Professional Documents
Culture Documents
Cisco dCloud
Requirements
Topology
Session Users
Get Started
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 1 of 75
Lab Guide
Cisco dCloud
Scenario 14. Unified CM: Adding Calling Rules to the Call Control for the Meeting Server
What’s Next?
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 2 of 75
Lab Guide
Cisco dCloud
Limitations
Requirements
The table below outlines the requirements for this preconfigured lab.
Required Optional
Cisco AnyConnect®
• DNS A Record – A record has already been created for the Meeting Server IP address, i.e. cms1.dcloud.cisco.com –
198.18.1.42
• DNS A Record – A record has already been created for Cisco Meeting Management, i.e. cmm.dcloud.cisco.com –
198.18.1.43
• DNS SRV record for XMPP – An SRV record for xmpp-client._tcp.dcloud.cisco.com for TCP port 5222
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 3 of 75
Lab Guide
Cisco dCloud
The Meeting Server is also optimized for deployment with Cisco Unified Communications Manager, Cisco Expressway, Cisco
TelePresence® Video Communication Server (VCS) for call control, Cisco Expressway for firewall traversal, and Cisco
TelePresence Management Suite for scheduling (third-party on-premises infrastructure is also supported). It scales easily for
small or large deployments, allowing capacity to be added incrementally as needed. The all-in-one, user-based licensing model
allows you to buy the services you need today and add more licenses as your organization grows. The combination of the
Meeting Server and its licensing model provide you with the flexibility to meet the changing needs of your organization.
This guide covers a simplified deployment of the Meeting Server that is intended to reduce the time and simplify a basic stand-
alone installation. This deployment implements a stand-alone conference bridge integrated with a Unified CM or
Expressway/VCS call control shown in the figure below. It is also enhanced with the Meeting Server Web Bridge functionality
that enables browser-based clients to connect to your conferences using the Cisco Meeting App.
Topology
This lab includes several server virtual machines. Most of the servers are fully configurable using the administrative level
account. Administrative account details are included in the lab guide steps where relevant and in the server details table.
dCloud Topology
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 4 of 75
Lab Guide
Cisco dCloud
Equipment Details
Session Users
The table below contains details on preconfigured users available for your session.
User Details
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 5 of 75
Lab Guide
Cisco dCloud
Get Started
Follow the steps to schedule a session of the content and configure your presentation environment.
2. For best performance, connect to the workstation with Cisco AnyConnect VPN [Show Me How] and the local RDP client on
your laptop [Show Me How]
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 6 of 75
Lab Guide
Cisco dCloud
b. Password: dCloud12345!
2. From the desktop, launch Internet Explorer or Firefox. From the home page, navigate to Collaboration Admin Links >
vCenter.
a. Username: administrator@vsphere.local
b. Password: C1sco12345!
4. Press Login.
6. Power on the Cisco Meeting Server (CMS) virtual machine and open the virtual console for the machine:
a. Click CMS1.
d. Select Web Console option, click OK. This will open another tab in your browser with a console session into Cisco
Meeting Server.
7. When the Meeting Server console start up is complete, the Meeting Server login prompt displays. Log in with these
credentials:
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 7 of 75
Lab Guide
Cisco dCloud
NOTE: If this is the first time logging into the machine, you will be prompted to enter a new password and confirm it. Set the
new password for the admin account to dCloud123!
ATTENTION: The password automatically expires after 6 months. Password policies, including strength and expiration rules can
be customized using the user rule MMP commands. Please see the Password Rules section of the most recent Cisco Meeting
Server MMP Command Reference Guide for more information.
8. After successful login, a command prompt displays. This is the Meeting Server MMP interface and is accessible via the local
machine console SSH after the network interface has been configured.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
Interface A Configuration
NOTE: A virtual instance of Meeting Server can have up to four network interfaces labelled as a, b, c, and d. For this lab, you will
only use the A interface. The A interface must be configured with the IP address information to match the connected network.
