Scribd
Upload
123 views

CMS Config Guide

This document provides configuration instructions for setting up a Cisco Meeting Server (CMS) including: 1. Basic network configuration such as IP address, DNS, and NTP settings. 2. Creating web administration and certificates using Microsoft CA. 3. Configuring the XMPP server and call bridge with self-signed certificates. 4. Configuring the web bridge with self-signed certificates. 5. Instructions for integrating with an on-premise Cisco Call Manager including trunk configuration and creating spaces in CMS. 6. Configuring LDAP sync with Active Directory and necessary DNS records. 7. Creating Jabber clients on Windows and Android connected to the Call Manager.

Uploaded by

Dummy CTDT
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
123 views

CMS Config Guide

This document provides configuration instructions for setting up a Cisco Meeting Server (CMS) including: 1. Basic network configuration such as IP address, DNS, and NTP settings. 2. Creating web administration and certificates using Microsoft CA. 3. Configuring the XMPP server and call bridge with self-signed certificates. 4. Configuring the web bridge with self-signed certificates. 5. Instructions for integrating with an on-premise Cisco Call Manager including trunk configuration and creating spaces in CMS. 6. Configuring LDAP sync with Active Directory and necessary DNS records. 7. Creating Jabber clients on Windows and Android connected to the Call Manager.

Uploaded by

Dummy CTDT
Copyright
© © All Rights Reserved
Available Formats
Download as TXT, PDF, TXT or read online on Scribd
You are on page 1/ 6

Configuration Guide CMS

acano> syslog follow so that ssh won't dc

-------------------Basic Configuration------------------------------

hostname cms
ipv4 a add 192.168.10.97/24 192.168.10.1
dns add forwardzone acetech.com.pg 10.10.50.15 or forwardzone . 10.10.50.15 (all
domain)
ntp server add 216.239.35.4

verify DN records
dns lookup A cms.adeng.pom

*************************CREATING WEBADMIN****************************

----------------Creating Certificates-------------------------

Microsoft CA - install on a server and add the template

1. Go to Server Manager - Tools - Certificate Authority


2. Right Click Certificate Template - Manage
3. Right CLick Web Server - Duplicate
4. Properties - General - Rename the Certificate
5. Extensons - Application Policies - Add Client Authentication
6. Close Certificate Template Console
7. Right Click Certificate Template - New - Certificate Template To Issue - Click
created template

acano>

webadmin listen a 8443


webadmin enable - will have error needs certificate
webadmin disable

pki csr cms CN:cms.acetech.com.pg subjectAltName:acetech.com.pg,join.acetech.com.pg


domain of users users joining

Use WinSCP to copy the cms.key and cms.csr file to windows and create a certificate
through Microsoft CA using the template that created for Server and Client
Authentication

Note: Verify Valid From and Valid To for the certificate created.

Note: Also download the root CA of Microsoft CA and cpy the files back to CMS.

acano>

webadmin certs cms.key cms.cer root.cer


webadmin enable

Access the GUI

https://192.168.100.97:8443

*********************************XMPP Server and Call Bridge***********************


acano>

pki selfsigned self - will create self.key and self.crt


xmpp listen a
xmpp certs self.key self.crt
xmpp domain acetech.com.pg
xmpp enable
xmpp callbridge add CFBCMS - copy the text in Secret:
callbridge listen a
callbridge certs self.key self.crt
callbridge restart

Access the GUI input the following in General


1. Unique Call Bridge Name: CFBCMS
2. Domain Name: acetech.com.pg
3. Server Address: 192.168.10.97 (IP of CMS)
4. Secret Password: (from xmpp callbridge add CFBCMS)
5. Submit

*********************************Web Bridge************************

acano>

webbridge listen a:443 (default)


webbridge http-redirect enable
webbridge certs self.key self.crt
webbridge trust self.crt
webbridge enable

Enable Web Bridge and Call Bridge Link (Enable Join button on sign in)
Go to the GUI
1. Configuration - General - Web Bridge Setting (Scroll Down)
2. Guest account client URI: https://192.168.10.97
3. Guest account JID domain: acetech.com.pg

*******************************Database****************************

Enabled by defualt using single server. Do not do anything unless


using multiple CMS.

*******************************LDAP*****************************

GUI

1. Configuration - Active Directory


2. Address: Input IP Address of the Active Directory
3. Port: 389
4. Username:

Need Full Distinguished Name

-Go to the Internal DNS Server


-Use ADSI Edit
-Right click - Connect to - OK
-Go to CN=users - CN=Administrator - Right click - Properties
-Double click distinguished name - copy the text, input in Username:
5. Password: Type your password
6. Base distinguished name: do the same procedure above, choose any user
7. Copy the distinguished name, except the first part, paste it or just copy from
administrator
8. Filter: sAMAccountName=* , use hq* or wahtever which users needs to be synced

Field Mapping Expressions


1. Display name: $cn$
2. Username: [email protected]
3. Space Name: $cn$
4. Space URI user part: $sAMAccountName$.space
5. Save - Sync Now

To sign in properly needs to create AAA record and SRV record in the DNS

1. Server Manager - Tools - DNS


2. New AAA record - input "join" in Name
3. IP Address: 192.168.10.97
4. flush dns at CMS acano>dns flush
5. DNS - Other services - Choose SRV
6. Service: _xmpp-client
7. Protocol: _tcp
8. Port number: 5222
9. Host offering this service: cms.acetech.com.pg
10. flush dns at CMS acano>dns flush

login to join.acetech.com.pg

___________________________________________________________________________________
__________

Integrating CUCM and CMS

**********CUCM Startup Services******************

1. Cisco Unified Serviceability


2. Tools > Service Activation
3. Choose: Cisco CallManager
Cisco CTI Manager
Cisco Device Activation Service
Cisco Tftp
Cisco AXL Web Service
Cisco DirSync

************CUCM Base Config******************

1. System > Server


2. Add New > CuCM Voice/Video > Next
3. Enter IP Address of CUCM

1. System > Cisco Unified CM


2. Verify > Name and Description
**********Enable Auto Registration in CUCM********

1. System > Enterprise Parameters configuration > Chang Auto Registration > SIP or
SCCP
2. Cisco Unified CM > Uncheck Auto Registration Disabled
3. Save

*********Create a Trunk at CUCM****************

1. Device > Trunk


2. Enter Device Name and description
3. Device Pool: Default
4. SIP Information > Add destination Address:192.168.10.90 (IP of CMS)
5. SIP Trunk Security Profile: Non Secure SIP Trunk Profile
6. SIP Profile: Standard SIP Profile for Telepresence Conferencing
7. Save > Reset > Reset > Close

*********Create a SIP Route Pattern*************

1. Call Routing > SIP Route Pattern


2. IPV4 Pattern: cms.acetest.com.pg (enter domain name of cms)
3. SIP Trunk/Route List: Choose Created Trunk (Rendezvous_CMS)
4. Save

**********Create a Space in Cisco Meeting Server********

1. Configuration > Spaces


2. Name: Enter any name
3. URI Userpart: 5001 (Better to put DN)
4. Secondary URI user part: cms.acetest.com.pg (domain name of CMS)
5. Caller ID: 70904601 (any number, so guest can access)
6. Passcode: 12345 (any passcode for guest access, join button)
7. Click Add New

*********Create an Incoming Call Route in CMS*********************

1. Configuration > Incoming Call Route


2. Add domain name cms.acetest.com.pg priority 1
3. Add domain name acetest.com.pg priority 50

Note: Highest priority is the domain name of the called Space

Eg.: [email protected], where test is URI user part.

*********Create Outgoing Call Route in CMS*********************

1. Configuration > Outgoing Call Route


2. Domain: Leave Blank
3. SIP Proxy to use: 192.168.10.97 (CUCM)
4. Local from Domain: Blank
5. Trunk Type: Standard SIP
6. Behavior: Stop
7. Priority: 1
8. Encryption: Unencrypted

_________________________________________________________________________
Jabber

***************IMPORTANT NOTE:*****************

1. DNS Server of the client PC must be local DNS Server


2. Create SRV in the DNS Server so that Jabber can connect
3. Service: _cisco-uds
4. Protocl: _tcp
5. Port Number: 8443
6. Host Offering this Service: cucm.acetest.com.pg (cucm fqdn)

**********Add New User at CUCM***************

1. User Management > User > Add New


2. User ID: Enter any user ID
3. Password:
4. Confirm Password:
5. Last Name
6. Check Home Cluster and Enable User for Unified IM and Presence
7. Save

**********Creating a Jabber Client (Windows Based) at CUCM**************

1. Device > Phone > Add New


2. Phone Type: Cisco Unified Client Services Framework
3. Next
4. Device Name: Enter Device Name
5. Device Pool: Default
6. Phone Button Template: Standard Client Services Network
7. Common Phone Profile: Standard Common Phone Profile
8. Owner User ID: Choose a local user
9. Device Security Profile: Cisco Unified Services Framework Standard SIP Non
Secure Profile
10. SIP Profile: Standard SIP Profile
11. Save > Apply Config > OK
12. Add New DN
13. Enter Directory Number: 1020 (any DN)
14. Save > Go Back to Phone Configuration
15. Save > Apply COnfig > OK

************Associate Jabber Client to User***********

1. User Management > User > Choose user


2. Add Device Association : Select created device
3. Save Selected Changes > Back to User
4. Add to Access Control Group
5. Choose: Standard CCM End Users
Standard CTI Allow Control of All Devices
Standard CTI Enabled
6. Add Selected
7. Save
___________________________________________________________________________________
________________

**********Creating a Jabber Client (Android Based) at CUCM**************

You might also like