Cisco Video Solution Lab Guide.pdf | Session Initiation Protocol | Domain Name System

Cisco Video Solution Lab

Lab Gu|de Vers|on 2.0










Brought to you by the US Channels Tech Operations

Zeecil M. Kimmel
zekimmel@cisco.com

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 2 of S2



1able of ConLenLs
Video Lab General Information: .................................................................................................................... 3
ulsclalmer .................................................................................................................................................................. 4
Task 1: Accessing The Lab Equipment ....................................................................................................... 4
Task 2: Configuring VCS-C (Video Communication Server - Control) ........................................... 6
Task 3: Configuring VCS-E (Video Communication Server - Expressway) ................................ 20
Task 4: Configuring Business to Business Calling ................................................................................ 26
Task 5: Cisco Telepresence Multipoint Control Unit (MCU) 5310 ................................................... 30
Task 6: TMS ........................................................................................................................................................ 33
Task 7: Internetworking between CUCM and VCS-C .......................................................................... 44
Appendix: ............................................................................................................................................................ 31


Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 3 of S2

Video Lab General Information:
Prerequisite Knowledge
This lab is designed to help partners understand Cisco’s video strategy. There is a central instructor
pod that contains a DNS and LDAP server as well as a MCU 5320, VCS-C and VCSE. Each student
will receive a pod that contains a SX-20, a MCU 5310 and VM images of a Windows 7 workstation
with Cisco Jabber Video for Telepresence (Movi) and Jabber CUCM clients as well as VCS-C, VCS-E,
TMS, CUCM, and an IMP server. Two pods also have a 9951.
Students should have installed the Cisco AnyConnect client on their laptops as well as the Cisco
Jabber Video for Telepresence (Movi) Client.




Instructor Pod – Centralvideo.lab
AD Server (also the NTP server) – ad.centralvideo.lab – 10.10.200.7
DNS server – dns.centralvideo.lab 10.10.200.30
NTP Server – 10.10.200.7

Student Pod – PodX – where X=pod number assigned by instructor 2-9
CUCM – cucm.podx.lab 10.10.x.2 appadmin/Cisc0123
Cisco IM & Presence – imp.podx.lab administrator/Cisc0123
Vcsc – vcsc.podx.lab 10.10.x.5 admin/TANDBERG
Vcse – vcse.podx.lab 10.10.x.6 admin/TANDBERG
Tms – tms.podx.lab 10.10.x.7 DHCP server resides on this device. administrator/Cisc0123
Mcu – mcu.podx.lab 10.10.x.9 admin/no password
Sx20 – sx20@pod1.lab 10.10.x.41 admin/no password
VideoCentral.lab
10.10.200.x
pod1.lab
Remote Student
AD/TMS/NTP
10.10.200.7
workstation
10.10.200.101
cucm
IP .2
imp
IP .3
vcsc
IP .5
vcse
IP .6
tms (DHCP)
IP .7
workstation
IP .101
10.10.1.X
!"#$%"$#
Student
Computer
SRE Video Lab ASA
DNS
10.10.200.30
Student Computer
* AnyConnect
* Telepresence for Jabber (Movi)
* Browser (optional)
mcu
IP .9
pod2.lab
cucm
IP .2
imp
IP .3
vcsc
IP .5
vcse
IP .6
tms (DHCP)
IP .7
workstation
IP .101
10.10.2.X
mcu
IP .9
pod9.lab
cucm
IP .2
imp
IP .3
vcsc
IP .5
vcse
IP .6
tms (DHCP)
IP .7
workstation
IP .101
10.10.9.X
mcu
IP .9
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 4 of S2

Student workstation - 10.10.x.101 admin/Cisc0123
!"#$%&"'()

This exercise is intended to demonstrate one way to configure a video solution, to meet
the specific requirements for podx.lab. There are various ways that this can be
accomplished, depending on the situation and the customer’s goals/requirements.
Please ensure that you consult all official Cisco documentation before proceeding with a
design or installation. This lab is primarily intended to be a learning tool and may not
necessarily follow best practice recommendations at all times in order to convey specific
information.
In addition, lab tasks are ordered in a logical, but not necessarily recommended, order.
Please use the latest installation and configuration guides on CCO and follow best
practices to properly configure all the hardware and software used in this lab.


This is an involved lab with many servers and devices interacting with each other.
It is strongly suggested you carve out a dedicated, undisturbed three to four hour
window when attempting this lab.
Task 1: Accessing The Lab Equipment

Complete this lab exercise to get connectivity to the lab.
For the best class experience, do both of these exercises one at a time connecting to the lab both
through an AnyConnect VPN (for Movi and local browser use) and using a web browser to access
VNC to the student workstation for your pod.











Cisco AnyConnect Pre-Installed Install and Connect with Cisco
AnyConnect SSL VPN Client

The ASA might require an upgrade of
the AnyConnect client on the student
computer if an older version is in use.


In th|s sect|on students w||| use the AnyConnect c||ent
|nsta||ed on the|r computer to connect to the |ab. Cnce
students are connected |n w|th th|s c||ent they can kDÞ
and use the|r |oca| browser to access a|| |nterna| |ab
addresses. NC1L: DNS does not work for access|ng |ab
equ|pment us|ng th|s method. Use the IÞ address of the
dev|ces.
Students w||| access the ASA through a browser to
access a VNC connect|on to the |ab workstat|on. 1h|s
|s needed to use the Mov| c||ent on the |nterna|
workstat|on. kDÞ w||| not work w|th Mov|. Note: |f
you use the |nterna| workstat|on browser to conf|gure
the |ab pods (as I d|d for th|s |ab gu|de) you can use
DNS and the server names.
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage S of S2

Step 1 Open Cisco AnyConnect VPN client

Step 2 Enter https:]]sre-co||ab02.c|sco.com]v|deo into
the Cisco AnyConnect client
(128.107.94.34/video)

Step 3 Click Connect



Step 4 Enter the lab User Name & Password
(username = sre-video) the password will
be assigned by the instructor at the start of
the lab



Step 5 Click OK, to login

Step 6 Click Accept, on the connection banner










Step 7 Continue to side B









Step 8 Open a web browser and connect to
https:]]sre-co||ab02.c|sco.com]v|deo-bookmark
(128.107.94.34/video-bookmark)
Step 9 Click Continue or Proceed
Anyway, on security certificate error on the
browser

Step 10 At the SSL VPN Portal, enter the
username (sre-video-bookmark) and
password assigned by the instructor at the
start of the lab.

Step 11 Click Login


Step 12 Click Continue, on the welcome
banner

Step 13 Click on the workstationX, link in
the right hand side window. (where x is
your pod number)




Step 14 You should be automatically
connected with workstation for your pod.
Login to the workstation with the password
Cisc0123

Step 15 Continue to Task 2

Step 16 Step 17
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 6 of S2


Note: Students who do not have the AnyConnect client installed can connect to the ASA
through a web browser (similar to the steps on the right) and install the client. Use the
URL https:]]128.107.94.34]v|deo username sre-video
Task 2: Configuring VCS-C (Video Communication
Server - Control)


In this section you will be configuring a VCS-C with the required provisioning to
make video calls between video end points. The VCS-C .ova has been created, the
.iso has been installed with the OS and the system has an IP address and is
licensed. All the rest of the configuration is default.

Step 18 Connect to the VCS-C https://vcsc.podx.lab (where X is your pod number 2-
9) through a browser (either directly from your desktop and use 10.10.x.5 or from the
student workstation and there you can use the servername). (Ignore any security warnings
and proceed to the website.)



Step 19 Click on Administrator Login. Username and password are the default: admin,
TANDBERG

NOTE: Use the Shift key to capitalize the word TANDBERG. The Caps lock does not work.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 7 of S2



Step 20 Set the system name. Go to System ! System and enter system name
vcsc.podx.lab where x is your pod number (2-9). Scroll to the bottom of the screen and
click save.



Step 21 Set the DNS information System ! DNS.
Local host: vcsc
Domain name: podx.lab (where x is your pod number)
Address 1: 10.10.200.30
Scroll to the bottom of the screen and Click save.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 8 of S2



Step 22 Set the System Time for NTP. System ! Time
NTP server 1 ! Address: 10.10.200.7
Time Zone: US/Eastern. Scroll to the bottom of the screen and Click Save. Scroll to the
bottom of the screen to see a State of Synchronized.

NOTE: It may take some time to see the timeserver synchronize. You can wait or just
move on.



Step 23 Configure the SIP Domain. Go to VCS Configuration ! Protocols ! SIP !
Domains ! New. Name: podx.lab (Where x is your pod number) click Create Domain

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 9 of S2



Authentication for this network will be a common LDAP server. By using LDAP we
avoid configuring users for every server. One LDAP server has been created in the
instructor pod. Every student will access this LDAP server (Microsoft AD server in
this case) and for the purpose of the lab will have common users.

Step 24 Configure the VCSC for LDAP Authentication Maintenance ! Login accounts !
LDAP configuration

Server Address: ad.centralvideo.lab
VCS Bind DN: cn=administrator, cn=users,dc=centralvideo,dc=lab
VCS Bind Password: Cisc0123
SASL: None
Base DN for accounts: cn=users,dc=centralvideo,dc=lab
Scroll down and Click Save. A State of Available will appear if the LDAP was configured correctly.



Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 10 of S2


We have now configured a very basic VCSC that allows automatic registration of
some devices. To test our configuration we are going to configure the SX20 to
register to the VCSC. The SX20 has received an IP address from the DHCP server in
each pod residing on the same Windows 2008 server as the TMS. The SX might
have an address of .40 or .41 depending on if there is an IP phone in the pod that
received an IP address from the DHCP server as well.


Step 25 Use a browser to connect to the SX20 at its IP address. The address will be either
10.10.x.40 OR 10.10.x.41 (where x is your pod number). Login as admin no password. The
information on the screen shows that the SX20 is not registered or configured.

NOTE: If there is information configured in the SX20 from a different partner
please take a moment to reset to factory default. (Step 114) Go to 10.10.x.40 or
41. Click on Maintenance ! Factory Reset. Check I want to reset to factory and
click Perform a factory reset. Reset takes about one minute.

Step 26 Configure DNS: Go to Configuration ! Advanced Configuration! Network 1

DNS Domain Name: podx.lab (where x is your pod number) click ok
DNS Server 1 Address: 10.10.200.30 click ok



Step 27 Configure the SIP Profile 1: Go to (Configuration ! Advanced
Configuration!) SIP Profile 1.

Display Name: SX20 click ok
URI 1: sx20@podx.lab (Where x is the pod number) click ok
LoginName: Ldapuser click ok
Password: Cisc0123 click ok
Proxy 1 Address: vcsc.podx.lab (Where x is the pod number) click ok


Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 11 of S2


Step 28 Verify registration on the SX20. Go to Diagnostics ! System Information. You
will see the SX20 is showing registered with the correct IP address of the VCSC



Step 29 Verify registration on the VCSC. Go back to the vcsc – from any browser go to
vcsc.podx.lab. (or 10.10.x.5 from your personal workstation browser {where x is your pod
number}) Go to Status ! Registrations ! By Device. The sx20 shows up registered.
You can click on the registered SX20 to view more information.
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 12 of S2





Now we are going to register the Movi client. This client requires an account (some
may use LDAP but that requires an H350 schema extension) so we are going to
create an account and also make changes to the authentication for the defaultZone
to authenticate the Movi client.
Each pod needs a minimum of 2 devices registered to the VCSC. The SX20 will be
one that students can use (the more the merrier) The second device can be any
combination of the Movi client on the student workstation in the pod using VNC
and/or a Movi client on the student’s own workstation using the AnyConnect client.


Step 30 Create an account for the Movi client(s). Go to Applications ! FindMe !
Configuration and set FindMe mode to On. Click Save.



Step 31 Configure the Cluster Name. Go to VCS Configuration ! Clustering and click
New. Set the Cluster name: vcsc.podx.lab. (0r 10.10.x.5 - where x is your pod number)
Click Save. Click OK for the cluster warning.



Step 32 Go to Maintenance ! Login accounts ! User accounts and create a new
account.
Username: moviuser
Display name: moviuser@podx.lab (where x is your pod number)
FindMe ID: moviuser
Principal device address: moviuser@podx.lab (where x is your pod number)
Initial Password: Cisc0123
Confirm password: Cisc0123
Click Save to save the configuration

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 13 of S2


Step 33 Repeat step 32 to create other users named moviuser1 and moviuser2. Use 1 or 2
for all the fields to reflect the user you are creating.

Step 34 Go to VCS Configuration ! Authentication ! Devices ! Local database and
click New

Step 35 Create three new users. moviuser, moviuser1 and moviuser2. Give them the
password of Cisc0123. Click Create credentials to save the user information



The Movi client requires authentication of the username so we are going to have
the check credentials enabled on the default zone.

Step 36 Specifying Authentication for the Movi client registration. Go to VCS
configuration ! Zones ! Zones and open the DefaultZone.



Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 14 of S2



Step 37 Click on the DefaultZone and change Authentication Policy to Check
Credentials. Save. If this does not work us Treat as Authenticated.



The Movi client on the student vm workstation in the lab has no camera capabilities
but both the SX20 and the local Movi client on the student’s pc can share video.

Step 38 Go to the Movi client and click on the Settings button (right above the Sign in it
looks like a wrench). Click Sign in Settings.


Step 39 Set the Internal Server to vcsc.podx.lab (Where x is your pod number). If you are
using Movi on your local workstation connected through AnyConnect make sure you use the
server address 10.10.x.5

Step 40 Set the SIP Domain to podx.lab (where x is your pod number) click ok.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 1S of S2

Step 41 Sign in to the movi client on the student workstation as well as your local computer.
(Username moviuser, moviuser1 and moviuser2. Password Cisc0123) Calls can be made
between the SX20 and the movi client(s). When calling from the SX20 change the protocol
to SIP rather than the default H.323. You can see the call present on the SX20 by going to
the browser 10.10.x.40 or 10.10.x.41. Go to Call Control and scroll to the bottom of the
page. You will see the call presented there and you can answer. OPTIONAL: You can also
move the Camera around with the Camera Control button.



Step 42 OPTIONAL: You can set the SX20 to Auto Answer. Go to Configuration !
Advanced Configuration ! Conference 1 ! Auto Answer
Set Mode to On

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 16 of S2




Now we are going to implement some best practices as described in the Config
guide to ensure proper routing of calls originating from H323 and SIP endpoints to
both destination types.
First we are going to configure a Transform Rule that appends the domain name to
the called address – in our lab adding podx.lab to any inbound call to standardize
for both SIP and H.323.

Step 43 Configure a Transform Rule. Go to VCS Configuration ! Dial plan !
Transforms Click New

Priority: 1
Description: Add domain information to incoming calls
Pattern type: Regex
Pattern string: ([^@]*)
Pattern behavior: Replace
Replace string: \1@podx.lab (where x is your pod number)
State: Enabled
Click Create Transform

Translation: When the VCS-C encounters a string of numbers it will search for a @ sign. Any
numbers that have an @ sign do not have to be normalized and will be ignored. Any string that
does not have an @ sign it will append the podx.lab to that string.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 17 of S2



Next we are going to configure search rules. These two search rules will replace
the default search rule and will be used to find destination endpoints H.323 and
SIP that may or may not have the domain portion of the URI identified.


Step 44 Delete the default search rule. Go to VCS configuration ! Dial plan ! Search
rules check the box next to the LocalZoneMatch rule and hit Delete. Click Yes to confirm
deletion of the search rule.




This search rule will search for devices that have no domains and will strip the
domain information from incoming calls to match devices that have no domain. The
priority of this rule is 48 – the highest priority is 1.


Step 45 Create a new search rule. Go to VCS configuration ! Dial plan ! Search
rules click New.

Rule Name: Local Zone – No Domain
Description: Search for devices that have no domain (strip the domain)
Priority: 48
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Alias pattern match
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 18 of S2

Pattern Type: Regex
Pattern String: (.+)@podx.lab (where x is your pod number)
Pattern behavior: Replace
Replace String: \1
On successful match: Continue
Target: Local Zone
State: Enabled
Click Create search rule




This search rule will search for devices that have domains and will leave the
domain information obtained Search from incoming calls. The priority of this rule is
50 – the lowest priority is 1.


Step 46 Create a new search rule. Go to VCS configuration ! Dial plan ! Search
rules click New.

Rule Name: Local Zone – Full URI
Description: Search for devices that have a domain (leave the domain)
Priority: 50
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Alias pattern match
Pattern Type: Regex
Pattern String: (.+)@podx.lab (where x is your pod number)
Pattern behavior: Leave
On successful match: Continue
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 19 of S2

Target: Local Zone
State: Enabled
Click Create search rule



The VCS-C clients can take advantage of presence capabilities within the VCS-C.
Now we are going to enable presence for the VCS-C.

Step 47 Enable Presence for the VCS-C clients. Go to Applications ! Presence !
SIP SIMPLE Presence Server to On
SIP SIMPLE Presence User Agent to On
Click Save

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 20 of S2


Task 3: Configuring VCS-E (Video Communication
Server - Expressway)


In this section you will be configuring a VCS-E with the required provisioning to
make video calls between video end points and the VCS-C. The VCS-E .ova has been
created, the .iso has been installed with the OS and the system has an IP address
and is licensed. All the rest of the configuration is default.
The first part of configuring the VCS-E will follow the VCSC configuration since the
VCS-E also allows end-point registration and video call control.
Connect to VCS-E https://vcse.podx.lab (where X is your pod number 2-9) through a
browser (either directly from your desktop 10.10.x. 6 or from the student workstation). Click on
Administrator Login. Username and password are the default: admin, TANDBERG.

NOTE: Use the Shift key to capitalize the word TANDBERG. The Caps lock does not work.

Step 48 Configure basic VCS-E configuration. Below I have repeated steps 20-23 in the
guide for you to perform on the VCS-E as you did on the VCS-C.

Set the system name. Go to System ! System and enter system name vcse.podx.lab where x is
your pod number (2-9). Scroll to the bottom of the screen and click save.

Set the DNS information System ! DNS.
Local host: vcse
Domain name: podx.lab (where x is your pod number)
Address 1: 10.10.200.30
Scroll to the bottom of the screen and Click save.

Set the System Time for NTP. System ! Time
NTP server 1 ! Address: 10.10.200.7
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 21 of S2

Time Zone: US/Eastern. Scroll to the bottom of the screen and Click Save. Scroll to the
bottom of the screen to see a State of Synchronized.

NOTE: It may take some time to see the timeserver synchronize. You can wait or just
move on.

Configure the SIP Domain. Go to VCS Configuration ! Protocols ! SIP ! Domains ! New.
Name: podx.lab (Where x is your pod number) click Create Domain

Step 49 Register the SX20 to the VCS-E. (Step 27) Configure the SIP Profile 1: Go to
(Configuration ! Advanced Configuration!) SIP Profile 1.

Display Name: SX20 click ok
URI 1: sx20@podx.lab (Where x is the pod number) click ok
LoginName: Ldapuser click ok
Password: Cisc0123 click ok
Proxy 1 Address: vcse.podx.lab (Where x is the pod number) click ok


Since the SX20 is registered to the VCS-E and the Movi devices are registered to
the VCS-C we cannot call between the devices. (You can verify this if you like or
take my word for it.)

OPTIONAL – To test call control between clients registered on the VCS-E you can register
one of the Movi clients to the VCSE-E.

Step 50 Register the Movi client to the VCS-E. Repeat steps 30-37 on the VCS-E to
create the user on the VCS-E.

NOTE: We do not normally create users on the VCS-E – that should be just a pass-
through registration from the user to the VCS-C. This is a lab only configuration for
testing this piece.


To allow traffic to flow between the VCS-C and VCS-E we need to configure
Traversal rules. The VCS-E will act as the Traversal Server and the VCS-C as the
Traversal Client.
First some housekeeping. We need to configure the default links for both the VCS-
C and the VCS-E.

Step 51 Connect to the VCS-C via SSH. Open any SSH client on your local pc and connect
to 10.10.X.5. Use admin/TANDBERG for authentication.

Notice the error messages regarding missing links (and passwords which in a regular
environment we would have changed.)

Step 52 Enter xcommand defaultlinksadd.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 22 of S2



Step 53 Repeat the process for the VCS-E using the IP address of 10.10.x.6.


Since we are registering devices to the VCS-E and making calls we need to
configure the exact Transform and Search rules that are on the VCSC on the VCSE.

Step 54 Create the Transform and Search rules on the VCS-E. Below I have repeated
the steps 43-47 that we did on the VCS-C to do the same on the VCS-E.

Configure a Transform Rule. Go to VCS Configuration ! Dial plan ! Transforms
Click New

Priority: 1
Description: Add domain information to incoming calls
Pattern type: Regex
Pattern string: ([^@]*)
Pattern behavior: Replace
Replace string: \1@podx.lab (where x is your pod number)
State: Enabled
Click Create Transform

Delete the default search rule. Go to VCS configuration ! Dial plan ! Search rules
check the box next to the LocalZoneMatch rule and hit Delete. Click Yes to confirm deletion
of the search rule.

Create a new search rule. Go to VCS configuration ! Dial plan ! Search rules click
New.

Rule Name: Local Zone – No Domain
Description: Search for devices that have no domain (strip the domain)
Priority: 48
Protocol: Any
Source: Any
Request must be authenticated: No
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 23 of S2

Mode: Alias pattern match
Pattern Type: Regex
Pattern String: (.+)@podx.lab (where x is your pod number)
Pattern behavior: Replace
Replace String: \1
On successful match: Continue
Target: Local Zone
State: Enabled
Click Create search rule

Create a new search rule. Go to VCS configuration ! Dial plan ! Search rules click
New.

Rule Name: Local Zone – Full URI
Description: Search for devices that have a domain (leave the domain)
Priority: 50
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Alias pattern match
Pattern Type: Regex
Pattern String: (.+)@podx.lab (where x is your pod number)
Pattern behavior: Leave
On successful match: Continue
Target: Local Zone
State: Enabled
Click Create search rule

Enable Presence for the VCS-C clients. Go to Applications ! Presence !
SIP SIMPLE Presence Server to On
SIP SIMPLE Presence User Agent to On
Click Save


We are now ready to create the traversal relationship between the VCS-C and VCS-
E. The VCS-E will be the Traversal Server while the VCS-C will act as the Traversal
Client. The Traversal relationship requires a common user between the VCS-C and
VCS-E so first we are going to add a user to the VCS-C and the VCS-E.

Step 55 Configure the VCS-E and VCS-C with a new Traversal user. On both the servers
go to VCS configuration ! Authentication ! Devices ! Local Database and Click
New.

Username: traversaladmin
Password: Cisc0123

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 24 of S2



Step 56 Configure the VCS-E with a Traversal Zone. Go to VCS configuration ! Zones
! Zones and Click New.

Name: Traversal Zone -Server
Type: Traversal Server
Hop Count: Leave default
Username: traversaladmin
H.323 Mode: On
Protocol: Assent
Port: 6001
H.460.19: Off
SIP Mode: On
Port: 7001
Leave everything else default and click Create Zone




Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 2S of S2


Step 57 Configure the VCS-C with a Traversal Zone. Go to VCS configuration ! Zones
! Zones and Click New.

Name: Traversal Zone -Client
Type: Traversal client
Hop Count: Leave default
Username: traversaladmin
Password: Cisc0123
H.323 Mode: On
Protocol: Assent
Port: 6001
SIP Mode: On
Port: 7001
Peer 1 address: (address of the VCSE) 10.10.x.6 (where x is your pod number)
Leave everything else default and click Create Zone





Once a relationship has been set up between the VCS-C and the VCS-E we are going
to create a search rule on to pass traffic that is not destined for the local server to
the other server.

Step 58 Create a new search rule on the VCSE. Go to VCS configuration ! Dial plan !
Search rules click New.

Rule Name: Traversal Zone Search Rule
Description: Send traffic to VCSC
Priority: 100
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Any alias
On successful match: Continue
Target: Traversal Zone - Server
State: Enabled
Click Create search rule

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 26 of S2



Step 59 Create a new search rule on the VCSC. Go to VCS configuration ! Dial plan !
Search rules click New.

Rule Name: Traversal Zone Search Rule
Description: Send traffic to VCSE
Priority: 100
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Any alias
On successful match: Continue
Target: Traversal Zone - Client
State: Enabled
Click Create search rule

Step 60 Test connectivity between the VCS-C and VCS-E by dialing clients registered to other
servers.
Task 4: Configuring Business to Business Calling


In order to route calls to other businesses (or in our case other pods) we will direct
the VCSE to send all traffic that does not match our local domain to a DNS zone.
First we have to create the DNS Zone.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 27 of S2

Step 61 Configure the VCS-E with a DNS Zone. Go to VCS configuration ! Zones !
Zones and Click New.

Name: DNS Zone
Type: DNS
Leave the rest default and click Create Zone






Next we will direct the VCSE to send all traffic that does not match our local
domain to the DNS zone with a search rule.

Step 62 Create a new search rule on the VCSE. Go to VCS configuration ! Dial plan !
Search rules click New.

Rule Name: DNS Search Rule
Description: Search DNS Zone for External dialing
Priority: 150
Protocol: Any
Source: AllZones
Request must be authenticated: No
Mode: Alias pattern match
Pattern type: Regex
Pattern string: ((?!.*@%localdomains%$).*)
Pattern behavior: Leave
On successful match: Continue
Target: DNS Zone
State: Enabled
(.*) = match all pattern strings, (?!.*@%localdomains%$) = do not match pattern in the
local domain
Click Create Search Rule
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 28 of S2




Step 63 Find another pod that is configured and test calls between the pods. (The instructor
pod is also configured so that is another option) If the test call does not work it’s a
configuration error and good luck finding it!! (regex expressions with one missing
parenthesis is hard to chase down.)



Now we are going to implement some best practices as described in the Config
guide. We don’t need this in the lab but in a real environment where we may have
call to unknown IP addresses –ones not defined in any of our Zones or subzones.
In that case we need to tell the VCS-C and VCS-E how to route those calls. The
VCS-C will direct the calls to the VCS-E. The VCS-E will route those calls to the
device directly.
Let’s start with the VCS-E since we need only configure the Dial plan to send calls
from unknown addresses directly to the device.

Step 64 Edit the Dial plan configuration for the VCS-E. Go to VCS Configuration !
Dial plan ! Configuration. Calls to unknown IP addresses: Direct. Click Save.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 29 of S2




Now set the VCS-C the dial plan to indirect and create a Search for unknown IP
addresses to go to the Traversal Zone (ie: The VCS-E.)
(Indirect is actually the default for the Dial Plan ! Configuration so you won’t
have to actually make any changes.)

Step 65 Edit the Dial plan configuration for the VCS-C. Go to VCS Configuration !
Dial plan ! Configuration. Calls to unknown IP address: Indirect. Click Save.


Step 66 Create a new search rule on the VCSC. Go to VCS configuration ! Dial plan !
Search rules click New.

Rule Name: External IP address Search Rule
Description: Route unknown IP addresses to VCS-E
Priority: 100
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Any IP address
On successful match: Continue
Target: Traversal Zone - Client
State: Enabled
Click Create search rule.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 30 of S2


Task 5: Cisco Telepresence Multipoint Control Unit
(MCU) 5310


The MCU is a hardware resource used for conference calls. The MCU can register to
the VCS-C or Communication Manager for use by endpoints. In this class since the
focus is on a video solution we are going to configure the MCU with all the basic
configurations and have it register to the VCS-C using a user from the LDAP
directory.

NOTE: IP addresses and default gateways have been pre-assigned to the MCU via a
console cable (and in this lab through a terminal server)
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 31 of S2

Step 67 Connect to the MCU 5310 for your pod @ 10.10.x.9 (from a browser on your local
workstation) or mcu.podx.lab. (where x is your pod number.)

Step 68 Click on Log in. Default username: admin/no password

Step 69 Configure the MCU with the proper time. Go to Status ! General. Under
System time click New time.



Step 70 Go to NTP. Click the check box to Enable NTP. Enter the NTP Host: 10.10.200.7
choose 5 for UTC offset and click Update NTP settings.



Step 71 Set DNS on the MCU. Go to Network ! DNS.
DNS configuration: Manual
Hostname: mcu
Name Server: 10.10.200.30
Domain Name: podx.lab (where x is your pod number)
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 32 of S2

Click Update DNS configuration




The MCUadmin user is one that was created on the LDAP server (which is
synchronized with the VCS-C!).

Step 72 Go to Settings ! SIP
SIP registar usage: Enabled
SIP registrar domain: podx.lab (where x is your pod number)
Username: MCUadmin
Password: Cisc0123
Allow numeric ID registration for conferences: check
SIP proxy address: 10.10.x.5 (where x is your pod number)
Outgoing transport: TCP
Click Apply Changes
The device should show Registered.



Step 73 Register the MCU to the VCS-C using H.323. Click on Settings !H.323
H.323 gatekeeper usage: Enabled
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 33 of S2

H.323 gatekeeper address: 10.10.x.5 (where x is your pod number)
Gatekeeper registration type: MCU (standard)
H.323 ID to register: MCUadmin
Use Password: Leave unchecked
The MCU should register to the VCS-C with H.323. See details at the bottom of the screen.


Because we are registering the MCU to a VCS we use the MCU standard option here.




Step 74 Create a conference on the MCU. Go to Conferences ! Add new Conference.

Name: Conference One
Numeric ID: 12345
Numeric ID registration: Check both H.323 gatekeeper and SIP registrar


With numeric ID registration you can dial your conference as 12345 from SIP and
H.323 devices.

You can check out and play with some of the other fields – adding a pin to the conference and
disconnecting participants or not when only guests remain. When you are done exploring click Add
conference.
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 34 of S2




Step 75 Call the conference from your endpoints. Dial 12345 and if you put a pin on the
conference you will also be prompted for a pin.

Step 76 OPTIONAL: Once the conference is active you can go into the active
conference and look at conference information. You can also choose to add a
participant and have the MCU dial out to one of your devices.



Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 3S of S2

Step 77 You can also add Endpoints (SIP and H.323) if you want to later add the same
devices to conferences.


Even though we successfully created a conference and were able to join with
multiple devices the method was not very elegant. The TMS introduces more
options to scheduling.

Task 6: TMS
NOTE: Please use Firefox for TMS configuration


The TMS is used for management, provisioning and phone books for the clients
registered to VCS-C. It can also discover clients registered to CUCM but cannot
manage them to the full extent.


For TMS to work with VCS-C we need to configure the VCS-C to be discovered by
TMS. (You can also configure the VCS-E if you would like)

Step 78 Configure SNMP on VCS-C. Browse to the VCS-C. Go to System ! SNMP. Set the
SNMP Mode to v3 plus TMS support, leave the rest default and click Save.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 36 of S2



Step 79 Configure the External Manager VCS-C. Go to System ! External Manager.
Address: tms.podx.lab (where x is your pod number)
Path: Leave default
Protocol: HTTP
Click Save. State should show as Active.


For CUCM to work with TMS we need to configure the CUCM with the appropriate
SNMP information. This allows the CUCM to be discovered by the TMS.

Step 80 Go to the CUCM Unified Serviceability Page. Open a browser to 10.10.x.2 (where
x is your pod number) click on Cisco Unified Communications Manager and in the
Navigation bar on the top right of the page choose: Cisco Unified Serviceability and click
Go.



Step 81 Login as appadmin/Cisc0123. Go to Snmp ! V1/V2 ! Community String. Click
on Find. No active query will be found so click on Add New.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 37 of S2



Step 82 Add a Community String Name: Public
Access Privileges: ReadOnly
Click Save and OK




For TMS to work with the MCU we need to configure the MCU with the appropriate
SNMP information. This will allow the MCU to be discovered by the TMS.

Step 83 Go to the MCU. Open a browser to 10.10.x.9 (where x is your pod number) click on
Network ! Services and scroll down to the bottom of the page. Check the box above
SNMP and click Apply changes.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 38 of S2





Now we are going to do basic configuration for the TMS similar to what we did for
the other products (DNS, Time etc.)

Step 84 Configure the TMS. Go to tms.podx.lab/tms (where x is your pod number.) Or
user the IP address 10.10.x.7/tms. Username/password is administrator/Cisc0123. A popup
comes up requesting some basic information for the administrator account. Fill out some of
the fields and click Update your personal information. (if you don’t do this it will keep
popping up.)

NOTE: if you do not put the /tms in the URL you will reach the IIS landing page.

Step 85 Go to Administrative Tools ! Configuration ! Network Settings and scroll
down to Active Directory.
GC server: ad.centralvideo.lab
AD Lookup Account - Username: administrator
AD Lookup Account – Domain: podx.lab
AD Lookup Account – Password: Cisc0123
Click Save and Test Connection. You should see a successfully connected message.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 39 of S2





Now we are going to do import three systems (CUCM, VCS, and MCU) to be
managed through TMS! First we need to enable CUCM for SNMP.


Step 86 Back to the TMS. Go to Systems ! Navigator Click on Discovered Settings and
click to Add Systems.




We are using a range here and that will find all our 3 systems. If we had enabled
SNMP on the VCSE we could add that system here as well.

Step 87 Enter the IP range of 10.10.x.2-10.10.x.9 (where x is your pod number) Click
Next.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 40 of S2




Step 88 Click on Add System Despite Warnings.



Step 89 Check the box next to the VCSC and MCU and click on Add Systems Despite
Warnings.


Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 41 of S2


Step 90 Click on Finish Adding Systems. Now you will see your three systems available for
management.



Step 91 A total of three systems will be found. CUCM, VCSC and MCU. Click on Edit Systems
for the CUCM.



Step 92 Correct Username: appadmin
Correct Password: Cisc0123
Save




The level of management available for the three servers we added are very
different. We are going to go a bit further with VCSC and the MCU here.

Step 93 Click on the VCSC. The Summary tab shows all the system warnings and the
Registrations tab shows registered devices.



Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 42 of S2


Step 94 Click on the MCU. Look at the Summary and Settings tabs.





Now let us create a conference using TMS. This is an easier method to conference
creation – we can add the MCU as a resource and also endpoints, which can either
dial into the conference or the conference can dial out to the endpoints.

Step 95 Go to Booking ! New Conference and Add Participants. Click on the MCU tab
and add the MCU to the conference.




Step 96 Click on the External tab – For Direction leave Dial In. Make sure to change the
Protocol to SIP. Choose a Qty of 3.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 43 of S2



Step 97 Continuing on the External tab – For Direction this is going to be Dial Out. Make
sure to change the Protocol to SIP. For the Number give the URI for the Movi client. Hit OK
this will take you back to the main conference screen.



Step 98 Change the conference start time to be past the current time. Notice all the options
that can be changed in the conference like email notification about the conference. Hit Save
Conference.



Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 44 of S2

Step 99 A screen will come up with the conference information. You can use the URI and dial
into the conference. Additionally if you set up the conference properly after a bit the movi
client should get a call from the conference.




Step 100 Finally go to List Conferences and see the newly created conference in more detail.
Click on the pull down menu and see you have the option to edit/copy the conference and
even to use the conference as a Template for future conferences.


Note: TMS has many more features and capabilities. Feel free to finish the rest of the lab
and come back to further explore TMS. Three commonly used capabilities are Phone
books, Provisioning and Exchange Outlook calendar integration. (The last two require
extensions to be installed and licensed.) Those other capabilities will hopefully be
featured in a future class.
Task 7: Internetworking between CUCM and VCS-C



Now we are going to configure the VCS-C and CUCM to be able to pass calls
Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 4S of S2

between them for organizational wide video dialing. This lab will require creation
of a SIP trunk between CUCM and the VCS-C as well as configuring dialing rules.


For this lab both the CUCM and the IM&P servers have been preconfigured for the
Jabber client and we will use that as our CUCM client to demonstrate successful
integration. For more information about configuring CUCM and IM&P for Jabber
take the Ultimate Jabber 9.X lab.


For Internetworking between CUCM and VCS-C we are going to create a dial plan
with extensions 1000-1999 belonging to the CUCM and 2100-2199 belonging to the
VCS environment. The Jabber clients have extensions of 1001 and 1002 we are
going to move the SX20 back to the VCS-C give it an extension of 2101 and also
create an MCU conference of 2121 and attempt to reach all end devices from all
other end devices no matter which service they are registered to.

Step 101 Open the Jabber CUCM for Windows client on the student workstation. Login
as jabberuser2/Cisc0123.


In addition to all the standard CUCM configuration for Jabber the CUCM has been
configured with a Cluster FQDN of podx.lab (where x is the pod number) AND the
Jabber client (CSF device) has been assigned a URI of 100y@podx.lab (where y is 1
or 2 for the jabberuser number and x is the assigned pod number)

Step 102 Give the SX20 a URI of 2101 and register it to the VCSC. Open a browser to
the SX20 (10.10.1.40 or 41) login as admin no password. Go to Configuration !
Advanced Configuration ! SIP Profile 1
URI 1: 2101@podx.lab (where x is your pod number) click ok
Proxy 1 Address: vcsc.podX.lab (where x is your pod number) click ok


Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 46 of S2



Step 103 Attempt a call between the SX20 or Movi client and the Jabber for Windows
client. Originate the call from the SX20 or Movi since Jabber does not have URI dialing
capabilities. Call 1001@podx.lab or 1002@podx.lab (where X is your pod number). This call
will fail.


Create the SIP trunk on the CUCM device to point to the VCSC.

Step 104 Create a SIP trunk on the CUCM. Open a browser to cucm.podx.lab or
10.10.x.2 where x is your pod number. Login as appadmin/Cisc0123 and Go to Devices
! Trunk and click Add New.
Trunk Type: SIP Trunk
Leave the rest default and click Next



Step 105 Device Name: SIP_Trunk_To_VCS-C
Device Pool: Default
Call Classification: On net
Destination Address: 10.10.x.5 (where x is your pod number)
Destination Port: 5060
SIP Trunk Security Profile: Non Secure SIP Trunk Profile
SIP Profile: Standard SIP Profile for Cisco VCS
Click Save and OK and Reset and OK.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 47 of S2



Here we create a route pattern on the CUCM to point all calls beginning with 21
that have four digits to the SIP trunk that terminates at the VCSC. XX should be
capitalized to signify any digit from 1-9 (two of them).
Step 106 Create a Route Pattern on the CUCM. Go to Call Routing ! Route Hunt !
Route Pattern and click Add New.

Route Pattern: 21XX
Description: Route to VCSC
Gateway/Route List: SIP_Trunk_to_VCSC
Leave the rest default and click Save, OK and OK


Now we need to do some work on the VCS-C to properly route calls received from
the CUCM and destined to the CUCM.
First we are going to configure a Transform rule to remove whatever domain is
received from CUCM and replace it with podx.lab

Step 107 Create a Transform rule on the VCS-C. Go to VCS Configuration ! Dial Plans
! Transforms and click New.
Priority: 10
Description: Replace CUCM domain with podx.lab (where x is your pod number)
Pattern Type: Regex
Pattern String: (.*)@.+
Pattern behavior: Replace
Replace String: \1@podx.lab (where x is your pod number)
State: Enabled
Click Create Transform

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 48 of S2



Now we are going to create a Zone for the CUCM device – the equivalent of the SIP
trunk we created on the CUCM. SIP Port and mode is very important and must
match what is configured in the CUCM. The default in CUCM is 5060 and TCP and
the VCS-C is defaulted to 5061 TLS so make sure to change it!

Step 108 Create a new Zone to the CUCM server. Go to VCS Configuration ! Zones !
Zones and click New.
Name: CUCM Zone
Type: Neighbor
H.323 Mode: Off
SIP Mode: On
SIP Port: 5060
Transport Mode: TCP
Peer 1 address: 10.10.x.2 (where x is your pod number)
Zone Profile: Cisco Unified Communications Manager
Leave the rest of the fields default and click Create Zone.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage 49 of S2




Now we are going to create Search rules to point any calls starting with 1 that has
3 additional digits to the CUCM Zone.

Step 109 Create a new search rule on the VCSC. Go to VCS configuration ! Dial plan !
Search rules click New.

Rule Name: Route calls to the CUCM
Description: Send 1XXX calls to CUCM
Priority: 100
Protocol: Any
Source: Any
Request must be authenticated: No
Mode: Alias pattern match
Pattern Type: Regex
Pattern String: (1\d{3})@podx.lab (where x is your pod number)
Pattern behavior: Leave
On successful match: Stop
Target: CUCM Zone
State: Enabled
Click Create search rule.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage S0 of S2


Step 110 Call between the SX20 and the Jabber client and back. At this point you will be
able to make calls from the VCS-C registered clients to the Jabber client @ 1001 or
1002.podx.lab. You can also call from Jabber to VCS-C but remember Jabber cannot do URI
dialing so you will want to dial only the 4 digit number of the device (2101 for the SX20)

Step 111 OPTIONAL: TEST YOUR KNOWLEDGE. Create a conference on the MCU give it
a numeric ID of 2121 – dial from ALL endpoints (Jabber CUCM, Jabber Movi and a
Movi client from another pod)

Step 112 CRITICAL STEP: Please please please reset the SX20 to factory default. Go
to 10.10.x.40 or 41. Click on Maintenance ! Factory Reset. Check I want to reset
to factory and click Perform a factory reset.


End Of Lab
This concludes the lab in behalf of US Channels Tech Operations we thank you for taking the time
to complete this lab. We hope that this lab surpassed your goals and expectation, and was a very
useful and positive learning experience for increasing your knowledge of Cisco Unified
Communications products.

Please don’t forget to complete the evaluation that will open in your browser immediately after you
close the training center WebEx session. Remember 5 is the correct number to express your
positive experience with this lab.

Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage S1 of S2


Thank you for taking our lab and as always thank you for using Cisco products.
Appendix:
Here is some additional information you might find useful.
This is the DNS record for pod1.lab: (Sample DNS used in the lab)


1hls ls Lhe Au server users lnformaLlon page:


Video Lab

Lab Culde verslon 2.1 ÞresenLed by uS Channels 1ech operaLlons Þage S2 of S2
















Sign up to vote on this title
UsefulNot useful

Master Your Semester with Scribd & The New York Times

Special offer for students: Only $4.99/month.

Master Your Semester with a Special Offer from Scribd & The New York Times

Cancel anytime.