do is um basically you can register the devices on them so what you could i will talk about it in a little while so by bandwidth management i mean that so for example this endpoint and this endpoint wants to call each other so what you could do is you could limit the bandwidth uh between the individual calls you know or you could limit the bandwidth between the two zones or sub zones you know or if you want to limit a bandwidth between a particular device to another device you could also do this so that's what i was meaning uh when i say uh the bandwidth management you know or you could also do a bandwidth management uh the based on the total number of calls to or from the end points within a particular uh sub zone so for example there is a sub zone there are 10 devices registered and then you can say okay in this zone i need to have only a bandwidth of let's say 20 mbps so the bandwidth within this zone should not exceed 20 mbps you know so you can control that bandwidth so if this bandwidth goes over 10 to 20 mbps the calls will not be possible so this way you could uh plan your bandwidth management for the video calls you know next is about protocol interworking so what is this protocol interworking so let's say is if i have a device that only speaks uh ipv4 you know that doesn't supports ipv6 and there is another device which has ipv6 capabilities and it is configured with the ipv6 and i want to make use of this ipv6 capability you know so what do i do how do this how does this work can this ipv4 device directly communicate using ipv4 and then will this ipv6 device be able to understand that no that's not possible right there has to be something that can interwork this ipv4 and ipv6 protocol and then provide a way so that they can do a video call right so that's where expressway c protocol interworking feature comes in so that people would be able to do the calls in spite of being um different devices you know so that's that's where c becomes very important or for example i told you if one of the devices is sip and the other device says our other device is h323 and they want to talk to each other how do they do this ship device will not understand h323 right and this h323 device will not understand sip so how is it gonna work so this will work when you have expressway c so that it can interwork the protocols and help communicate with the h323 protocol on one side and on the other side it can communicate sip you know so so that that's how this powerful expressway c is you know you could also do expressway see um restriction access restrictions or which device can register with me on my on my platform that's also possible possible that's with the registration policies that you could do right you could con create certain policies and you can say okay from this subnet do not allow the device to register you know so that's the kind of power that expressway c has and says okay do not register such devices you know so you could do this with the expressway c as well so now once we have understood um the functions the basic functions of the expressway c let us understand uh some concepts about expressway c let's say what is this firewall traversal or what is a zone or what do you mean by having a single nick versus a dual nick on the expressway e you know what is stun what is turn and what is ice so these are the new three terms that are coming in stern turn and eyes with the expressway version 12.5 it's finally supported right so we need to understand what these three terms are i am going to talk about in a brief about these three terms as well so so let's just understand these terms today so even before understanding you know what uh understanding these terms uh let's just understand one thing uh what is the key behind using vcs or expressway if anyone can tell me aman what's the key concept how does this expressway or vcs code works you know so the key is that the key behind this expressway is that it can securely handle nat and firewall traversal right so vcs and how does they do how do they do it how do they do a secure nat and firewall traversal uh they basically use a protocol called as ascent ascent is a protocol that was not developed by tanburg but purchased by dan burke from another company in uk uh if i am right the name of the company was uh ridge soft i think or something in uk and then this company was very famous in developing this protocol called as ascent and this protocol ascent protocol is used for um firewall traversal and and and for uh nat capabilities you know so that's where uh this uh yeah i mean that's where that's where um this capability of the uh firewall traversal is developed by the cisco using the ascent protocol so it's a proprietary protocol i tried to find out a lot of things about it but i didn't get it if you guys can please do share with me as well because i would like to understand how this ascent works because um itu-t has also developed the uh other media protocols are based on this ascent protocol you know so that's really a powerful uh protocol so what we are going to discuss today is uh zones and its type so even before we discuss about uh yeah some some basic concepts that we are going to talk about so let's understand what is a zone why is this zone used for that's the first question so if you see it right zone is basically uh it contains all the endpoints you know registered and then it contains all the gatekeepers you can say or it contains all the mcu's that are being registered on this zone so basically zone is something that comes pre-built when you purchase the expressway or when you install the expressway okay so that's already pre-built and it represents all the devices or so to say it's a collection of all the devices as i registered endpoints and then let's say neighbors and destinations and and yeah it would be wrong to say neighbors and destinations but of course it would be uh endpoints and gatekeepers and mcu's or or some other more things you know so basically it's a collection of um endpoints i would say okay and then there are different types of zones you know in the expressway it's a really important concept if you don't understand the concept of zones then it's i would say it's really difficult for you to go ahead and understand the different concepts uh related to zones you know because then comes a lot of zones and zones and a lot of zones and one zone and many zones you know so sub zones and traversal zones and neighbor zone and local zone and default zone and zone and zone and thousands of zones you know so so it's really important that you understand zone okay so let's try and discuss this uh zones uh one by one okay so basically um yeah why do we use these zones for so zones basically as used for registration of the devices also they are used for uh i will say um the call admission control that the bandwidth management that we discussed you know and uh yeah these are the two important um capabilities of the zones i can say and why are they used in express space you know so to register the endpoints and for the caller mission control okay so that's the two important thing about zones do not forget anytime what these stones uh what these zones do okay if you have any questions about zones or anything let me check if i have uh some more people asking on another forum about it let me check okay so yeah let's discuss uh ahead i hope uh everything is going fine and okay so yeah i was discussing about zones and its types so as i said there are a lot of zones and my question is how many zones can be configured on the expressway can anyone find an answer to this question that would be important you know so that's the question how many zones or sub zones or in general zones how many zones can you configure so how many zones are supported that would be that would be the main question okay and now let's talk about a concept of local zone so basically what is a local zone so as i said local zone is a permanent zone it's not created by us you know it's already permanent zone pre-built inside the um expressway when shipped to you okay so basically refers to the cisco expressway itself all right so whenever someone says okay is your device registered to this zone he particularly means uh sorry i mean i will reframe this sentence so if someone says that is your device um registered to this local zone what basically he means is that is your device registered to this expressway okay so that's the that's these that's the scenario if i if i have to say okay my device is registered to this uh local zone a that means my device is ref he is referring to the expressway which has a local zone a okay and then of course in the local zone there could be a traversal sub zones or or different sub zones under which they have been registered but there can be um only one permanent local zone and that comes pre-built with its owns okay and if you see here there are different types of zones than within this local zone right so the first is a default sub zone now this default subzone is also pre-built so you do not have to configure this default sub zone so this if default sub zone is also already configured okay and then there comes another zone which is a sub zone so you see here a sub zone and what is the functionality of this sub zone same as default subzone but what is the functionality of a default sub zone so the default subzone and subzones have the functionality to register the video endpoints or third party endpoints or a standard based sip endpoints you know or h323 endpoints now then if you say that default subzone and then subzones are used to register different endpoints and how do the endpoints know that on which sub zone do i have to register that's the another question right there could be multiple sub zones here and there there is a default sub zone why don't my device so that's the main there is a main concept in expressway c that the expressway c cannot register the devices based on the mac addresses okay they don't register the devices based on the mac addresses but they register the devices based on the alias or the ip addresses or the i can say prefix or suffix you know so what do i mean by that so whenever some device wants to register what the device will send is its ip address right and based on that ip address uh you could configure a subnet on a particular sub zone and say let's say 10.10.10.0.24 subnet is sub zone a and then let's say 10.10.20.0 24 is subnet b and sub zone b you know so you could configure sub zones with these particular subnets and then the device is coming from those particular subnets will only be able to register to these sub zones right that's the one way to register the devices the other way to register our devices is based on on a prefix or on based on a suffix you know so let's say a device has a domain configured as alias a domain configured as companya.com and when it comes to a sub zone that has say that says okay registration policy company a dot com if the device comes to register to me please allow him to register okay this is the other way to register a device now the third way to register a device is say let's say a device comes with an alias um 9000 and then if you configure something on the sub zone and say okay if something comes with with a prefix 9000 just allow him to register with me that's the other way to register the devices right what happens next so what if the device comes in with a registration and it doesn't match all these three criterias if it's not matching all these three criterias what can happen next is the device can register to the default sub zone okay so what it means is that if the device cannot register to any of the sub zones then the device can register directly to a default subzone okay and then you could also um create policies and say okay these are the policies and only this policies if matching and if the sub zones policies are not matching then only the devices will register not all the devices for security reasons right you could you should do that so that's that's the way you could uh register uh the devices on the expressway c so now if the default sub zone and the sub zone is for registration of the device is what the what the hell are these the other zones and sub zones for right so this traversal sub zone if you see here i showed you something on my previous uh slide that they have been written on the edge of the expressway c for example a traversal zone or a uc traversal zone or a neighbor zone or the nm zone you know so that means they are used for call traversal or the firewall traversal right so these traversal subzones for example they are used for firewall traversal so what do i mean by firewall traversal we will learn it in a little bit in a little bit a while but uh the traversal uh sub zone is for firewall traversal of the calls okay then what are these neighbor zones so if you see here i also have something called as a neighbor zone right so why is this neighbor zone configured what is the use of this neighbor zone so if you see this neighbor zone is only between expressway c and the corporate devices that means this zone is not crossing the firewall there is no firewall in between do you see any firewall here uh let me show some architecture yeah do you see some architecture uh sorry firewall before the cisco unified communications manager no right so of course this is not the right uh i need to search for this uh architecture uh where is it yeah here for example so this expressway c has direct communication with the cisco unified communications manager here or it could be a cisco meeting server as well right so you could directly connect and there is no firewall in between this is where your neighbor zone comes into picture okay if you want to have uh a direct communication with the corporate network devices this is where [Music] your neighbor zone comes into a picture okay so if you see here there is a neighbor zone between cucm and expressway c and then how do you configure a zone on this ucm you can't configure a zone on ucm right and then you can't configure the ziptrunk on the expressway c so what it means is that you configure a neighbor zone on express space c so could someone uh confirm if you guys are able to hear me again um would be nice if you can um or tell me if i'm back again and you guys could hear me and uh