1. To set the network interface speed duplex and auto-negotiate parameters, use the iface command. For example, to
display the current configuration on the A interface in the MMP, enter iface a. By default, you will observe the following
on the interface:
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 8 of 75
Lab Guide
Cisco dCloud
2. Set the network interface speed, duplex, and auto negotiation parameters using the iface (admin |a|b|c|d)
<speed> (full|on|off) commands.
3. Switch auto negotiation to on or off using the iface a autoneg <on|off> command.
NOTE: For this lab, use the following command: iface a autoneg on
NOTE: The A interface is initially configured to use DHCP. To view the existing configuration, type: ipv4 a. Use the ipv4 add
command to add a static IP address to the interface with a specified subnet mask and default gateway.
5. Add address 198.18.1.42 with a prefix 16 (netmask 255.255.0.0) with gateway 198.18.1.1 to interface A:
b. The MMP interface is now be accessible via SSH to the IP address 198.18.1.42
7. Check that you can connect with your preferred SSH client Workstation 1 installed via PuTTy using this Hostname (or
IP Address) 198.18.1.42. Click Open and click Yes to accept the security alerts.
a. Username: admin
b. Password: dCloud123!
10. You can now minimize or close the VMware vSphere client.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 9 of 75
Lab Guide
Cisco dCloud
DNS Configuration
The Meeting Server requires DNS lookups for many of its activities, including looking up SRV records, and is required for a
simplified deployment. To view your current DNS configuration, type: dns. By default you will see the following message:
To set the application DNS server, complete these steps for the: dns add forwardzone <domain name> <server IP>
command.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
b. Click Open.
4. Log into the Meeting Server (CMS) with the following credentials:
a. Username: admin
b. Password: dCloud123!
5. To set the DNS to dcloud.cisco.com, type dns add forwardzone dcloud.cisco.com 198.18.133.1
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 10 of 75
Lab Guide
Cisco dCloud
6. Type dns to confirm the change of dns. The Meeting Server returns the status as running.
NOTE: A forward address zone is a pair consisting of a domain name and server address. If a name is below the given domain
name in the DNS hierarchy, then the DNS resolver can query the given server. Multiple servers can be given for any particular
domain name to provide load balancing and fail over. A common usage will be to specify “.” as the domain name, for example,
the root of the DNS hierarchy that matches every domain name.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 11 of 75
Lab Guide
Cisco dCloud
The Meeting Server requires the hostname to be configured in order to identify the server in logs and messages.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
b. Click Open
a. Username: admin
b. Password: dCloud123!
6. To set the hostname, use the command: hostname cms1 for hostname <name>.
7. A reboot is required after issuing the hostname command. Type reboot in the command line.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 12 of 75
Lab Guide
Cisco dCloud
1. If required, RDP to Workstation 1 (198.18.1.36), log into Workstation 1 with these credentials:
a. Username: Adam McKenzie (dcloud\amckenzie)
b. Password: dCloud12345!
b. Click Open
4. Log into the Meeting Server with the following credentials:
a. Username: admin
b. Password: dCloud123!
5. Create a new user with the admin permissions with the command: user add <name> admin.
7. You are prompted to supply a password and confirm the password. For this scenario, use dCloud123!
NOTE: The first time the new user logs in, they are prompted to set their own password. Re-enter: dCloud123!
NOTE: You may need to close the existing PuTTy session and re-open a new session using the new credentials that you created
above.
NOTE: Any MMP user accounts at the admin level can also log into the Web Admin interface of the Call Bridge. You cannot
create users through the Web Admin Interface.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 13 of 75
Lab Guide
Cisco dCloud
NOTE: It is recommended that before upgrading your Meeting Server, you should make a backup of the current configuration
on each server. Do not use the automatic backup file that is created during the upgrade process.
Use the MMP command: backup snapshot <name>.
Save the backup safely to a local server. See the MMP Command Reference guide for full details.
NOTE: It is also recommended to save the cms.lic and certificate file to the local server and to use the Web Admin interface
to check the database cluster status, all call (SIP and clients) are working, and no faults conditions are listed.
NOTE: In order to pull files from the Meeting Server, and add a file to it, an SFTP client is required. SFTP is used to copy backup
files, install licenses, upgrade the server, pull CSRs, and add signed certificates. We will be using WinSCP to transfer files;
however, however any SFTP client can be used (for example. FileZilla).
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
1. If required, RDP to Workstation 1 (198.18.1.36), log into Workstation 1 with these credentials:
b. Password: dCloud12345!
b. Click Open
b. Password: dCloud123!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 14 of 75
Lab Guide
Cisco dCloud
c. Username: admin
d. Password: dCloud123!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 15 of 75
Lab Guide
Cisco dCloud
NOTE: To upgrade to another version, first download and extract the appropriate software from the Cisco Website. Click on this
link, then click on the appropriate Meeting Server listed in the right-hand column of the web page and follow any instructions
displayed with the download link.
10. Highlight the upgrade.img file from the folder and drag them over to the Meeting Server under the Remote Site root file.
11. Once the file has been transferred, minimize or exit out of WinSCP.
b. Click Open
13. Log into the Meeting Server with the following credentials:
a. Username: admin
b. Password: dCloud123!
14. To complete the upgrade, type: upgrade Cisco_Meeting_Server_2_8_vm-upgrade.img
16. To verify that the upgrade was successful, SSH into the MMP using PuTTY.
17. Login with these credentials:
a. Username: admin
b. Password: dCloud123!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 16 of 75
Lab Guide
Cisco dCloud
NOTE: You need license files specific to your Meeting Server instance to complete any deployment. Meeting Server licenses are
delivered using Cisco’s Product Activation Keys (PAK) and fulfilled using Cisco’s License Registration Portal.
NOTE: For detailed information on different Meeting Server licensing models, see the licensing chapter in the larger
deployment guides.
This lab already has the license that is required for the Meeting Server.
1. Open the WinSCP client using the icon located on the desktop.
2. Login using the following credentials:
b. Port Number: 22
c. Username: admin
d. Password: dCloud123!
3. Click Login.
4. Navigate to the local site: C:\Users\amckenzie\Desktop\CMS Certs and License\ or by selecting Desktop from the
dropdown list, and then navigate through the folders.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 17 of 75
Lab Guide
Cisco dCloud
5. Highlight the cms.lic file from the folder and drag the file over to the Meeting Server under the Remote Site root file.
6. Once the file has been transferred, minimize or exit out of WinSCP.
b. Click Open
a. Username: admin
b. Password: dCloud123!
10. If updated with the new license, Call Bridge may need to be restarted.
NOTE: If the license has been updated, then you do not need to use the callbridge-restart command.
11. Optional: If you need to restart Call Bridge, type callbridge restart.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 18 of 75
Lab Guide
Cisco dCloud
NOTE: Sharing a common view of time is important for multiple reasons. Time synchronization is necessary when checking for
certificate validity and to prevent replay attacks.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
1. If required, RDP to Workstation 1 (198.18.1.36), log in as Adam McKenzie (dcloud\amckenzie with password:
dCloud12345! From the desktop, launch PuTTy [ ].
b. Click Open
a. Username: admin
b. Password: dCloud123!
4. To set up an NTP server, enter the command: ntp server add 198.18.133.1
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 19 of 75
Lab Guide
Cisco dCloud
For this simplified lab, we will use one x.509 certificate with the correct attributes signed by an internal CA. Using a self-signed
certificate here is possible but is not recommended as it can cause errors to be seen in web pages and prevents you from
incorporating Meeting Server into Unified CM as a conference bridge.
For this lab, our certificate should have the server FQDN as the Common Name (CN) and must have the domains in the Subject
Alternate Name (SAN) attribute of the certificate, for example. XMPP, Join (WebRTC) etc.
To generate a Certificate Signing Request (CSR) and private key locally, the following command is used:
Pki csr <key/cert basename> <CN:value> [OU:<value>] [O:<value>] [ST:<value>] [C:<value>]
[subjectAltName:<value>]
The CN value should always be part of the SubjectAltName (SAN) list. The Meeting Server pki csr command adds the CN to
the SAN list automatically so you do not have to list it separately.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
Steps
b. Click Open
b. Password: dCloud123!
5. Open the CMS Certs and License folder on the desktop. Open the PKI CSR file to copy and paste the following: pki csr
singlecert CN:cms1.dcloud.cisco.com OU:dcloud O:Cisco L:Richardson ST:Texas C:US
subjectAltName:webbridge.dcloud.cisco.com,xmpp.dcloud.cisco.com,callbridge.dcloud.cisco.com,j
oin.dcloud.cisco.com,webadmin.dcloud.cisco.com
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 20 of 75
Lab Guide
Cisco dCloud
NOTE: The output from this command generates a private key file with the extension of a key and a Certificate Signing request
(CSR) file with the extension .csr on the local file system. See below.
b. Port Number: 22
c. Username: admin
d. Password: dCloud123!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 21 of 75
Lab Guide
Cisco dCloud
10. Highlight the singlecert.csr file under the Remote Site root folder and drag it over in to the Meeting Server Certs and
License folder.
11. When the file has been transferred, minimize or exit out of WinSCP.
12. From the desktop, open the CMS Certs and License folder.
13. Open the singlecert.csr file you downloaded from the Meeting Server into Notepad.
c. Close Notepad
b. Password: C1sco12345
17. From the list of tasks, select Request a certificate. Click Advanced certificate request.
18. Select Submit a certificate request by using the base-64-encoded CMS or PKCS 10 file.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 22 of 75
Lab Guide
Cisco dCloud
19. Populate the Certificate request or Renewal Request form with the following Information:
a. Base-64 encoded Certificate request field: Paste (CTRL-V) the singlecert.csr content that you copied from Notepad into
the field.
21. The certificate has now been issued. Select Base 64 encoded radio button and Download certificate.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 23 of 75
Lab Guide
Cisco dCloud
23. Save the certificate to the CMS Certs and License folder.
26. From the desktop, open the WinSCP client using the icon on the desktop.
b. Port Number: 22
c. Username: admin
d. Password: dCloud123!
28. Click Login. Click Yes at the warning screen prompt.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 24 of 75
Lab Guide
Cisco dCloud
30. Highlight the singlecert.cer and CA-bundle.cer file from the folder and drag the file over to the Meeting Server under the
Remote Site root file.
31. Once the file has been transferred, minimize or exit out of WinSCP.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 25 of 75
Lab Guide
Cisco dCloud
Steps
NOTE: The Call Bridge service must be configured with the certificate to use and which network interface to listen on.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
b. Click Open
b. Password: dCloud123!
4. To view the list of certificates generated in the previous task, type the command: pki list in the command line.
NOTE: The command callbridge listen <interface> allows you to configure a listening interface (chosen from a, b, c, or
d). By default, the Call Bridge listens on no interface.
NOTE: The Call Bridge must be listening on a network interface that is not NAT’d to another IP address. This is because the Call
Bridge is required to convey the same IP that is configured in the SIP messages when talking to remote sites.
6. To configure the Call Bridge to use the certificate, key and bundle verified in step 4, then use the callbridge certs
<keyfile> <certificatefile> <ca bundle> command: callbridge certs singlecert.key singlecert.cer CA-bundle.cer.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 26 of 75
Lab Guide
Cisco dCloud
NOTE: The Call Bridge interface needs to be restarted with the command: callbridge restart to apply the changes.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 27 of 75
Lab Guide
Cisco dCloud
Steps
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
b. Click Open
a. Username: admin
b. Password: dCloud123!
5. Type webadmin listen a 445, the MMP command webadmin listen <interface> <port> to instruct Web Admin to
listen on interface a port 445.
6. To configure Web Admin with the certificate file, type: webadmin certs singlecert.key singlecert.cer CA-bundle.cer, for the
webadmin certs <keyfile> <certificatefile> <ca bundle> command.
8. When successful, you get SUCCESS lines returned stating Web Admin is correctly configure for network and certificate
values.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 28 of 75
Lab Guide
Cisco dCloud
Steps
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
2. From the desktop, open Internet Explorer and from the home page navigate to Collaboration Admin Links > Cisco Meeting
Server.
3. Log into the Meeting Server Web Admin Interface with these credentials:
a. Username: admin
b. Password: dCloud123!
4. Press OK.
NOTE: The SIP Media encryption setting must be compatible with your existing call control and endpoints. The setting
recommended for most usage is Allow. This setting allows both encryption and non-encryption connections. Take care before
setting to Required if you want to specify encryption is required before calls can connect – a mismatch of encryption between
the Meeting Server and the devices will prevent a call from connecting.
NOTE: The SIP call participants labels enables site names to be display overlaid on video images. Enabling participant’s labels is
encouraged for those migrating from MCU’s that use this feature.
7. Click Submit.
NOTE: Customize the maximum bandwidth per call to use for different call types. Bandwidth numbers are bits/sec. We
recommend leaving the bandwidth values at their default settings.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 29 of 75
Lab Guide
Cisco dCloud
The Call Matching figure shown below seeks to match all incoming calls on the meet.company.com domain to both Cisco
Meeting App, users, and spaces.
Steps
NOTE: We recommend that rules are created for every domain expected for incoming calls. With some call control solutions the
domain in the alias may be the IP address or hostname of the Meeting Server.
Rules with a higher priority value are matched first. In case where multiple rules have the same priority, matching occurs based
on the alphabetical order of the domain.
After a rule is matched and executed, rules further down the list are ignored for the call. If all Call Matching rules fail, the next
table (Call Forwarding) is checked.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
3. Log into the Meeting Server Web Admin Interface with these credentials:
a. Username: admin
b. Password: dCloud123!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 30 of 75
Lab Guide
Cisco dCloud
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 31 of 75
Lab Guide
Cisco dCloud
Steps
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
2. From the desktop open Internet Explorer.
4. Click Ok.
5. Log into the Meeting Server Web Admin Interface with these credentials:
a. Username: admin
b. Password: dCloud123!
6. Select Configuration > Outbound calls.
a. Domain: dcloud.cisco.com
f. Behavior: Stop
g. Priority: 100
h. Encryption: Auto
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 32 of 75
Lab Guide
Cisco dCloud
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 33 of 75
Lab Guide
Cisco dCloud
Steps
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
2. From the desktop, open Internet Explorer.
4. Click Ok.
5. Log into the Meeting Server Web Admin Interface with these credentials:
a. Username: admin
b. Password: dCloud123!
6. Select Configuration > Space.
7. Use an empty row to create a new space. Enter the following information in these fields:
8. Click Add New [ ], located on the right side of the table, to save the new values.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 34 of 75
Lab Guide
Cisco dCloud
Scenario 14. Unified CM: Adding Calling Rules to the Call Control for the
Meeting Server
This scenario will cover tasks required to set up a Cisco Unified CM example. In the previous scenario you configured the
Meeting Server to listen to incoming Calls and to send calls. In this scenario, you will configure your Call Control to identify calls
intended for the Meeting Server and configure their destination.
In this lab, the Meeting Server listens for SIP calls on the A network interface when the Call Bridge is listening on TCP ports 5060
or 5061. Now, you will configure your Call Control to identify which alias patterns are intended for the Meeting Server and the
trunks/zones of where to send calls.
This scenario adds a dial plan configuration to an existing Cisco Unified CM to route SIP URIs and E.164 dial patterns to the
Meeting Server using SIP TLS. While using the TLS is usually described as a best practice, using SIP TCP port 5060 is also valid.
NOTE: SIP TCP configuration is not covered in this guide. See Cisco Meeting Server 2.x with Cisco Unified Communications
Manager Deployment Guide for more details.
Steps
The Cisco Unified Communication Manager applies a default security profile called a No Secure SIP Trunk. Creating a SIP Trunk is
used for TCP.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
To use TLS, or something other than the standard security profile, follow these steps:
5. Log into the Cisco Unified Communication Manager with these credentials:
a. Username: administrator
b. Password: dCloud123!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 35 of 75
Lab Guide
Cisco dCloud
a. Name: dCloud_TLS_Security_Profile_CMS
b. Select the Device Security Mode: Encrypted
9. Click Save.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 36 of 75
Lab Guide
Cisco dCloud
When you create a SIP Trunk for TCP, the Cisco Unified Communication Manager applies a default security profile called the No
Secure SIP Trunk.
To use TLS, or something other than the standard security profile, follow these steps:
4. Click Next.
e. Location: dCloud_Location
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 37 of 75
Lab Guide
Cisco dCloud
c. SIP Trunk Security Profile: Select the security profile that you previously created - dCloud_TLS_Security_Profile_CMS
8. Click Save.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 38 of 75
Lab Guide
Cisco dCloud
You can configure domain-based routing, for example, Meet.Company.com, and/or number-based routing, for example,
86XXXX, to the Meeting Server through the Cisco Unified Communication Manager Interface.
e. SIP Trunk/Route List: Select the trunk you configured in the previous section, which is dCloud_SIP_Trunk_CMS
1. In your browser, select Call Routing > Route/Hunt > Route Pattern. A list of existing Route Patterns is displayed.
2. Click Add New.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 39 of 75
Lab Guide
Cisco dCloud
4. Click Save.
Now that the call control is configured, you can dial into the test conference created in Scenario 13 to validate the configuration
for this scenario. With an endpoint registered to this session or with one of the Cisco Jabber clients on the workstations, dial the
SIP URI of the test meeting that was created earlier.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
3. From the desktop, launch Cisco Jabber client. If required, login with these credentials:
a. Username: amckenzie
b. Password: dCloud12345!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 40 of 75
Lab Guide
Cisco dCloud
4. Once the client is ready and connected, within the Search or Call field, enter test@a.dcloud.cisco.com and click Call. You
are now in the Test conference meeting space.
5. End the call and then minimize or exit out of Cisco Jabber and Internet Explorer.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 41 of 75
Lab Guide
Cisco dCloud
Steps
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
1. If required, RDP to Workstation 1 (198.18.1.36), log into Workstation 1 with these credentials:
b. Password: dCloud12345!
a. Username: admin
b. Password: dCloud123!
5. Enter xmpp listen a for the MMP command xmpp listen <interface whitelist> to instruct XMPP Server to
listen on interface a.
6. Enter xmpp certs singlecert.key singlecert.cer CA-bundle.cer to configure XMPP with the certificate file,
using the xmpp certs <keyfile> <certificatefile> <ca bundle> command format.
7. You will define the XMPP domain for the deployment with the command xmpp domain <domain name> by entering
xmpp domain dcloud.cisco.com.
8. Enable the XMPP service by entering xmpp enable. The screen will show a message that XMPP is correctly configured and
enabled.
In the second phase, the Call Bridge requires a set of credentials to connect to the XMPP server. These credentials are created in
the XMPP server and subsequently added to the Call Bridge configuration.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 42 of 75
Lab Guide
Cisco dCloud
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
Complete these steps to add the Call Bridge to the XMPP server:
1. If required, RDP to Workstation 1 (198.18.1.36), log into Workstation 1 with these credentials:
b. Password: dCloud12345!
3. At the PuTTy command line, SSH into the MMP with these credentials:
b. Click Open
a. Username: admin
b. Password: dCloud123!
5. Enter xmpp callbridge add dCloud_Component for the MMP command xmpp callbridge add <component
name> to provide a component name for the Call Bridge for authentication.
NOTE: Make sure you document the domain, component name, and secret generated because they are required when you use
the Web Admin interface to configure the Call Bridge access to the XMPP server.
NOTE: If you lose the details, use the MMP command xmpp callbridge list to display them.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 43 of 75
Lab Guide
Cisco dCloud
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
1. If required, RDP to Workstation 1 (198.18.1.36), log into Workstation 1 with these credentials:
a. Username: Adam McKenzie (dcloud\amckenzie)
b. Password: dCloud12345!
b. Click Open
a. Username: admin
b. Password: dCloud123!
5. Type webbridge listen a:443 for the MMP command webbridge listen <interface[:port]> to instruct the
Web Bridge to listen on interface a port 443.
6. Type webbridge certs singlecert.key singlecert.cer CA-bundle.cer to configure the Web Bridge with the
certificate file, using the webbridge certs <keyfile> <certificatefile> <ca bundle> command.
7. For the Call Bridge to instruct the Web Bridge to trust connections from the Call Bridge, type webbridge trust
singlecert.cer for the MMP command webbridge trust <certfile>
8. To enable the Web Bridge service, type webbridge enable. The screen will show a success message that the Web Bridge
is configured properly.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
Complete these steps to configure XMPP Server via the Web Admin interface:
1. If required, RDP to Workstation 1 (198.18.1.36) and login using these credentials.
b. Password: dCloud12345!
2. From the desktop open Internet Explorer.
4. Click OK.
5. Log into the Meeting Server Web Admin Interface with these credentials:
a. Username: admin
b. Password: dCloud123!
a. Unique Call Bridge name (this is the component name previously set up, no domain part is required):
dCloud_Component
b. Domain (this is the XMPP server domain set up previously): dcloud.cisco.com
9. Select Status > General to verify the server connection. You should see details similar to the following in the XMPP
Connection field.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 45 of 75
Lab Guide
Cisco dCloud
To enable Guest access to the Web Bridge, the Call Bridge must be configured to locate the Web Bridge.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
Complete these steps to configure the Web Bridge to connect with the Web Bridge:
b. Password: dCloud12345!
4. Click OK.
5. Log into the Meeting Server Web Admin Interface with these credentials:
a. Username: admin
b. Password: dCloud123!
7. Set the Guest account client URI to the HTTPS URL for your Meeting Server by typing https://join.dcloud.cisco.com
8. Type dcloud.cisco.com to set the Guest Account JID domain to your XMPP domain.
10. Set the Web Bridge URI-to go to External Access and enter the HTTPS URL https://join.dcloud.cisco.com for your Meeting
Server.
12. Confirm the Call Bridge is not reporting any errors for the Web Bridge by selecting Status > General and checking there are
no alarms in the Fault conditions panel.
NOTE: Meeting Server enforces an inactivity timer on all management interfaces. After approximately 30 seconds of inactivity
on any management interface, the software will automatically log you out. You must log back in with your credentials to
continue with your scenarios.
b. Password: dCloud12345!
2. From the desktop, open Chrome.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 46 of 75
Lab Guide
Cisco dCloud
3. Navigate to https://join.dcloud.cisco.com. Sign in and join the meeting as a Guest and follow these steps:
b. Enter 1001 for the meeting ID, which was set up in Scenario 13.
c. Click Join meeting (no password was set up).
d. Enter a name for the guest user (Any name) and click Join meeting.
e. Accept the default Camera, Microphone, and Speaker settings, click Join meeting.
f. The WebRTC app will load and allow your user into the Test space.
b. Password: dCloud12345!
5. From the desktop, launch Cisco Jabber Client. If required, login using these credentials:
a. Username: aperez
b. Password: dCloud12345!
6. Once the client is ready and connected, within the Search or call field enter test@a.dcloud.cisco.com. Click Call. You are
now in Test conference meeting space.
7. You can now end the call within the browser on Workstation 1 and Jabber client on Workstation 2.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 47 of 75
Lab Guide
Cisco dCloud
Steps
b. Password: dCloud12345!
2. From the desktop launch Internet Explorer. Browse to https://cms1.dcloud.cisco.com:445. Click Ok.
3. Log in to the Meeting Server Web Admin Interface using these credentials:
a. Username: admin
b. Password: dCloud123!
• Address: ad1.dcloud.cisco.com
• Port: 389
• Username: cn=administrator,cn=users,dc=dcloud,dc=cisco,dc=com
b. Import Settings:
• Filter: telephoneNumber=*
• Username: $sAMAccountName$@dcloud.cisco.com
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 48 of 75
Lab Guide
Cisco dCloud
8. After a minute or two, navigate to Status > Users. It should display the user created by the LDAP import.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 49 of 75
Lab Guide
Cisco dCloud
9. The navigate to Configuration > Spaces. It should display the spaces that were created from the imported users.
NOTE: If the user list is empty, navigate to Logs > Event Log. Locate the entries starting with LDAP sync operation: Any errors
about attributes missing or duplicate entries means you Field Mappings or search criteria needs adjusting to avoid errors. Go to
Configuration > Active Directory and modify your import settings, click Submit and Sync now to retry the import.
3. Browse to https://join.dcloud.cisco.com. The welcome screen should display Sign In and Join Meeting as guest options.
4. Click Sign In. This will allow you to log in with an account that was included in the LDAP import:
b. Password: dCloud12345!
5. Click Sign in.
Once logged in successfully, the WebRTC app will load and the user can open their existing space, dial out to remote
participants, or have other participants dial into the space.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 50 of 75
Lab Guide
Cisco dCloud
• Ad-hoc Conferencing
CMM is a on-premises management solution for Cisco Meeting Server (CMS). It is a set of management services built around
CMS and its APIs. CMM compliments and extends the feature set of CMS and together, CMS and CMM form a complete video
solution. TMS continues to provide scheduling services and endpoint management.
One of the aims of CMM is to enable customers to move from legacy products to CMS. Without CMM, there is a feature gap
that prevents customers from moving to CMS. CMM will make things easier for our customers, partners, and resellers and will
eventually be a single pane of glass in front of CMS that can offer the following features:
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 51 of 75
Lab Guide
Cisco dCloud
Steps
1. RDP to Workstation 1 (198.18.1.36) and, if necessary, log in with the following credentials:
b. Password: dCloud12345!
2. Using any browser, click Collaboration Admin Link and click Vcenter.
a. Username: administrator@vsphere.local
b. Password: C1sco12345!
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 52 of 75
Lab Guide
Cisco dCloud
a. vc1.dcloud.cisco.com
b. dcloud_Datacenter
c. IP address
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 53 of 75
Lab Guide
Cisco dCloud
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 54 of 75
Lab Guide
Cisco dCloud
10. Click in the main screen and press Tab key. This will highlight Next. Press the Enter key to go to the next screen.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 55 of 75
Lab Guide
Cisco dCloud
a. Hostname: CMM
b. Address acquisition: Manual
c. IP address: 198.18.1.43
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 56 of 75
Lab Guide
Cisco dCloud
13. CMM is ready to use when you receive the message screen below. Make note of the generated Administrator credentials.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 57 of 75
Lab Guide
Cisco dCloud
15. Enter the generated Administrator username and password. Click Sign In.
16. You will be prompted to change the password. Change the password to dCloud123! and click Save.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 58 of 75
Lab Guide
Cisco dCloud
1. RDP to Workstation 1 (198.18.1.36) and, if necessary, log in with the following credentials:
b. Password: dCloud12345!
2. Using any browser, navigate to Collaboration Admin Links and select Cisco Meeting Manager.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 59 of 75
Lab Guide
Cisco dCloud
a. Username: admin
b. Password: dCloud123!
4. The Overview will be the single place to view the status of you entire CMS system (single, cluster, distributed) and shows
information such as the number of active calls, total spaces, and number of meetings.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 60 of 75
Lab Guide
Cisco dCloud
5. In the left column, click Settings [ ]. Confirm Network Settings: Hostname, DNS Servers, and IPv4 information. (Scroll
down the Settings window for more information.)
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 61 of 75
Lab Guide
Cisco dCloud
6. Click NTP to confirm the NTP Status. At least one IP address has sys-peer (green) status. If no IP address is green, click Add
NTP server and follow the steps below to edit the server IP addresses.
• 198.18.133.1
• 198.18.128.1
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 62 of 75
Lab Guide
Cisco dCloud
8. Notice the servers are added. Click Restart now at the top of the page.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 63 of 75
Lab Guide
Cisco dCloud
10. Click CDR. Add the CMM FQDN: cmm.dcloud.cisco.com and click Save.
11. Click Restart now at the top of the page to assign the CMM as the CDR receiver. Click Restart when prompted, “Are you
sure you want to restart Meeting Management now?”
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 64 of 75
Lab Guide
Cisco dCloud
12. Click Users to confirm User Group Details and LDAP Configuration.
NOTE: We are not using the Local and Local Configuration, so they will not be configured.
13. To add a Local User to the Local group, click Local. Click Add Local User.
a. