Page 1
Cisco TelePresence Video Communication Server ADMINISTRATOR GUIDE Software version X5.1 November 2010 Overview and System Cisco VCS Zones and Clustering and Call Bandwidth Firewall Introduction Applications Maintenance Appendices status configuration configuration neighbors peers processing control traversal D14049.08 November 2010...
VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Introduction Supported browsers ..........15 Provisioning ..............29 The Cisco TelePresence Video Communication Server ....8 Page features and layout ........... 16 Warnings ................ 30 Overview ................8 Command line interface (CLI) ...........17 Hardware................ 30 Cisco VCS and the video communication network ....
Page 3
Using the Cisco VCS as a SIP registrar ....... 50 Attempts to register using an existing alias ....58 Configuring ENUM zones ..........71 Using the Cisco VCS as a SIP Presence Server ... 50 Blocking registrations ..........58 Configuring DNS zones .............71 Using the Cisco VCS as a SIP proxy server ....
Page 4
VCS and the Cisco AM GW ..........103 Maintaining a cluster ..........79 Zone searching and transform process ...... 88 Configuring the VCS to use the Cisco AM GW ... 103 Setting configuration for the cluster ..... 79 Pre-search transforms ............ 89 Usage features and limitations ........
Page 5
ADMINISTRATOR GUIDE ENUM dialing for outgoing calls ........111 Links .................. 122 Configuring the Cisco VCS as a traversal client ..... 135 Prerequisites ............111 Creating and editing links ..........122 Configuring the Cisco VCS as a traversal server ....136 Process ..............
Page 6
Accessing the root account over SSH and Telnet ..166 Recommendations when deploying FindMe ....146 Downgrade procedure ........... 156 Resetting passwords ............ 166 Enabling FindMe on the Cisco VCS .........147 Option keys ................ 157 System administration access..........167 Configuring FindMe ..........147 Adding option keys using the web interface ....
Page 7
LDAP configuration for device authentication ......197 CPL reference ..............180 About the LDAP databases ..........197 Overview of CPL on the Cisco VCS ......... 180 Downloading the H.350 schemas ........197 address-switch ............. 180 Microsoft Active Directory ..........197 address ..............
D IR E TANDBERG delivers the most comprehensive and reliable total solution of video FIREWALL TRAVERSAL products in the industry - including telepresence and high definition video, a full R O I S T IC portfolio of infrastructure products and MCUs, and the best video management...
NAT device. As well as all the functionality of same firewalls or NAT devices. a Cisco VCS Control, it also provides registration of traversal-enabled devices and can act as a standards-based TURN server.
Call Policy (also known as Administrator Policy) including support for CPL • QoS tagging • Can be managed with Cisco TelePresence Management Suite (Cisco TMS) 12.5 or later • Bandwidth management on both a per-call and a total usage basis, configurable separately for •...
E20 v2.1 or later can request to be provisioned.) All configuration and phone book information is managed in Cisco TMS, and distributed to the clients through the TMS Agent running on the VCS. The TMS Agent on the VCS also provides Cisco TMS with the provisioned client’s status.
(for example, Allow List patterns, search rules and so on) the create and modify behavior has been made consistent so that The Cisco TelePresence Advanced Media Gateway (Cisco AM GW) Zone configuration you are always returned to the summary list page after saving provides support for transcoding between standard codecs (such your changes.
Movi users, CRL checking for TLS connections to LDAP servers without the need for Cisco TMS. It supports device authentication Certificate revocation lists (CRLs) can be uploaded and used to and supplies phone book information to provisioned devices.
VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE How to use this Administrator Guide This Administrator Guide is provided to help you make the best use of your Cisco TelePresence Typographical conventions Video Communication Server. Most configuration tasks on the VCS can be performed by using either the web interface or a Your approach to this documentation depends on what you want to do and how much you already command line interface (CLI).
CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Web interface Installation and initial configuration Full installation and initial configuration instructions for the Cisco VCS are contained in the VCS Getting Started Guide [28}. Using the web interface To use the web interface: 1.
This icon appears on the top right corner information in ascending and descending order. of every page. Clicking on this icon takes you directly to the latest version of the Cisco VCS Select All and Unselect All Administrator Guide on our support web site.
Supported characters xFeedback These commands provide information about events as they happen, such as Full installation and initial configuration instructions for the Cisco The VCS supports the following characters when entering text in calls and registrations. VCS are contained in the VCS Getting Started Guide [28}.
Overview and status This section describes the information that appears on the Overview page and all the pages under the Status menu of the web interface. These pages provide information on the current status and configuration of the Cisco VCS. Overview and...
Overview page The Overview page summarizes the current configuration and status of your Cisco VCS. The Overview page opens automatically when you first log on to the web interface. You can also access it at any time by clicking on the Overview menu at the top left of any page.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE System information Ethernet status The System information page provides details of the software, hardware, and time settings of the The Ethernet status page provides details of the MAC address and Ethernet speed settings of the VCS.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE IP status Resource usage The IP status page provides details of the IP and DNS settings of the VCS. The Resource usage page provides statistics about the numbers of current and cumulative calls and registrations on the VCS.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Registrations by device Registrations by alias The Registrations by device page lists each device currently registered with the VCS, and allows The Registrations by alias page lists all the aliases, E.164 numbers and prefixes used by all you to remove a device's registration.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Registration history Registration details The Registration history page lists all the registrations that are no longer current. It lists the most The Registration details page shows full information about an individual device's registration. The recent historical registrations since the last restart, up to a maximum of 255.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Calls Call history Call summary The Call status page lists all the calls currently Disconnect The Call history page lists all the calls that are The Call summary page (Status > Calls > Calls...
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Searches Search history Search details About searches The Search history page lists the most recent 255 searches The Search details page (Status > Search history, then click that have taken place since the VCS was last restarted.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Local Zone Zones The Local Zone status page lists all the subzones that together make up the Local Zone. This will The Zone status page lists all the zones that are currently configured on your VCS, the number of always include the Default Subzone and the Traversal Subzone, plus any other subzones that have calls and amount of bandwidth being used by each, and their current status.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Links Pipes The Link status page lists all the links currently configured on your VCS, along with the number of The Pipe status page lists all the pipes currently configured on your VCS, along with the number of calls and the bandwidth being used by each link.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE TURN relays Presence The TURN relays page lists all the currently active TURN relays on the VCS. For each relay, it shows The Status > Applications > Presence menu has three sub-menus: the requesting client address and port and the corresponding VCS address and port.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE OCS Relay Provisioning The OCS Relay status page lists all the FindMe IDs being handled by the OCS Relay application, The Provisioning status page shows the status of the VCS's provisioning server.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Warnings Hardware The Warnings page provides a list of all the warnings currently in place on your system (and, where The Hardware page provides information about the physical status of your VCS unit.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log The Event Log is a list of all the events that have occurred on the system since the last upgrade. Event Log color coding The Event Log holds 2GB of data; when this size is reached, the oldest entries are overwritten.
Page 32
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log Event Log format Administrator and FindMe user sessions The Event Log is displayed in an extension of the UNIX syslog format: Administrator session related events are: date time process _ name: message _ details Admin Session Start •...
Page 33
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log The first name element within the message _ details field is Message details field In addition to the events described below, a always Event and the last name element is always Level.
Page 34
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log Events and levels Event Description Level Admin Session Finish An administrator has logged off the system. Admin Session Login Failure An unsuccessful attempt has been made to log in as an administrator. This could be because an incorrect username or password (or both) was entered.
Page 35
FindMe user accounts have been migrated across clusters. The Detail event parameter provides additional details. Hardware Failure There is an issue with the VCS hardware. If the problem persists, contact your Cisco support representative. License Limit Reached Licensing limits for a given feature have been reached. The Detail event parameter specifies the facility/limits concerned. Possible values for the detail field are: •...
Page 36
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log Event Description Level Message Rejected This could be for one of two reasons: • The VCS Authentication mode is set to On, and an endpoint has unsuccessfully attempted to send a message (such as a registration request) to the VCS.
Page 37
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log Event Description Level Relay Expired A TURN server relay has expired. Request Failed A request sent to the Conference Factory has failed. Request Received A call-related SIP request has been received.
Page 38
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Event Log Event Description Level System Restore error An error occurred while attempting a system restore. System restore started The system restore process has started. System Shutdown The operating system was shutdown.