if you have missed anything i would just wait for a short chat from anyone who could tell me if okay perfect you can hear me so is there anything missed someone commented that um you missed some information about default and subzone or default uh and subzone or was it okay should i should i explain that again if you guys haven't heard those informations i'll just wait for one more minute and then i will start again if you guys can confirm if you were able to um understand the default zone and sub zone uh if not yet i will just uh clarify that again you know so i will do this in short of course thank you for commenting so uh this default zone or basically this default sub zone is used for um registering any devices that uh couldn't register to the to the sub zones you know so for example if they are not matching any of the criterias for the sub zones then these devices will go and register to the uh default sub zone all right and if in the default sub zone as well there is a policy that says okay reject these kind of devices they still will not be able to register okay else if any of the criteria's in the zup zone is not matching the devices will by default register to the default sub zone okay that's clear and yeah uh so now we were discussing about this uh neighbor zone so this neighbor zone uh basically i was saying that you have expressway c and then if you want to connect uh to the internal corporate uh communication devices for example cucm or cms or in case you want to communicate with other expressway c as well then you could configure a neighbor zone okay so that would help to do the communication between the two expressway c's but in different let's say uh clusters okay so that's the other way that you can connect your expressway c and create a neighbor zone for routing the call for call control okay and this doesn't need a firewall this neighbor zone will not need a firewall you will have a direct connection between expressway c and cm or cms or expressway c okay is that okay all right the next part is about uh traversal zone that's the very important zone you know so the traversal zone is something where a call has to traverse the firewall okay so for example in this case uh let's say let's just talk about uh mobile and remote access so for mobile and remote access the call has to traverse the firewall and when the call has to traverse the firewall this is where your traversal zone comes in okay so that means you configure on expressway c the traversal client and on expressway e you configure a traversal server component or traversal server zone okay and then what happens is that expressway c that is traversal client will communicate with the traversal server using a local database password and these certificates so two things okay that's very important to understand if the traversal zone wants to have a communication between each other so between expressway c and expressway e the first criteria is to have a local username and password created in the local database of express space e okay so you will have the configuration item in expressway e wherein you can configure a local username and password and then you enter this username and password on expressway and this is how you will be able to establish a key and expressway e on a particular firewall port of course there needs to be a port open right that's why they fire in a firewall port that's firewall port 7000 or 7001 or firewall port let's say 222 or uh the standard firewall port so the firewall port information you can get it from the uh tailed information about it but usually it's either a four seven thousand or seven thousand one and the same port information needs to be entered on both the zone configurations that you do on the reversal server on expressway e and traversal client on expressway c okay so you see traversal zone you don't create a zone what you create for mobile and remote access is a uc traversal for the mobile and remote access okay we'll talk about it um in a little while so now let's just talk about what is reverse proxy and why do you need okay so what is this mobile and remote access so let's uh let me take a pen okay simple on your uh cisco jabber okay you want to have a cisco unity case mailbox okay visual mailbox so that you don't have to press any button so that okay or uh you want to access for which is inside your and you want to access the photos but now why do you want to access the photos right that's the question so yeah the request and then the request port and then it will come to expressway e and then expressway e would send okay looks like i have an intermittent connection problem but uh i don't know what's happening today it usually never happens all right i hope you guys understand and next time uh i'm gonna make it much better sorry for the bad experience today okay so yeah we are talking about this firewall traversal so basically uh this is how the connection is established and then the media part is already opened on the firewall between the expressway c and expressway e and then expressway c will open another media connection to the expressway e and then the rtp will be established on this um media port that is being uh opened by the expressway c okay so that's how the firewall traversal concept works i hope you guys understand this so in this case uh it's it's good to mention that only you need to open two uh ports on the firewall you know one is for signaling and one is for rtp so you need to open one port for rtp and one port for um rtcp okay and then you would there would be a demultiplexing and multiplexing happening on the expressway c and expressway e and that's how the call will work okay now the good concept eyes turn and stun that's something new um that comes in you know and i will not dig much deep into it because we have only half an hour and have to cover a lot of things so in short what i will say is that turn is used or stun is used when you do not have problems with your firewall and still you can establish a connection between two endpoints directly okay that's in that's where your stun will be used and in case you will not be able to establish the connection over a firewall in spite of using stun then you will use a turn for the media server so basically the devices will say okay where is the what is the ip address public ip address on which i can share my media and there you will have a turn server ip address so that the devices can share their media on the turn server and then they can establish a connection via the turn server for the media connection okay so that's where the turn server comes in the picture uh due to shortage of time i will not be able to explain much in depth about it but let's see a little a little screenshot that i took from the um uh configuration guide of the expressway for the media optimization and then we will be able to understand a little bit more about it okay so what is ice ice is basically i'm not going to talk about the full forms of this you guys can find the full forms of this keywords so ice is basically used uh it's configured on the devices on the endpoints and then if you have an ice enabled endpoints then it will have a fallback plan for you for example if stun is not working what next you can fall back to a turn server and then you can have a direct connection for the media between two devices you do not need to have expressway or expressway c or e to have media flow between the two devices so the media can flow uh direct between the two peers okay so this will save your bandwidth remove your resources so save your resources on the expressway enc and then it will also improve the quality of your audio and video right so that's where your turn and stun comes comes into picture and basically you configure these things on expressway e because expressway e is in dmz so you configure the turn server so that it has a public ip and then the devices can send their media there okay so this is a small representation how the media flow happens so for example if you have two devices they are both on the internet uh two cisco iphones for example configured with java mra sorry mobile and remote access so what do these devices do how can the media flow between these two devices right so if you see the green one is a standard media flow so what happens is it goes to the expressway e and then it goes to the expressway c and then there will be a b to b a u j b to b u a applied a process that will occur and then it will appear this i will say it will terminate this media on this expressway c and then it will create another call leg and then it will bridge the both call legs and then establish a media connection you know so it has to the media will be traversing expressway e and then c and then it will be establishing the media okay the second is the media through the turn server so that means you have a turn server configured on expressway e so that the device says okay which are my ice candidates you know so there is a term something called as ice candidates and when in the stp information you will see those informations i'm having i am having a training session of course you can book those training sessions especially for the products i would say for example a cisco meeting server or expressway or cucm or unity connection or i am in presence so we are having those kinds of trainings and if you would if you guys would like to book those kinds of training then go ahead and then send us a request and then we will see it you know and we have all these modular labs as well so in case you would like to just practice on cms or just practice on expressway c or e uh so the other things would be built for you guys already and then you can just practice and concentrate on expressway you know so these kind of things are planned and available on train collab so please do go go to the facebook page train collab and maybe follow this page for more updates and information that's coming in this year you know okay so um we were talking about this media through the turn servers when this kind of in this turn server what will happen is this ib phone will send the media to the expressway e and then um expressway e will relay this media to the uh other device you know so both the device so this communications of the rtp is happening via return server configured on the expressway e using expressway e's public ip address okay um then peer to peer media that means that's the third connection where you have um a direct connection between end devices and that's where that's that's the ideal connection where the media can flow directly between these devices and uh i mean uh you have a much better audio quality and video quality and of course you will save your bandwidth and then resources on the expressway c and expressway okay all right then yeah we are almost done with the uh expressway basics if you think we are missing something then do let me know in the chat and i will cover those topics but as far as i remember these are the important things that you need to remember about the expressway config basics in the next uh two minutes we are going to start with the design concepts or how do you go ahead with selecting the servers for the expressway so before that there is a giveaway question if i would be selecting one of those people who could answer in one week's time the question and uh yeah you will be able to get access to the to the lab wherein you can practice uh the scenarios the different scenarios that we discussed today and configure a lot of things you know and maybe uh some more things related to troubleshooting so you know so if you want to have hands-on to cms or expressway or whatever scenario i'm free that you just let me know what kind of scenario you want and i can create those scenarios and you have the full on-prem use infrastructure to practice for four hours you know so you have complete four hour access to my lab so that you can practice uh whatever you want to you know and it includes also the dns servers of course and the expressway servers and cms servers so you only have to answer this question to get the access to my lab okay so the question is what are the three key capabilities of the expressway of course apart from video video is a basic capability of expressway but what are the three main key capabilities of expressway if you can answer those questions here on this chat or maybe on the facebook group or on the facebook page train collab facebook page uh so this is how the train collab is you know so if you can answer this question about what are the three key capabilities of expressway rightly then one of you would be having the access to the lab the complete 12.5 lab with cms 2.8 and expressway probably 12.5 you know and you can uh yeah practice a lot of features that we were discussing today so especially better for the guys who are new with this uh expressway or cms or a lot of other things or dns to say you know so go ahead and answer those questions uh if you get it right a hint would be to use cisco live documents for the expressway okay that's the hint that i'm going to give you today if you have access to cisco live documents uh normal documents it's available everywhere just go to cisco live and then you will be able to get those documents just refer those documents and let me know what are the three sorry three key capabilities of expressway if you can answer those questions let's see who has the chance to get access to the lab and and practice a lot of things okay so i'll just wait for one more minute and see um if you have if you guys have any questions related to this and we can proceed further each other okay so um yeah someone asked me if this will be available uh on my channel yes of course this will be always available on my channel and if you would like to refer um i would keep this video on my channel for a long time and i hope that guys would be able to refer this information and then get some more information about the basics of expressway you know so yeah of course all right then let's get quickly uh ahead and then understand now if we now understand why do we really need to place the expressways the next question is when do we place these expressways you know so these are the scenarios that you see here so mobile and remote access and business to business communications and sip h323 interworking and let's say for um uh cms uh webrtc connections you know so you would use these expressways when you want to have one of these uh scenarios okay so for call flows let's say all right so now uh if you understand that we'll be using this mobile and remote access what exactly is this mobile and remote access basically so it's really just that you should be able to access the cisco jabber uh from outside your network okay so i'm sorry i'm going to conf i'm getting confused but i was looking at the another screen i was like what okay so yeah um all right so basically you would use this uh mobile and remote access to configure or to connect your jabber from outside from internet directly to your cisco unified communications manager for example if the employees are working from home you know you do not need a vpn it's a vpn less connection so you do not need to have a vpn it's direct connection of course why are the expressway ce and expressway e okay so let's just talk about now what are the requirements of the mobile and remote access so we don't discuss configuration if you need configuration let me know i will share a very nice link directly from cisco so it's accessible by everyone so it's just the same link that i'll be sharing as well so there are hundreds of documents about the configuration so let's understand what are the requirements of the mobile and remote access right so the first and very important requirement is that you need to have the srv records and what kind of srv records do you need to have so the first srv records uh you need to have is the public dns srv record you know and then you need to have an internal underscore cisco minus uds srv record and a collab edge srv record for on the public dns and then you need to have cisco uds srv record on the internal dns and then you need to have the right set of certificates okay you need to have the certificates on the expressway c and you need to have the certificates on the expressway e server certificates you know and you need to have a dns on the expressway c and expressway e so you need to have a internal dns and you need to have a public dns for the expressway e okay so that the public dns can resolve the srv public srv record so collab edge public srv record to the expressway e i p address that's the main reason why you need a public dns okay and you need an internal dns to provide a cisco uds srv resolution so that it can point to the particular cucm okay if the dns and the certificates are not available you cannot configure the traversal zones okay that's that's the very main reason you need to have these two things in place okay and then what is not supported in this configuration what kind of configuration is not supported what kind of devices are not supported so only sip devices are supported h323 devices are not supported okay so zip phones exclusive phone or cisco jabber they both are supported but if you want to have an s323 device um that's not supported okay so that's the other thing and the other the next thing that is not supported is uh traversal chaining okay so what do i mean by traversal chaining that means if i have an expressway c here i can have an expressway c but then again i can't have an expressway c here again okay that's not possible that's the traversal chaining that's not possible okay so you can have only a pair of expressway c and expressway e so the question that you should ask the fourth question that you should you should ask is is the mra supported for h323 no that's not supported can you use the same dns srv records that you use for b2b no you can't because the srv records for b2b or business to business communications is different than the srv records for the mobile and remote access so we are going to discuss in short also about the b2b communications okay so that's the second thing that you need to keep in mind the third thing is the traversal server and the traversal client configuration are the same for b2b and mra no they are not same they two are different okay you configure a uc traversal zone of course it works i have seen that it works but you need to have a different uh traversal zone so the supported traversal zone is uc traversal zone for mra and you need to have a traversal client and traversal server zone for the business to business communication okay the third question now the last and important question is can the mra be built with just the tcp ship connection no it can't because you need to have this certificate the tls certificate because there is a configuration and in this configuration for the mobile and remote access you need to have the tls verify configuration as well and if you have a tls verify option uh set to yes then you definitely need to have the express pay certificates okay without the certificates the mra will never work properly okay these are the four important questions that if you answer correctly your mra will never have problems and you can have a seamless connection and work from home experience okay of course there are some other uh criterias uh you need to open the firewall ports uh on the public firewall ports for mra but we are not gonna discuss those scenarios here okay and uh you can get this information about the port usage and they have really in-depth information about these things cisco has really documented these things very well and you can get this information directly from there okay so now let's just uh see this another scenario that i was talking about so it's the same thing there so if you see that there here is also a unified communication traversal zone and then there is a traversal client connection to the traversal server connection and then once this connection is established uh the travel expressway c uh does a kind of uh pinhole punching you know uh so that it opens a rtp port from inside to outside and once this rtp port is open from inside to outside expressways e can send this media on this port and then the media is directly sent to the phone or client inside the cisco unified communications or the on-prem network okay so that's the way uh your mobile and remote access will be working and then the ports that you need to open between the expressway c and e is port 7001 and uh i think uh for the traversal media you use 36 000 to 36 0001 and for i think https you will need 2 2 2 2 is the port number that you would need for https and for xmpp you will need i believe uh 7400 port 7400 that's used for xmpp connection okay so these are the ports that you need to open between um expressway c and expressway e and then there are other public ports that need to be open rtp ports those are the high ports that need to be opened for the media to be connected okay so you can make use of um the port usage guide that's available from cisco to understand what kind of port needs to be opened and understand really well about that but if you want um yeah we can discuss this in our uh if you if you book any of my training session of course then i'll be discussing in depth uh about this call flows and uh all these things in train collab okay so oh i forgot to show you this flash okay all right so next thing is uh how does this uh business communication happens you know so the main the first reason uh the first criteria is that the destination endpoint so in this case let's say jabber from another company they should use a standard based sip uri dialing okay that's one of the thing yeah of course they can do also um h.323 dialing that's also possible that's that's not a uh hindering part or the other limitation of the b2b requirement okay so in the b2b requirement you don't create a a traversal uh you see traversal zone but you create a traversal client and traversal server zone and then you open the firewall ports between the traversal client traversal server zone and then you have a different srv record so for example underscore sip dot underscore pcp srv record and then you create underscore sip s that is a secure sip and then o uh on port 5061 and then you create the srv records for that and the third one uh you would do i think sip s udp for for the rtb connection okay these are the or uh yeah for the tcp connection i mean for the signaling uh udp you can also use it as well okay so um in short i have also copied you can say a call routing decision how is the call routing decision happening on the expressway you know what happens when the call comes in i have configured zones i have configured traversal zone server zone client zone but how does the call go through how does the call uh pattern matching happens you know so this is how the call pattern matching happens so um basically um expressway expressway let's say c will receive an alias or a number or a c uri you know and the first thing that it will match something called as transform okay so what is the transform what does the transform do what is the role of a transform as the name suggests it's it's actually pre-transformed search rule called as pre transform search rule so what does this transform do is like it will receive a uri or alias or some or any kind of a pattern and then it will if if the alias pattern will match it will transform it to another uri okay so for example i have i i dialed um one two three four five six if i have to go into a webex meeting okay and then what this pre-transform match rule will do is that it will convert this one two three four five six into one two three four five six at webex dot com for example and then it will try to match um another criteria search rule okay so here that's the same thing if you see here expressway will receive an alias and then it will try to match a transform if the transform is matched yes then it will apply a transform okay the transform is applied if no if the uh transform doesn't match an alias then the call directly goes to a cpl rule that's a call policy rules you know so if you want to permit some kind of call if you want to reject some kind of call you could do this using call policy rules okay so you will do this and then you will check here the expressway will check this and if also there is no call policy rule to reject or something if it is then it will say okay allow or reject if it says reject then it will send a 403 forbidden message or something back to the device if it says allow then it will try to match a search rule and once you have a search rule same like a translation pattern or a route pattern or something you know if the pattern matches then the call will go to the next level and then the call is placed okay so i believe i'm gonna need a lot of time um we are only half away so i would suggest that we do the designing part in the um in the next life you know because uh there are a lot of things for the basics still pending that i see right now or yeah maybe let's let's go ahead and do it let's do go ahead and do it i think i have missed uh pipes and uh yeah i have missed pipes and links so what are pipes and links i will tell you in short you know so let's go back to zones that i was talking about so yeah this is let's say these are the zones where that we were talking about so pipes and zones are like for example uh sorry uh a link so basically um let me see how many uh do i still have left or i can yeah it's too long so i don't know if i could uh i should proceed further or not so basically uh pipes are used for uh bandwidth management okay so let's say you want to um manage a call bandwidth between two sub zones let's say okay so you can say okay between these two sub zones i want to limit my call bandwidth who you could do this the limitation can be put by using pipes and then if you want to say okay between these two sub zones i want to have an overall bandwidth limit that you can do it via the link you know so that's like uh call admission control on cisco unified communications manager okay that's like um enhanced cac on cisco unified communications manager all right so yeah that's that's the use of pipes and uh links so pipes basically connect two different sub zones or they connect sub zones and default subzone or a subzone to a local zone they have a connection you know so that they can limit the bandwidth and call restrictions and all sorts of scenarios okay so let's go ahead and talk about shortly uh cisco expressway design you know all right so uh let's go ahead and start with the expressway design considerations a little bit and if you have any questions related to the basics or if i haven't yet configured a couple of things then please do let me know and uh i will uh try to answer this in the in the comment sections or we can try to uh maybe have another small live session wherein we can talk to each other you know not on youtube maybe on some other platform i will try to arrange it and then we can discuss it there all right and um yeah then let's start uh yeah of course this live session will be available on my channel for a couple of months and then uh we'll take it from there so let's talk about cisco expressway uh design considerations so what are the design considerations when you want to build the expressway or install the expressway can you just directly go and install the expressway anywhere and everywhere and that should start working no right you will have to consider some things so the question that you should ask is you know what is the purpose of my deployment i mean why do i need to deploy this expressway am i using it for jabber mra or am i using it for b2b or am i using it for cms webrtc or am i using it for webex connections for directory connector or hybrid connections you know for meeting and everything and what are the total number of users that should be supported or who will be using this connection for calling especially okay and how is my cucm cluster deployment that's the another question that you should ask right so is my user are my users across spread across different multiple locations so that's the another uh criteria to select the expressway okay so these are the very important questions and the other important questions before i forget is how is the customer firewall deployed you know so that you understand what kind of netting do you need do you need interworking licenses or not what kind of devices the customer is going to use are they going to use h323 licenses or not um is the customer having a right firewall and then do they need an advanced networking licenses and what kind of nick car do i select for the expressways do i select a single nic or do i select a dual link so these are the different criterias does the customer have a public dns available does the customer allow a punch pinholing for the rtp media or not so these all scenarios will help you to define uh your expressway uh server okay so the first thing uh let's understand it via a question so i will try to read this from this desktop so basically it says let's say we have a design scenario wherein a multinational company with offices around the world needs to deploy a video conferencing solution and each of the locations across the countries have 50 video conferencing meeting rooms or the endpoints okay so each location has a 50 video conferencing meeting rooms okay and then customer has no plans to buy more bandwidth than bandwidth during this kovid 19 situation customer doesn't want to buy this van bandwidth again and the current van link can support maximum 30 percent of the calls over the van and they have limitations with the vpn okay and 70 of the customer meetings are held within the location in the respective country okay so these 70 percent they are not on the internet they are on the corporate network calls okay and 30 of the calls they are uh yeah let's see what's next coming in then they say that the rest 30 of the call is like 25 of the calls happen within the countries okay so 25 of the calls out of the 50 calls happens within the country okay and only five percent of the calls is business to business okay that's the criteria or that's the scenario that currently a customer has okay and then customer would like to have a solution so that these five percent b2b meetings can utilize the new expressway solution without the need to purchase additional servers that's an interesting scenario right customer would like to have first deploy the expressway have video meetings and everything and in future he wants to use the same expressway for cisco jabber for mobile and remote access for its 30 of his employees right so how do we do it okay there is another criteria that says keep in mind that in future customer would like to migrate their old pbx with 1 000 users so so do you understand uh now that customer has already a third party pbx that's why he is not able to work correctly with video devices using that particular pbx you know and then that's why he wants to use an expressway all right and on the pbx the customer has thousand users and out of these thousand users 300 users which is uh uh sorry um 30 of this thousand users will be working from home in future okay and hence this investment should be worth the future pbx integration okay currently customer doesn't have a feasible solution for work from home for 30 of its employees okay for whatever reason in in future 50 of these employees will only be placing audio only calls and the rest would be using audio and video calls okay so the 50 percent of the employees from this 30 percent would be using just um audio calls they don't want to show off their face and do a video call and the rest thirty percent would like to have and the rest would like to place both the audio and video okay now you have a situation like this now how do you go ahead to plan about the situation what do you do so basically when you gather the data you understand that 50 devices should be registered at each location right and then there should be 50 concurrent calls on each location that's the another scenario and then there will be b2b meetings on each location and that's equal to uh eight calls on each location because that's the five percent of the fifty meetings that's gonna happen five percent uh b2b meetings on each location okay so it's around uh you can say seven and a half but i'll say uh eight b2b calls okay and the last thing is that the hundred future users will be utilizing the thousand future users will be uh utilizing the expressway for work from home that means around 30 percent i said so 30 of 1000 it should be around 340 jabber users at each location would be using um jabra mra you know so you need to select a server based on this criteria which matches this criteria right and customer should be able to place b2b calls mra calls yeah device registrations so what do you do after you understand what is the quantity of things that customer needs the next thing that you would think about is what kind of cluster do i plan for right do i need to have a centralized cluster or do i need to have a decentralized cluster basically okay so what do you want mean by so you need to have an understanding about centralized and a decentralized cluster right so what is a centralized cluster centralized cluster is for example let's say a customer has a expressway deployed in a headquarter and then it has offices in emea and apac and then the devices will register over the van to this expressway but that's not the right solution because the customer doesn't have the enough van bandwidth right he will not be able to register those devices i mean he will not be able to get that better experience right because it doesn't have a van bandwidth so what is uh then the feasible solution because centralized cluster is not a feasible solution the next thing is what you will do is you will have a decentralized cluster so what is a decentralized cluster so decentralized cluster is like each location will have its own expressway c you know and the devices will register uh locally on this expressways okay so 50 devices on each location will register to their respective expressways okay expressway c of course of course you can register the device on expressway e as well uh when you have the device on the public internet that's also possible nowadays okay so yeah that's the decentralized cluster that looks better so that devices can register and then a lot of calls will go through uh because 70 of the calls is happening between the devices and just five percent of the calls is b2b that's also fine that's on the internet and then 25 percent of the calls is between the cluster okay so that's also okay that's not a problem so the decentralized cluster is another solution to the customer next thing that we are going to discuss about is the customer firewall how is the customer firewall deployed so what kind of firewall does a customer have just the customer has a single subnet dmz that means your expressway has the same ip address in the same subnet which the firewall a and firewall b are configured you know uh that's the kind of a scenario but uh i will not go much into the details about these firewalls uh and again i have been i will be discussing this in my my training if you guys wish to understand in depth about this expressway functionality with the firewalls okay so um yeah that's what the training is made for right so you need to understand what kind of firewall does a customer have does the customer have a firewall with just one uh uh lan firewall dmz using expressway lan one interface so for example expressway just has lan one one nic a single link deployment right and then or the customer wants to have a dual link deployment with the different subnets so in this case what happens is that this is the public firewall that a customer has and then you have an expressway e and then expressve has two interfaces one on the public dmz i mean to the firewall and one connecting to the internal firewall and these two subnets are in are two different subnets and this is where the routing from one subnet to the other subnet is done by the expressway and this is why the expressway is being used right for the traversal for the netting and for the uh traversal and for manipulating the ip headers right so you need to uh understand the deployment of the firewall from the customer end all right and then the next thing which is very important is is the vmware placement allowed in the dmz by the customer is the customer allowed to place the dmz in the firewall or not okay that's the another important question that you need to ask because if not then you need to consider another kind of um a server that's an appliance that that's available from uh cisco that's the expressway appliance 1100 and 40 1200 appliance that's available from cisco so that you could just keep that appliance uh it's it's a kind of standalone hardware which you can keep in the mz if the customer doesn't wish to keep the vmware virtual machines in the firewall okay so once you understand the complete requirement then you will understand which server would you choose and then which version of expressway would be installed and then each location expressway server should be able to handle 50 calls and then each location should have a high availability feature i can discount this for now and then each location should be able to handle approximately 350 jabber proxy registration and in turn 350 mr recalls right so 50 device registration 350 proxy registration 350 mra calls plus 50 calls from the uvcs so what kind of server would you choose right that's the question comes in so what you do next is that you go to the expressway scalability information and understand what kind of registration is possible and then what kind of calls are possible how many calls can be handled by this particular expressway and and then probably choose the servers right for example the medium ova or virtual machine can handle 2500 registrations and it can handle 100 video calls and then it can handle 200 audio only calls so i think depending on this table you could easily say okay the medium ova should be fine for the customer if the customer is okay to place the virtual machine in the dmz right and based on this we will say okay one we will we will need is one medium sized expressway c and one medium sized expressway e at each location to handle the scenarios that has been uh told by the customer okay and then how do you choose uh go ahead with the creation of the bom or something what you would do is go to this page that's the cisco expressway virtualization okay let me show you this page okay so this is the virtualization for cisco expressway um link and i will send this link into the chat as well and here you will see that for version 12.5 um if you want to have a medium ova then you need to have uh two virtual cpus six gigabyte of virtual ram and 132 gigs of virtual disk and two nics you know and then what kind of hardware is supported so for example if you want to buy a cisco hardware or ucs uh chassis so what is supported so we need to purchase be7000 m5 hardware okay so this is how you go ahead with selecting the the hardware all right so i hope uh you guys can now um understand how you go ahead with selecting the devices and the hardware and you get some more information how to go ahead and then based on this selection what you could design is something like this okay so this is uh still not the 100 percent correct design because i'm not considering here dns or firewall or something but you could then create the a perfect design for the customer and go back to the customer and say okay this is what you need you know with the dns server srv records ports and everything with the hardware information and everything and then the customer would be able to say okay i would need maybe some time for the preparation and then we can go ahead and start with the uh configuration and preparation okay all right so this was it for today i'm sorry for some troubles that has happened today and yeah i believe next time we will be having a good conversation and maybe a little bit more interaction you know because here it's just one way it's a monologue and it's not helping you guys i believe but it's still i hope i have provided a lot of information to you guys and do provide the answer to the giveaway question and get the access to my lab and in case you want to have rack access for practicing and getting confident with the cisco collaboration day-to-day support i have been building modular questions so that you guys can do troubleshooting also i have a troubleshooting labs as well for you guys so that you can practice a lot of things there and gain a lot of confidence right in case you need some more information do not forget to come back to me on my facebook page or train collab or maybe send the information in the page and then you can get some information about that and in case you have any questions about today's session and in case you would like to provide some feedback how was the session it i would be more than happy so not only positive i'm i'm ready to get some yeah non-positive feedbacks as well because that makes me understand where i am am i providing the right information to do to you guys or am i missing something of course the technical internet connection things or going live via youtube was not a feasible solution but uh yeah i hope you guys uh have good information today and you would be able to use them in your day-to-day uh cisco collaboration support uh or other things and understand a lot of other things you know and uh yeah i think uh that was it for today and take care guys and yeah keep working and keep learning and keep sharing that is that's it all right thank you bye you
Info
Channel: TrainCollab
Views: 5,589
Rating: undefined out of 5
Keywords: Basics, Introduction, CiscoExpressway, Learn, UnfiedCommunication, Collaboration, Jabber, MobileAndRemoteAccess, B2B, BusinessToBusinessCalls, TraversalCalls, NAT, TrainCollab
Id: OYWPDtww9BQ
Channel Id: undefined
Length: 110min 53sec (6653 seconds)
Published: Sat Jul 25 2020
Related Videos
INE Live Webinar: Cisco Expressway Mobile and Remote Access MRA
INEtraining
9.9K
Getting Started with Cisco's CSR 1000v Router
Kevin Wallace Training, LLC
33K
Microsoft Azure based SAML SSO configuration for Cisco Unified Communications Manager(CUCM)
TrainCollab
2.4K
How To Speak by Patrick Winston
MIT OpenCourseWare
5.1M
WEBINAR REPLAY - Cisco Unified Communications Manager (CUCM)
Kevin Wallace Training, LLC
90K
Cisco Expressway Certificates
Anson Garcia
3K
CLCOR (350-801) Topic 1.1.a: Licensing (Smart, Flex)
Kevin Wallace Training, LLC
5.2K
Special Lecture: F-22 Flight Controls
MIT OpenCourseWare
2.2M
Managing Unity Connection Users
Sunset Learning Institute
2.2K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.