Grey Headline (continued) Status CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuration Log The Configuration Log is a list of all changes to the VCS configuration made using the web or Configuration Log events command line interface. Changes to the VCS configuration made by administrators using the web interface have an Event The Configuration Log visible using the web interface holds a maximum of 4MB of data;...
Page 40
This section describes all the options that appear under the System Configuration menu of the web interface. These options enable you to configure the Cisco VCS in relation to the network in which it is located, for example its IP settings and the external services used by the Cisco VCS (e.g.
(so that you can identify it when it is in a rack with other systems). The system name is also used by Cisco If you have the Dual Network Interfaces option key installed, you By default, access via HTTPS and SSH is enabled;...
Contact your communicates with other systems via either You can configure routes for up to 50 networks Expressway's public IP address - this is the Cisco representative for information. protocol. and host combinations. IP address of the outside of the NAT.
Grey Headline (continued) System configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Quality of Service (QoS) The Quality of Service (QoS) page lets you configure QoS options The DNS page lets you configure the VCS's DNS servers and DNS About DNS settings for outbound traffic from the VCS.
Name has also been configured) of the NTP server to be used when synchronizing system time. • The NTP server field defaults to one of four NTP servers provided by Cisco, either: 0.ntp.tandberg.com, 1.ntp.tandberg. com, 2.ntp.tandberg.com or 3.ntp.tandberg.com. • The connection status to the NTP server is shown in the Status area.
If you are using Cisco TMS as your external manager, use the default path of tms/public/external/management/SystemManagementService.asmx. To allow the VCS to be monitored by an SNMP NMS (including Cisco TMS), you must Enable SNMP on the VCS and provide the name of the SNMP community within which it resides. You...
Grey Headline (continued) System configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Logging Overview Setting the Event Log level The VCS provides an Event Logging facility for troubleshooting and auditing purposes. The Event Log You can control which events are logged by the VCS by setting the log level. All events with a level records information about such things as calls, registrations, and messages sent and received.
Page 47
This section provides information on the pages that appear under the Protocols, Registrations and Authentication sub-menus of the VCS Configuration menu. These pages allow you to configure the functionality of the Cisco VCS in each of these areas. This section includes the following information: •...
Gatekeeper Discovery Request, to which eligible VCSs will respond. Using the Cisco VCS as an H.323 gatekeeper • If the mode is set to manual, you must specify the IP address of the VCS with which you wish your endpoint to register, and the endpoint will attempt to register with that VCS only.
Grey Headline (continued) H.323 CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring H.323 The H.323 page allows you to enable and disable H.323 system- Registration conflict mode Auto discover wide on the VCS, and configure H.323-specific ports and settings. An H.323 endpoint may attempt to register with the VCS using an The VCS has an Auto discover setting which determines whether To go to the H.323 page:...
ADMINISTRATOR GUIDE SIP overview About SIP on the Cisco VCS Using the Cisco VCS as a SIP proxy server Proxying registration requests The VCS supports the SIP protocol. It can act as a: The VCS can act as a SIP proxy server when SIP mode is If the VCS has no SIP domains configured, or it receives a enabled.
Grey Headline (continued) CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring SIP SIP domains The SIP page is used to enable and disable SIP system-wide on SIP protocols and ports The Domains page lists the SIP domains for which the VCS the VCS, and to configure SIP-specific ports and settings.
Grey Headline (continued) Interworking CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Configuring interworking The VCS is able to act as a gateway between SIP and H.323, translating calls from one protocol to The Interworking page is used to configure whether or not the VCS acts as a gateway between SIP the other.
It is possible to use both mechanisms together. For example, the endpoint’s position in relation to the firewall The Cisco TelePresence MPS 200 and MPS 800, and the you can use authentication to verify an endpoint’s identity from a •...
VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Registration overview Finding a Cisco VCS with which to register H.323 There are two ways an H.323 endpoint can locate a VCS with which to register: manually or Before an endpoint can register with a VCS, it must determine which VCS it can or should be automatically.
In order to authenticate successfully, the endpoint must supply the VCS with a username. To go to the Device authentication configuration page: For Cisco endpoints using H.323, the username is the endpoint’s Authentication ID; for Cisco • VCS configuration > Authentication > Devices > Configuration endpoints using SIP it is the endpoint’s Authentication username.
Grey Headline (continued) Registration control CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Device authentication using LDAP Overview LDAP server Alias origin The IP address or FQDN (or server address, if a DNS Domain This setting determines the aliases with which the endpoint will If the VCS is using an LDAP server for authentication, the process Name has also been configured) of the LDAP server.
Grey Headline (continued) Registration control CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Authentication using a local database Authenticating with external systems Overview Outbound connection credentials The local authentication database is included as part of your VCS system. The database can hold The Outbound connection credentials page is used to configure a username and password that up to 2,500 entries, each consisting of a name and password.
Grey Headline (continued) Registration control CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Registering aliases About alias registration Attempts to register using an existing alias After the authentication process (if required) has been An endpoint may attempt to register with the VCS using an alias that is already registered to the system. How this is managed completed, the endpoint will then attempt to register its alias(es) depends on how the VCS is configured and whether the endpoint is SIP or H.323.
Grey Headline (continued) Registration control CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Allow and Deny Lists About Allow and Deny Lists Activating use of Allow or Deny Lists Removing existing registrations When an endpoint attempts to register with the VCS it presents...
Grey Headline (continued) Registration control CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Allow and Deny Lists Using the Allow and Deny Lists Managing entries in the Allow and Deny Lists The Registration Allow List and Registration Deny List pages both work in the same way:...
Grey Headline (continued) CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones and neighbors This section begins with an overview of all the different types of subzones and zones and how these fit into the overall structure of your video communication network.
About your video communications network The most basic implementation of a video VCS CONTROL communications network is a single Cisco VCS connected to the internet with one or more endpoints registered to it. However, depending on the size and complexity of your enterprise...
Grey Headline (continued) Local Zone and subzones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Configuring the Local Zone and its subzones The collection of all endpoints, gateways, MCUs and Content Bandwidth management Local Zone searches Servers registered with the VCS make up its Local Zone.
Grey Headline (continued) Local Zone and subzones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Traversal Subzone The Traversal Subzone is a conceptual subzone; no endpoints can be registered to it, but all Configuring the Traversal Subzone ports traversal calls (calls for which the VCS takes the media in addition to the signaling) pass through it.
(such connected with a traversal server (for example server, providing firewall traversal on behalf of Cisco VCS, gatekeeper, or Border Controller), or as a VCS, gatekeeper, or Border Controller), or a VCS Expressway or a TANDBERG Border...
Grey Headline (continued) Zones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ENUM zone DNS zone Default Zone ENUM zones allow you to locate endpoints via an ENUM lookup. DNS zones allow you to locate endpoints via a DNS lookup. You...
Grey Headline (continued) Zones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zone configuration Overview TLS certificate verification of neighbor systems SIP authentication trust To neighbor with another system (such as another VCS or When a SIP TLS connection is established between a VCS and a...
If Port See the Neighboring the local Cisco VCS to another VCS cluster the search request was received from another zone and already Specifies the port on the neighbor system used for SIP section for more information.
The default is TLS. cluster, this should include all of its peers. See Port Neighboring the local Cisco VCS to another traversal zones to work. For firewall traversal to work via SIP, the The port on the traversal server to use for VCS cluster section for more information.
Grey Headline (continued) Zones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring traversal server zones The following options are available (in addition H.323 UDP/TCP probes to the Name, Type and Hop count described in Mode Mode UDP retry interval Configuring zones section) when configuring Determines whether H.323 calls are allowed to...
TLS certificate verification of neighbor systems for more information. Advanced section for details on the Advanced settings. See the Zone configuration: advanced settings Do not configure the individual Advanced settings except on the advice of Cisco customer support. Overview and System Cisco VCS Zones and...
Zone configuration: advanced settings The table below describes the Advanced and Custom zone configuration options. Some of these settings only apply to specific zone types. You should only use the Custom zone profile settings on the advice of Cisco customer support. Setting...
Page 73
Grey Headline (continued) Zones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zone configuration: advanced settings Setting Description Default Applicable to On: SIP requests sent to systems located via this zone are "poisoned" such that if they are received by this VCS again they will be rejected.
Page 74
Determines whether INVITE requests sent to this zone filter out UDP/BFCP. This option may be required to enable interoperability with mode SIP devices that do not support the UDP/BFCP protocol, so this must be set to On for connections to a Cisco Unified Communications DNS zones Manager.
Grey Headline (continued) Zones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zone configuration: pre-configured profile settings The table below shows the advanced zone configuration option settings that are automatically applied for each of the pre-configured profiles. Setting Microsoft Office Communications...
Grey Headline (continued) Dial plans CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Structuring your dial plan About dial plans Hierarchical dial plan As you start deploying more than one VCS, it is useful to neighbor the systems together so that In this type of structure one VCS is nominated as the directory for the deployment, and all other they can query each other about their registered endpoints.
VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Clustering and peers This section describes how to set up a cluster of Cisco VCS peers. Clustering is used to increase the capacity of your Cisco VCS deployment and to provide resiliency. The section includes: •...
Zone. Subzone Client Traversal Zone Subzone The diagram opposite shows two separate clusters, both being monitored by Cisco TMS. About the configuration master Neighbor Default Zone All peers in a cluster must be configured identically for subzones, zones, links, pipes, Subzone authentication, bandwidth control and call policy.
Grey Headline (continued) Cluster configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring clusters Setting up a cluster Maintaining a cluster Cluster name The Cluster name is used to identify one cluster of VCSs Before creating your cluster, ensure that all the VCSs to be added The Clustering page lists the IP addresses of all the peers in the from another.
Grey Headline (continued) Cluster configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Which configuration is not replicated? Troubleshooting cluster replication problems Most items of configuration are replicated from IP configuration Cluster replication can fail for a variety of Unable to reach the cluster configuration master the master to all peers, with the exceptions reasons.
Grey Headline (continued) Managing clusters and peers CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Sharing registrations across peers Sharing bandwidth across peers Upgrades and downgrades When one VCS in a cluster receives a search SIP registrations When clustering has been configured, all peers...
VCS only. If you are part of a large enterprise with, for example, Cisco TMS managing several VCS clusters, the FindMe database may contain details of users and devices in other VCS clusters.
CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Cluster Subzone Neighboring the local Cisco VCS to another VCS cluster When two or more VCSs are clustered together, a new subzone Overview Configuration is created within the cluster’s Local Zone. This is the Cluster...
This section provides information on the pages that appear under the Calls, Search rules, Transforms, Call Policy and Advanced Media Gateway sub-menus of the VCS Configuration menu. These pages are used to configure the way in which the Cisco VCS receives and processes calls.
Grey Headline (continued) Introduction CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Search process One of the functions of the VCS is to route calls to their appropriate destination, based on the address or alias received from a locally registered endpoint or external zone.
The ENUM dialing facility allows you to retain the flexibility of URI dialing whilst having the simplicity of being called using just a number - particularly important if any of your callers are restricted to Endpoints registered to a Cisco VCS Expressway dialing using a numeric keypad.
Grey Headline (continued) Hop counts CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About hop counts Configuring hop counts Each search request is assigned a hop count value by the system that initiates the search. Every Hop counts are configured on a zone basis. To configure the hop count for a zone: time the request is forwarded to another neighbor gatekeeper or proxy, the hop count value is 1.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview of searches and transforms About searches About transforms Zone searching and transform process One of the VCS’s functions is to process incoming requests to The VCS lets you transform the alias in a search request if it Zone searching takes place after all pre-search transforms, Call search for a particular alias.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Pre-search transforms About pre-search transforms Pre-search transform process The pre-search transform function allows you to modify the alias in an incoming search request. Up to 100 pre-search transforms can be configured. Each transform must have a unique priority The transformation is applied by the VCS before any searches take place, either locally or number between 1 and 65534.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Pre-search transforms (continued) Configuring pre-search transforms Pattern string Specifies the pattern against which the alias is compared. The Transforms page lists all the pre-search transforms currently configured on the VCS. It is used to create, edit, delete, enable and disable transforms.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Search configuration Calls to unknown IP addresses Calls to Unknown IP addresses settings Fallback alias The options for the Calls to Unknown IP addresses setting are: Although the VCS supports dialing by IP address, it is sometimes...
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zone searching and zone transforms Configuring search and zone transform rules Configuration options The configurable options are: The Search rules page lists all the existing search rules. It is used to add, edit, delete, enable and disable rules.
Page 93
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zone searching and zone transforms (continued) Pattern type Target zone How the pattern string must match the alias for the rule to be applied. (Applies only if the Mode is The zone to query if the alias matches the search rule.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Examples Stripping @domain for dialing to H.323 Explanation numbers The pre-search transform (example, below) takes any number-only dial string (such as 123) SIP endpoints can only make calls in the form of and appends the domain used in endpoint AORs URIs - for example name@domain.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Examples Transforms for alphanumeric H.323 ID Explanation dial strings The pre-search transform (example, below) takes any alphanumeric dial string (such as This example builds on the example from the 123abc) and appends the domain used in your previous page.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Examples Combining match types and priorities Always query a zone with original alias (no transforms) By using the Any Alias and Alias Pattern Match modes when To configure a zone so that it is always sent search requests using the original alias, set up a search rule for that zone with a mode of defining search rules, and applying the same or different Any Alias.
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Examples Filter queries to a zone without To achieve this, on your Head Office VCS create Allowing calls to IP addresses only if a zone to represent the Sales Office VCS, and...
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Examples Query a zone for original and transformed alias You may want to query a zone for the original alias at the same time as you query it for a transformed alias. To do this, configure...
Grey Headline (continued) Searches and transforms CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Examples Query a zone for two or more transformed aliases Zones are queried in order of priority of the search rules configured against them. It is possible to configure multiple search rules for the same...
Grey Headline (continued) Call Policy CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About Call Policy Call Policy and authentication The VCS lets you set up rules to control which Call Policy uses the source and destination of a H.323 calls are allowed, which calls are rejected, and call to determine the action to be taken.
Grey Headline (continued) Call Policy CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Enabling Call Policy Configuring basic Call Policy using the web interface Call Policy is enabled and disabled using the Call Policy mode The Call Policy rules page lists the web-configured call policy Action option on the Call Policy configuration page.
Grey Headline (continued) Call Policy CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring Call Policy using a CPL script Overview About CPL XSD files Uploading a CPL script You can use CPL scripts to configure advanced Call Policy. To do The CPL script must be in a format supported by the VCS.
To start using the Cisco AM GW to transcode calls: If you want to control which calls go through the Cisco AM GW you have to set up policy rules. To do 1. Go to the Advanced Media Gateway configuration page (VCS configuration > Advanced Media this: Gateway >...
Rule name • By default, after a VCS Control has been configured with the Cisco AM GW to use for OCS calls, The name assigned to the rule. all calls to or from the OCS zone are routed via the Cisco AM GW.
Grey Headline (continued) URI dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Enabling URI dialing via DNS A URI address typically takes the form name@example.com, If you do not want to use DNS as part of URI dialing within your URI dialing via DNS is enabled separately for outgoing and where name is the alias and example.com is the domain.
Grey Headline (continued) URI dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE URI resolution process using DNS When a VCS is attempting to locate a destination URI address using the DNS system, the general process is as follows: The VCS supports the SIP resolution process as outlined in RFC 3263 [16].
Grey Headline (continued) URI dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE URI dialing via DNS for outgoing calls URI dialing process Hop count Configuring search rules for DNS zones When dialing by URI via DNS, the hop count used is that...
Grey Headline (continued) URI dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE URI dialing via DNS for incoming calls Types of DNS records required Configuring H.323 SRV records The ability of the VCS to receive incoming calls made using URI dialing via DNS relies on the Annex O of H.323 [15]...
Grey Headline (continued) URI dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE URI dialing via DNS for incoming calls URI dialing and firewall traversal Example DNS record configuration Recommended configuration A company with the domain name example.com wants to enable incoming H.323 and SIP calls If URI dialing via DNS is being used in conjunction with firewall traversal, DNS zones should be using URI addresses in the format user@example.com.
Grey Headline (continued) ENUM dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview ENUM dialing process Enabling ENUM dialing ENUM dialing allows an endpoint to be contacted by a caller When a VCS is attempting to locate a destination endpoint using ENUM dialing is enabled separately for incoming and outgoing dialing an E.164 number - a telephone number - even if that...
Grey Headline (continued) ENUM dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ENUM dialing for outgoing calls Prerequisites Process Example For a local endpoint to be able to dial another endpoint using The process below is followed when an ENUM (E.164) number is In this example, we want to call Fred at Example Corp.
Grey Headline (continued) ENUM dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ENUM dialing for outgoing calls Adding and configuring ENUM zones Configuring matches for ENUM zones Example For example, you want to enable ENUM dialing from your network For locally registered endpoints to use ENUM dialing, you must...
Grey Headline (continued) ENUM dialing CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ENUM dialing for incoming calls Prerequisites Configuring DNS NAPTR records Example In order for your locally registered endpoints to be reached ENUM relies on the presence of NAPTR records, as defined by...
Grey Headline (continued) Call configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Call routed mode Call loop detection mode Overview Overview Calls are made up of two components - signaling and media. Your dial plan or that of networks to which you are neighbored may be configured in such a way that there are potential signaling loops.
Grey Headline (continued) Call IDs, Serial Numbers and Tags CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Identifying calls Each call that passes through the VCS is assigned a Call ID and a Call Serial Number. Calls also Identifying calls in the web interface have a Call Tag assigned if this does not already exist.
Grey Headline (continued) Disconnecting calls CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Disconnecting a call using the web interface Disconnecting a call using the CLI Limitations when disconnecting SIP calls To disconnect one or more existing calls using the web interface:...
Grey Headline (continued) CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Bandwidth control This section describes the pages that appear under the Local Zone and Bandwidth sub-menus of the VCS Configuration menu in the web interface. These pages allow you to control the bandwidth that is used for calls within your local zone, as well as calls out to other zones.
Grey Headline (continued) Bandwidth control overview CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Bandwidth control on the VCS Example network deployment The VCS allows you to control the amount The diagram below shows a typical network deployment: of bandwidth used by endpoints on your •...
Grey Headline (continued) Subzones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About subzones About the Traversal Subzone About the Default Subzone The Local Zone is made up of subzones. Subzones are used to The Traversal Subzone is a conceptual subzone. No endpoints...
Grey Headline (continued) Subzones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring subzones and membership rules Configuring subzones Configuring subzone membership rules The configurable options are: Pattern type How the pattern string must match the alias for The Subzones page lists all the existing...
Grey Headline (continued) Subzones CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Applying bandwidth limitations to subzones Types of limitations How different bandwidth limitations are managed You can apply bandwidth limits to the Default Subzone, Traversal Subzone and all manually In situations where there are differing bandwidth limitations applied to the same link, the lower limit configured subzones.
Grey Headline (continued) Links CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About links Creating and editing links Default links Subzones are connected to other subzones Creating a new link About default links Automatically created links and zones via links. For a call to take place,...
Grey Headline (continued) Pipes CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About pipes Creating and editing pipes It is possible to control the amount of bandwidth used on calls Creating a new pipe Pipe configuration options between specific subzones and zones. The limits can be applied...
Grey Headline (continued) Pipes CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Applying pipes to links Pipes are used to restrict the bandwidth of a link. When a pipe is applied to a link, it will restrict the bandwidth of calls made between the two nodes of the link - the restrictions will apply to calls in either direction.
Grey Headline (continued) Default bandwidth and downspeeding CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About the default call bandwidth Configuring default call bandwidth and downspeeding Usually, when a call is initiated the endpoint will include in the request the amount of bandwidth it To configure the default call bandwidth and downspeeding behavior using the web interface: wishes to use.
Grey Headline (continued) Bandwidth control examples CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Example without a firewall An example deployment is shown opposite. In this example, there are three geographically separate offices: Head, Branch and Home. All endpoints in the Head Office register with the VCS Control, as do those in the Branch and Home offices.
Example with a firewall If we modify the previous example deployment to include firewalls between the offices, we can use Cisco's Expressway™ firewall traversal solution to maintain connectivity. We do this by adding a VCS Expressway outside the firewall on the public internet, which will work in conjunction with the VCS Control and Home and Branch office endpoints to traverse the firewalls.
ADMINISTRATOR GUIDE Firewall traversal This section describes how to configure your Cisco VCS Control and Cisco VCS Expressway in order to traverse firewalls. It also describes how to configure the additional firewall traversal server functions of a Cisco VCS Expressway, including TURN services.
TURN relay services to ICE-enabled endpoints. These features are enabled as follows: • For the VCS Expressway to act as a firewall traversal server for Cisco systems, you must create For firewall traversal to function correctly, the VCS Expressway must have one traversal...
Grey Headline (continued) Quick guide to traversal client - server configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview VCS Expressway (server) VCS Control (client) Full details of how to configure a VCS Control and VCS Expressway as traversal client and server respectively are given in the following pages.
• on the VCS Expressway. Assent is Cisco's proprietary protocol. Ports are initially configured on the VCS Expressway by the • 2. The server identifies each client by the port on which it H.460.18 and H.460.19 are ITU standards which define...
Grey Headline (continued) Firewall traversal protocols and ports CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Ports for initial connections from Assent ports H.460.18/19 ports Ports for connections out to the public traversal clients internet For connections to the VCS Expressway using...
To control which systems can use the VCS Client Server Expressway as a traversal server, each VCS Control or Gatekeeper that wants to be its Cisco VCS Control or Cisco VCS Expressway Cisco VCS Expressway client must first authenticate with it. • •...
DMZ - and your network is configured to prevent direct communication between the two. Cisco offers a downloadable tool, the Expressway Port Tester, that allows you to test your firewall With the LAN 2 interface enabled, you can configure the VCS with two separate IP addresses, one configuration for compatibility issues with your network and endpoints.
Grey Headline (continued) Configuring the Cisco VCS as a traversal client CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Adding and configuring a traversal client zone To enable your VCS to act as a traversal client on behalf of its endpoints and neighbor gatekeepers, you must create a connection between it and a traversal server (e.g.
Grey Headline (continued) Configuring the Cisco VCS as a traversal server CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Adding and configuring a traversal Configuring traversal for endpoints server zone The VCS Expressway can act as a firewall Overview UDP probe retry interval traversal server.
Grey Headline (continued) Configuring the Cisco VCS as a traversal server CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring traversal server ports Overview Configuration The VCS Expressway has specific listening ports used for firewall traversal. Rules must be set on To configure the VCS Expressway ports: your firewall to allow connections to these ports.
Grey Headline (continued) Configuring the Cisco VCS as a TURN server CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE TURN services About ICE TURN relay server Capabilities and limitations Configuring TURN services • ICE (Interactive Connectivity Establishment) The VCS Expressway's TURN relay server can be The VCS supports up to 70 relay allocations.
Page 139
This section provides information on each of the additional services that are available under the Applications menu of the Cisco VCS. You may need to purchase the appropriate option key in order to use each of these applications. They are: •...
(Applications > Conference Factory). this functionality built in. Multiway is supported in Cisco TelePresence endpoints including the E20 Mode (software version TE1.0 or later) and MXP range (software version F8.0 or later).
Grey Headline (continued) Presence CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Presence Server Presence is the ability of endpoints to provide information to other users about their current The Presence Server application on the VCS is responsible for managing the presence information status - such as whether they are offline, online, or in a call.
Grey Headline (continued) Presence CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Presence User Agent (PUA) Overview Aggregation of presence information Registration refresh period Endpoints that do not support presence can have status When enabled, the PUA generates presence information for all The PUA will update and publish presence information on receipt published on their behalf by the VCS.
Grey Headline (continued) Presence CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring Presence Enabling and disabling Presence Services local VCS is authoritative. All other PUBLISH messages will be Presence Server expiration times proxied on in accordance with the VCS’s SIP routing rules.
Grey Headline (continued) Presence CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Viewing presence status Publishers Presentities Subscribers Status > Applications > Presence > Publishers Status > Applications > Presence > Presentities Status > Applications > Presence > Subscribers This page lists each presentity whose presence information is...
Grey Headline (continued) OCS Relay CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Configuring OCS Relay Viewing OCS Relay status The OCS Relay application is required in deployments that use VCS Configuration The OCS Relay status page (Status > Applications > OCS...
Grey Headline (continued) FindMe™ CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview What is FindMe? Process overview Recommendations when deploying FindMe • FindMe is a form of User Policy, which is the set of rules that When the VCS receives a call for a particular alias it applies its...
An example message could be: Third Party Manager: enables FindMe and uses a FindMe Cisco TMS managing several VCS clusters, the search may find manager located on an off-box system. This feature is intended Phone numbers: use the prefix <b>9</b>...
Grey Headline (continued) FindMe™ user guide CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About FindMe Accessing the FindMe home page FindMe lets you control how you are contacted: on any device, at To configure your FindMe user account, log in using a web browser as described below: any location, through a single FindMe ID.
Grey Headline (continued) FindMe™ user guide CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring your FindMe user account FindMe home page Change Password Click here to change the password used to This page summarizes your FindMe account. access your FindMe account (if your account...
Grey Headline (continued) FindMe™ user guide CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring your FindMe user account Defining device details This page is used to define a new device such as an endpoint, Movi client or telephone, or to change the details of an existing device.
Grey Headline (continued) FindMe™ user guide CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuring your FindMe user account Defining location details This page is used to define the details of a new location, or to change the devices associated with an existing location.
Grey Headline (continued) Provisioning (Starter Pack) CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Configuration The VCS's provisioning server provides basic device provisioning for registered Movi users, without The provisioning server is configured using the Provisioning page (Applications > Provisioning).
TMS Agent is a process that runs on the VCS to manage FindMe and Device Provisioning data. It acts on behalf of Cisco TMS so that Cisco TMS is not a single point of failure, and enables each VCS to share the load. It supports the replication of FindMe and provisioning data, sharing the data among cluster peers as well as the central Cisco TMS, providing resilience in case of connection failures between any VCS and Cisco TMS.
VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Maintenance This section describes the pages that appear under the Maintenance menu of the Cisco VCS web interface. These pages allow you to perform the following tasks: • upgrade to a new release of software •...
Contact An upgrade to the VCS platform component will typically include your Cisco representative for more information on all the options automatic upgrades of some or all of the other components.
Grey Headline (continued) Upgrading software components CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Upgrade procedure Downgrade procedure Before starting the upgrade, ensure that you have: Upgrading using secure copy (SCP/PSCP) If you need to downgrade to an X4 (or earlier) release of the VCS Platform, configuration changes, including •...
After the appropriate option key has been purchased, it must be configure the VCS in the meantime. Note that the VCS must use Cisco TMS as its external installed. You can do this through the web interface or through manager to obtain configuration and phone book information the CLI.
Grey Headline (continued) Security certificates CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Enabling security For extra security, you may want to have the VCS communicate To enable certificate security using the web interface: HTTPS client certificate validation with other systems (such as LDAP servers, neighbor VCSs, or •...
Grey Headline (continued) Advanced account security CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Enabling advanced account security The VCS's Advanced account security mode is used to configure VCS functionality: changes and limitations To enable advanced account security using the web interface: the VCS for use in highly secure environments.
VCS with: Local: credentials are verified against a local database stored Use Cisco TMS if you need to provision a large number of • appropriate LDAP server connection settings (see Account on the VCS.
Grey Headline (continued) Login accounts CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Administrator accounts Maintaining administrator accounts Default administrator account Administrator password security The Administrator accounts page lists all the administrator accounts that have been configured on the VCS, and lets you The VCS has a default administrator account with full read-write The Password security page (Maintenance >...
The FindMe alias — the dialable address — by which the user can be contacted. If you are part of a large enterprise with, for example, Cisco TMS managing several VCS The FindMe ID can be any string of up to 60 characters. However, not all endpoints are able to dial clusters, the database may contain details of users and devices in other VCS clusters.
Grey Headline (continued) Login accounts CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Maintaining user accounts (continued) Managing user accounts Configuring principal devices To configure the account's Principal devices: After a user account has been created, you can configure additional details of that account.
Grey Headline (continued) Login accounts CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Administrator and user groups About administrator groups About user groups Group name limitations The Administrator groups page lists all the administrator groups The User groups page lists all the user groups that have been...
Grey Headline (continued) Login accounts CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Account authentication using LDAP Configuring LDAP server settings Encryption SASL TLS encryption and CRL checking Determines whether the connection to the The SASL (Simple Authentication and Security The Login account LDAP configuration page...
Grey Headline (continued) Login accounts CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Root account Resetting passwords Root account Accessing the root account over SSH and Telnet Resetting a forgotten administrator or root password The VCS provides a root account which can be used to log in to...
VCS via the web server. If HTTPS mode is turned off, Cisco TMS will not be able to access it. You must restart the system for any changes to the Security considerations administration settings to take effect.
Grey Headline (continued) Backup and restore CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Creating a backup of your VCS data Restoring a previous backup The backup and restore features are used to create and restore System data System data backup files of your VCS data.
Overview Creating a system snapshot The system snapshot is used for diagnostic purposes. It is a file that can be sent to your Cisco To create a system snapshot file: support representative at their request to assist them in troubleshooting issues you may be •...
Process ID the process ID the VCS application had when the incident occurred. This feature is only intended for use at the request of Cisco customer support in exceptional Release a True/False flag indicating if this is release build (rather than a situations, and is off by default.
Incident View page. Pending: the incident has been saved locally but not sent. If you wish to edit the report before sending it to Cisco (for example, if you wish to remove any potentially sensitive...
Grey Headline (continued) Tools CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Check pattern Locate The Check pattern page (Maintenance > Tools > Check pattern) allows you to test whether a The Locate page (Maintenance > Tools > Locate) lets you test whether the VCS can find an pattern or transform you intend to configure on the VCS will have the expected result.
Grey Headline (continued) Tools CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Port usage Overview Local VCS inbound ports Local VCS outbound ports Remote listening ports The pages under the Maintenance > Tools > This page shows the listening ports on this...
This indicates a hardware fault. front of the box is on. This indicates a hardware fault. the front of the box is on. This indicates a hardware fault. Contact your Cisco representative. Contact your Cisco representative. Contact your Cisco representative.
Grey Headline (continued) Restoring default configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview It is possible to restore the VCS to its default configuration. This is done through the CLI using xConfiguration reference table shows a full list of all configuration items and where applicable xCommand DefaultValuesSet.
Grey Headline (continued) Restoring default configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuration items reset by DefaultValuesSet level 3 (cont.) Default value after xCommand DefaultValuesSet Level: 3 Configuration item IP Route [1..50] Gateway <blank> IP Route [1..50] Interface Auto IP Route [1..50] PrefixLength...
Page 177
Grey Headline (continued) Restoring default configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Configuration items reset by DefaultValuesSet level 2 (cont.) Default value after xCommand DefaultValuesSet Level: 2 Configuration item Login Remote LDAP Server Address <blank> Login Remote LDAP Server Port Login Remote LDAP VCS BindDN <blank>...
Grey Headline (continued) Password encryption CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Maximum length of passwords All passwords configured on the VCS are stored in encrypted form. This applies to the following, When a password is encrypted, it uses more characters than the original plain text version of the which all have usernames and passwords associated with them: password.
Page 179
Grey Headline (continued) CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Appendices This section includes the following appendices which provide supplementary information regarding the administration of the Cisco VCS: • CPL reference • Regular expression reference • Pattern variable reference •...
CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview of CPL on the Cisco VCS address-switch Call Processing Language (CPL) is an XML-based language for defining call handling. This Appendix Overview gives details of the VCS’s implementation of the CPL language and should be read in conjunction...
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE address-switch field Within the address-switch node, the mandatory field parameter specifies which address is to be considered. The supported attributes and their interpretation are as follows: Authentication mode: On...
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE address-switch subfield Within the address-switch node, the optional subfield parameter specifies which part of the address is to be considered. The following table gives the definition of subfields for each alias type.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE location As the CPL script is evaluated it maintains a list of addresses (H.323 IDs, URLs and E.164 numbers) which will be used as the destination of the call if a proxy node is executed. The taa:location node allows the location set to be modified so that calls can be redirected to different destinations.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE proxy reject Unsupported CPL elements On executing a proxy node the VCS attempts to forward the call If a reject node is executed the VCS stops any further script The VCS does not currently support some elements that are to the locations specified in the current location set.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CPL examples Call screening of authenticated users Call screening based on alias In this example, only calls from users with authenticated source addresses are allowed. In this example, user ceo will only accept calls from users vpsales, vpmarketing or vpengineering.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CPL examples Call screening based on domain Change of domain name In this example, user fred will not accept calls from anyone at annoying.com, or from any In this example, Example Inc has changed its domain from example.net to example.com. For a unauthenticated users.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CPL examples Allow calls from locally registered endpoints only Block calls from Default Zone and Default Subzone In this example, the administrator only wants to allow calls that originate from locally registered The same script can be extended to also allow calls from configured zones but not from the Default endpoints.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CPL examples Restricting access to a local gateway Using the taa:rule-switch node In these examples, a gateway is registered to the VCS with a prefix of 9 and the administrator wants <?xml version="1.0"...
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CPL examples <failure> Redirecting failed calls based on status code <!-- General catch-all failure handler for all other error responses The output from a proxy node allow actions to be taken based on the result of the proxy operation.
Grey Headline (continued) CPL reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CPL examples Reject attempts to subscribe to a presentity In this example, attempts to subscribe the presence of user@example.com are rejected. <?xml version="1.0" encoding="UTF-8" ?> <cpl xmlns="urn:ietf:params:xml:ns:cpl" xmlns:taa="http://www.tandberg.net/cpl-extensions"...
Grey Headline (continued) Regular expression reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Common regular expressions Regular expressions can be used in conjunction Character Description Example with a number of VCS features such as alias Matches any single character.
Grey Headline (continued) Pattern variable reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Valid variable strings The VCS makes use of pattern matching in a String Equals current value(s) returned by... When used in a Pattern field When used in a Replace field...
Grey Headline (continued) Port reference CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview The VCS uses different IP ports and protocols for different services and functions, and many of these are configurable. The table below lists each Two services or functions cannot share of these services and functions.
Page 194
Agent (for clusters or database. Used if the VCS is part of a cluster with Cisco TMS) FindMe or Device Provisioning enabled, or if the VCS is managed through Cisco TMS. SIP UDP Listens for incoming SIP UDP calls. 5060 UDP...
Page 195
Used to send messages to the remote syslog server. uses a UDP source port from the ephemeral range TMS Agent Used to connect to another VCS or Cisco TMS for uses a TCP source port from the ephemeral data replication. range...
Grey Headline (continued) DNS configuration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview Microsoft DNS server This section gives examples of DNS configuration using Using Microsoft DNS Server you can add the SRV record using either the command line or the MMC snap-in.
Grey Headline (continued) LDAP configuration for device authentication CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE About the LDAP databases Microsoft Active Directory The VCS can be configured to use a database on an LDAP Directory Server to store device Prerequisites authentication credential information (usernames, passwords, and other relevant information).
Grey Headline (continued) LDAP configuration for device authentication CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Microsoft Active Directory Adding H.350 objects 2. Add the ldif file to the server using the command: Securing with TLS ldifde -i -c DC=X <ldap _ base> -f filename.ldf...
Grey Headline (continued) LDAP configuration for device authentication CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE OpenLDAP Prerequisites Installing the H.350 schemas These instructions assume that an OpenLDAP server has 1. Copy the OpenLDAP files to the OpenLDAP schema directory: already been installed. For details on installing OpenLDAP see /etc/openldap/schemas/commobject.ldif...
Grey Headline (continued) LDAP configuration for device authentication CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE OpenLDAP Adding H.350 objects Add the H.350 objects Securing with TLS 1. Create an ldif file with the following contents: The connection to the LDAP server can be encrypted by enabling...
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview The xConfiguration group of commands are used to The valid value for set and change individual items of configuration. Each this command is a command is made up of a main element followed by string.
Page 202
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Administration HTTP Mode: <On/Off> Determines whether HTTP calls will be redirected to the HTTPS port. On: calls will be redirected to HTTPS. Off: no HTTP access will be available.
Page 203
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Alternates Cluster Name: <S: 0..128> The fully qualified domain name used in SRV records that address this VCS cluster, for example "cluster1.example.com". The name can only contain letters, digits, hyphens and underscores.
Page 204
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Applications External Status [1..10] Filename: <S:0..255> XML file containing status that is to be attached for an external application. Example: xConfiguration Applications External Status 1 Filename: "foo.xml"...
Page 205
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Applications Presence User Agent ExpireDelta: <1..65534> Specifies the lifetime value (in seconds) the Presence User Agent will advertise in the PUBLISH messages it sends to the Presence Server. The Presence User Agent will refresh its PUBLISH messages at 75% of this value (to keep them active).
Page 206
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Authentication Mode: <On/Off> Determines whether systems attempting to communicate with the VCS must authenticate with it first. Off: incoming messages are not authenticated. On: for H.323, any credentials in the message are checked against the authentication database. The message is allowed if the credentials match, or if there are no credentials in the message.
Page 207
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Bandwidth Link [1..3000] Node1 Name: <S: 0, 50> Specifies the first zone or subzone to which this link will be applied. Example: xConfiguration Bandwidth Link 1 Node1 Name: "HQ"...
Page 208
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Bandwidth Pipe [1..1000] Name: <S: 1, 50> Assigns a name to this pipe. Example: xConfiguration Bandwidth Pipe 1 Name: "512Kb ASDL" Call Loop Detection Mode: <On/Off>...
Page 209
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Error Reports Mode: <On/Off> Determines whether the VCS will automatically send details of application failures to a specified web service. Default: Off Example: xConfiguration Error Reports Mode: Off Error Reports URL: <S: 0, 128>...
Page 210
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ExternalManager Path: <S: 0, 255> Sets the URL of the external manager. Default: tms/public/external/management/SystemManagementService.asmx Example: xConfiguration ExternalManager Path: "tms/public/external/management/SystemManagementService.asmx" ExternalManager Protocol: <HTTP/HTTPS> The protocol used to connect to the external manager.
Page 211
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE H323 Gatekeeper Registration ConflictMode: <Reject/Overwrite> Determines how the system will behave if an endpoint attempts to register an alias currently registered from another IP address. Reject: denies the registration.
Page 212
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Interworking Mode: <On/Off/RegisteredOnly> Determines whether or not the VCS will act as a gateway between SIP and H.323 calls. Off: the VCS will not act as a SIP-H.323 gateway.
Page 213
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE IP Gateway: <S: 7..15> Specifies the IPv4 gateway of the VCS. Note: you must restart the system for any changes to take effect. Default: 127.0.0.1 Example: xConfiguration IP Gateway: "192.168.127.0"...
Page 214
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE IPProtocol: <Both/IPv4/IPv6> Selects whether the VCS is operating in IPv4, IPv6 or dual stack mode. Note: you must restart the system for any changes to take effect.
Page 215
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Login Administrator Groups Group [1..30] Access: <None/ReadOnly/ReadWrite/Auditor> Defines the access level for members of the specified administrator group. None: no access allowed. ReadOnly: configuration can only be viewed.
Page 216
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Login Remote LDAP DirectoryType: <ActiveDirectory> Defines the type of LDAP directory that is being accessed. ActiveDirectory: directory is Windows Active Directory. Default: ActiveDirectory Example: xConfiguration Login Remote LDAP DirectoryType: ActiveDirectory Login Remote LDAP Encryption: <Off/TLS>...
Page 217
Example: xConfiguration NTP Address: "ntp.server.example.com" Option [1..64] Key: <S: 0, 90> Specifies the option key of your software option. These are added to the VCS in order to add extra functionality, such as increasing the VCS’s capacity. Contact your Cisco representative for further information.
Page 218
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Policy AdministratorPolicy Mode: <On/Off> Enables and disables use of Call Policy. Default: Off Example: xConfiguration Policy AdministratorPolicy Mode: Off Policy FindMe CallerID: <FindMeID/IncomingID> Determines how the source of an incoming call is presented to the callee.
Page 219
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Policy FindMe Server UserName: <S: 0, 30> Specifies the user name used by the VCS to log in and query the remote FindMe Manager. Example: xConfiguration Policy FindMe Server UserName: "user123"...
Page 220
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Registration RestrictionPolicy: <None/AllowList/DenyList> Specifies the policy to be used when determining which endpoints may register with the system. None: no restriction. AllowList: only endpoints attempting to register with an alias listed on the Allow List may register.
Page 221
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Services AdvancedMediaGateway Policy Rules Rule [1..200] Pattern Type: <Exact/Prefix/Suffix/Regex> The way in which the pattern must match either the source or destination alias of the call.
Page 222
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SIP Registration Proxy Mode: <Off/ProxyToKnownOnly/ProxyToAny> Specifies how proxied registrations should be handled. Off: registration requests will not be proxied. ProxyToKnownOnly: registration requests will be proxied to neighbors only.
Page 223
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SIP Routes Route [1..20] Header Pattern: <S:0..128> Regular expression to match against the specified SIP header field. Note: this command is intended for developer use only.
Page 224
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SIP Session Refresh Value: <90..7200> The maximum time allowed between session refresh requests for SIP calls. For further information refer to the definition of Session-Expires in 4028.
Page 225
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SIP UDP Port: <1024..65534> Specifies the listening port for incoming SIP UDP calls. Default: 5060 Example: xConfiguration SIP UDP Port: 5060 SNMP CommunityName: <S: 0, 16>...
Page 226
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SystemUnit Maintenance Mode: <On/Off> Sets the VCS into maintenance mode. New calls and registrations are disallowed and existing registrations are allowed to expire. Default: Off Example: xConfiguration SystemUnit Maintenance Mode: Off SystemUnit Name: <S:, 0, 50>...
Page 227
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Transform [1..100] Pattern String: <S: 0, 60> The pattern against which the alias is compared. Example: xConfiguration Transform 1 Pattern String: "example.net" Transform [1..100] Pattern Type: <Exact/Prefix/Suffix/Regex>...
Page 228
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Traversal Server H323 H46018 CallSignaling Port: <1024..65534> Specifies the port on the VCS to be used for H460.18 signaling. Default: 2777 Example: Traversal Server H323 H46018 CallSignaling Port: 2777 Traversal Server Media Demultiplexing RTCP Port: <1024..65534>...
Page 229
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones LocalZone DefaultSubZone Bandwidth PerCall Inter Limit: <1..100000000> Specifies the bandwidth limit (in kbps) for any one call to or from an endpoint in the Default Subzone (applies only if the mode is set to Limited).
Page 230
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones LocalZone SubZones MembershipRules Rule [1..3000] Description: <S: 0..64> A free-form description of the membership rule. Example: xConfiguration Zones LocalZone SubZones MembershipRules Rule 1 Description: "Office-based staff"...
Page 231
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones LocalZone SubZones MembershipRules Rule [1..3000] Type: <Subnet/AliasPatternMatch> The type of address that applies to this rule. Subnet: assigns the device if its IP address falls within the configured IP address subnet.
Page 232
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones LocalZone SubZones SubZone [1..1000] Name: <S: 0, 50> Assigns a name to this subzone. Example: xConfiguration Zones LocalZone SubZones SubZone 1 Name: "BranchOffice" Zones LocalZone SubZones SubZone [1..1000] Registrations: <Allow/Deny>...
Page 233
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones LocalZone Traversal H323 TCPProbe RetryCount: <1..65534> Sets the number of times traversal-enabled endpoints registered directly with the VCS will attempt to send a TCP probe to the VCS.
Page 234
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones LocalZone TraversalSubZone Bandwidth Total Limit: <1..100000000> Specifies the total bandwidth (in kbps) allowed for all traversal calls being handled by the VCS (applies only if the mode is set to Limited).
Page 235
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Policy SearchRules Rule [1..2000] Pattern String: <S: 0..60> The pattern against which the alias is compared. (Applies to Alias Pattern Match mode only.) Example: xConfiguration Zones Policy SearchRules Rule 1 Pattern String: "@example.com"...
Page 236
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Policy SearchRules Rule [1..2000] Target ZoneName: <S: 0..50> The zone to query if the alias matches the search rule. Example: xConfiguration Zones Policy SearchRules Rule 1 Target ZoneName: "Sales Office"...
Page 237
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] DNS SIP Duo Video Filter Mode: <On/Off> Determines whether INVITE requests sent to this zone filter out Duo Video. This option may be required to enable interoperability with SIP devices that do not support Duo Video.
Page 238
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] DNS SIP TLS Verify Mode: <On/Off> Controls X.509 certificate checking between this VCS and the destination system server returned by the DNS lookup. When enabled, the domain name submitted to the DNS lookup must be contained within the server's X.509 certificate (in either the Subject Common Name or the Subject Alternative Name attributes).
Page 239
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] Neighbor AdvancedMediaGateway Mode: <On/Off> Controls whether calls to or from this zone will use an Advanced Media Gateway. Default: Off Example: xConfiguration Zones Zone 3 Neighbor AdvancedMediaGateway Mode: On Zones Zone [1..1000] Neighbor H323 Port: <1024..65534>...
Page 240
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] Neighbor Interworking SIP Video DefaultResolution: <None/QCIF/CIF/4CIF/SIF/4SIF/VGA/SVGA/XGA> Specifies which video resolution to use when empty INVITEs are not allowed. Default: CIF Example: xConfiguration Zones Zone 3 Neighbor Interworking SIP Video DefaultResolution: CIF Zones Zone [1..1000] Neighbor Peer [1..6] Address: <S:0..128>...
Page 241
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] Neighbor SIP MediaRouting Mode: <Auto/Signaled/Latching> Specifies how the VCS handles the media for calls to and from this neighbor, and where it will forward the media destined for this neighbor.
Page 242
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] Neighbor SIP SDP Attribute Line Limit Mode: <On/Off> Determines whether requests containing SDP sent out to this zone will have the length of a=fmtp lines restricted.
Page 243
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] Neighbor ZoneProfile: <Default/Custom/MicrosoftOCS2007/CiscoUnifiedCommunicationsManager/NortelCS1000/AdvancedMediaGateway> Determines how the zone's advanced settings are configured. Default: uses the factory defaults. Custom: allows you to configure each setting individually.
Page 244
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] TraversalClient RetryInterval: <1..65534> Specifies the interval (in seconds) with which a failed attempt to establish a connection to the traversal server should be retried.
Page 245
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] TraversalServer H323 Port: <1024..65534> Specifies the port on the VCS being used for H.323 firewall traversal from this traversal client. Default: 6001, incrementing by 1 for each new zone.
Page 246
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] TraversalServer SIP Transport: <TCP/TLS> Determines which of the two transport types will be used for SIP calls between the traversal client and VCS.
Page 247
Grey Headline (continued) Command reference - xConfiguration CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Zones Zone [1..1000] Type: <Neighbor/TraversalClient/TraversalServer/ENUM/DNS> Determines the nature of the specified zone, in relation to the local VCS. Neighbor: the new zone will be a neighbor of the local VCS.
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview The xCommand group of commands are used The valid value for this parameter is an integer. to add and delete items and issue system commands.
Page 249
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE AMGWPolicyRuleAdd Adds and configures a new Advanced Media Gateway policy rule. Name(r): <S: 1..50> Assigns a name to this Advanced Media Gateway policy rule. Description: <S: 0..64>...
Page 250
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE AdminLoginGroupAdd Creates a new administrator login group. Name(r): <S: 0..128> Defines the name of an administrator group that determines which access rights members of the group have after they have been successfully authenticated to use the VCS.
Page 251
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CheckBandwidth A diagnostic tool that returns the status and route (as a list of nodes and links) that a call of the specified type and bandwidth would take between two nodes.
Page 252
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE CredentialDelete Deletes an entry from the local authentication database. CredentialId(r): <1..2500> The index of the credential to be deleted. Example: xCommand CredentialDelete CredentialId: 2 DefaultLinksAdd Restores links between the Default Subzone, Traversal Subzone and the Default Zone.
Page 253
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE DisconnectCall Disconnects a call. Call: <1..900> The index of the call to be disconnected. CallSerialNumber: <S: 1, 255> The serial number of the call to be disconnected.
Page 254
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ExtAppStatusDelete Deletes an external application status entry. Note: this command is intended for developer use only. Name(r): <S:1..64> Descriptive name for the external application whose status is being referenced.
Page 255
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ForceConfigUpdate Performs an xCommand DefaultValuesSet Level: 2 on the specified peer, and then forces the relevant configuration on the peer to be updated to match that of the cluster master.
Page 256
Example: xCommand LogPersist OptionKeyAdd Adds a new option key to the VCS. These are added to the VCS in order to add extra functionality, such as increasing the VCS's capacity. Contact your Cisco representative for further information. Key(r): <S: 0, 90>...
Page 257
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE OptionKeyDelete Deletes a software option key from the VCS. OptionKeyId(r): <1..64> Specifies the ID of the software option to be deleted. Example: xCommand OptionKeyDelete OptionKeyId: 2 PipeAdd Adds and configures a new pipe.
Page 258
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE RouteAdd Adds and configures a new IP route (also known as a static route). Address(r): <S: 1, 39> Specifies an IP address used in conjunction with the prefix length to determine the network to which this route applies.
Page 259
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SecureModeOff Turns secure mode off - removes all audit information that contains sensitive information, such as log files and call, status and login history records. This command has no parameters.
Page 260
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SIPRouteDelete Deletes an existing SIP route, identified either by the specified index or tag. Note: this command is intended for developer use only. SipRouteId: <1..20> The index of the SIP route to be deleted.
Page 261
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SubZoneDelete Deletes a subzone. SubZoneId(r): <1..1000> The index of the subzone to be deleted. Example: xCommand SubZoneDelete SubZoneId: 2 SubZoneMembershipRuleAdd Adds and configures a new membership rule.
Page 262
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE TransformAdd Adds and configures a new transform. Pattern(r): <S: 1, 60> Specifies the pattern against which the alias is compared. Type: <Exact/Prefix/Suffix/Regex> How the pattern string must match the alias for the transform to be applied. Exact: the entire string must exactly match the alias character for character. Prefix: the string must appear at the beginning of the alias.
Page 263
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE UserLoginGroupDelete Deletes a user login group. UserLoginGroupId(r): <1..15> The index of the user login group to be deleted. Example: xCommand UserLoginGroupDelete UserLoginGroupId: 1 WarningAcknowledge Acknowledges an existing warning.
Page 264
Grey Headline (continued) Command reference - xCommand CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE ZoneDelete Deletes a zone. ZoneId(r): <1..1000> The index of the zone to be deleted. Example: xCommand ZoneDelete ZoneId: 2 ZoneList A diagnostic tool that returns the list of zones (grouped by priority) that would be queried, and any transforms that would be applied, in a search for a given alias. Note that this command does not change any existing system configuration.
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Overview The xStatus group of commands are used to return information about the current status of the VCS. Each xStatus element returns information about one or more sub-elements.
Page 266
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Alternates: Peer [1..6]: {Hidden for Peer [n] when Peer [n] is self} Status: <Active/Failed/Unknown> Cause: {Visible if status is Failed} <No response from gatekeeper/DNS resolution failed/Invalid IP address>...
Page 269
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Aliases: Alias [1..50]: Type: <E164/H323Id> Value: <S: 1,60> SIP: {visible if Protocol = SIP} Address: <IPv4Addr/[IPv6Addr]>:<1..65534> Transport: <UDP/TCP/TLS/undefined> Aliases: Alias [1..50]: Type: <URL> Value: <S: 1,60>...
Page 270
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Bandwidth: Requested: <0..100000000> kbps Allocated: <0..100000000> kbps Route: Zone/Link: <S: 1,50 Node name> {0..150 entries} Media {visible if MediaRouted = True} Channels Channel [1..n] Type: <AUDIO/VIDEO/DATA/BFCP/H224/UNKNOWN>...
Page 271
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE External Manager: Status: <Inactive/Initializing/Active/Failed> Cause: {Visible if status is Failed} <Failed to connect to external manager / No response from external manager / Failed to register to external manager / DNS resolution failed >...
Page 272
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Assent: CallSignaling: Status: <Active/Inactive/Failed> IPv4: {Visible if Status=Active} Address: <IPv4Addr> {1..2 entries} IPv6: {Visible if Status=Active} Address: <IPv6Addr> {1..2 entries} H46018: CallSignaling: Status: <Active/Inactive/Failed> IPv4: {Visible if Status=Active} Address: <IPv4Addr>...
Page 273
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE LDAP: Status: <Inactive/Initializing/Active/Failed> Cause: {Visible if status is Failed} <Failed to connect to LDAP server / The LDAP server does not support TLS. / Failed to establish a TLS connection to the LDAP server. Please check that the LDAP server certificate is signed by a CA, and that CA is included on the CA certificate installed on the VCS.
Page 277
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE SystemUnit: Product: TANDBERG VCS Uptime: <Time in seconds> SystemTime: <Time not set/date-time> TimeZone: <GMT or one of 300 other timezones> LocalTime: <local-date-time> Software: Version: X5.1 Build: <Number/Uncontrolled>...
Page 281
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Calls: {Section visible only if there are calls} Call [0..900]: {0..900 entries} CallId: <S: 1,255> TraversalSubZone: Name: “TraversalSubZone” Bandwidth: LocalUsage: <0..100000000> ClusterUsage: <0..100000000> Calls: {Section visible only if there are calls } Call [0..900]: {0..900 entries}...
Page 282
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Searches: Current: Total: Dropped: Zone [1..1000]: Name: <S: 1,50 Node name> Bandwidth: LocalUsage: <0..100000000> ClusterUsage: <0..100000000> Status: <Active/Failed/Warning> Cause: {Visible if status is Failed or Warning} <System unreachable/ Systems unreachable>...
Page 283
Grey Headline (continued) Command reference - xStatus CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Address: <IPv4Addr/IPv6Addr> {One Address line per address from DNS lookup} Port: <1..65534> LastStatusChange: <Time not set/Date Time> SIP: {Visible if SIP Mode=On for Zone} Status: <Unknown/Active/Failed>...
Ethernet parameters packet loss over your network Capacity warning: the number of concurrent non-traversal calls has approached the licensed limit Contact your Cisco representative Capacity warning: the number of concurrent traversal calls has approached the licensed limit Contact your Cisco representative...
Page 285
Grey Headline (continued) Warnings CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Warnings list Warning message Resolution Configuration warning: expected default link between the Traversal Subzone and the Default Zone is missing Configure default links Configuration warning: H.323 and SIP modes are set to Off; one or both of them should be enabled Configure H.323...
Page 286
Grey Headline (continued) Warnings CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Warnings list Warning message Resolution Restart required: Telnet service has been changed, however a restart is required for this to take effect Restart the VCS Restart required: the advanced account security mode has changed, however a restart is required for this to take effect...
Management Information Base for Network Management of TCP/IP-based internets: MIB-II http://www.ietf.org/rfc/rfc1213.txt Cisco VCS Deployment Guide - Microsoft OCS 2007 (R1 and R2) and Cisco VCS Control (document no. D14269) www.tandberg.com/support/documentation.php Cisco VCS Multiway Deployment Guide (document number D14366) www.tandberg.com/support/documentation.php Provisioning Deployment Guide (document number D14368) www.tandberg.com/support/documentation.php...
Page 288
Cisco VCS Deployment Guide - ENUM dialing on Cisco VCS (document number D14465) www.tandberg.com/support/documentation.php Cisco VCS Deployment Guide - Certificate Creation and use with Cisco VCS (document number D14548) www.tandberg.com/support/documentation.php Cisco VCS Deployment Guide - Basic Configuration - Single Cisco VCS Control (document number D14524) www.tandberg.com/support/documentation.php...
Cisco VCS Expressway A Cisco VCS with the same functionality as a Cisco VCS Control that can also act as a firewall traversal server. This is generally located outside the firewall. A text-based user interface used to access the VCS.
Page 290
On the VCS, a zone used to configure access to endpoints located via ENUM. External manager The remote system that is used to manage endpoints and network infrastructure. The Cisco TelePresence Management Suite (Cisco TMS) is an example of an external manager.
Page 291
Grey Headline (continued) Glossary CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Term Definition IETF An organization that defines (via documents such as RFCs) the protocol standards and best practices relating to the design, use and management of the internet. Internet Engineering Task Force Interworking Allowing H.323 systems to connect to SIP systems.
Page 292
Grey Headline (continued) Glossary CISCO TELEPRESENCE VIDEO COMMUNICATION SERVER ADMINISTRATOR GUIDE Term Definition Neighbor zone On the VCS, a zone used to configure a connection to a remote system with which the local VCS has a non-traversal relationship. Node In relation to the VCS, a node is one end of a link. A node can be a local subzone or a zone.
Page 293
A conceptual subzone through which all traversal calls are deemed to pass; used to manage the bandwidth of traversal calls. Traversal-enabled endpoint Any endpoint that supports the Assent and/or ITU H.460.18 and H.460.19 standards for firewall traversal. This includes all Cisco TelePresence MXP endpoints. TURN Relay extensions to STUN (Session Traversal Utilities for NAT).
Page 294
The set of rules that determine the action(s) to be applied to calls for a particular user or group. The VCS uses FindMe for its User Policy. See Cisco VCS. VCS Control See Cisco VCS Control. VCS Expressway See Cisco VCS Expressway.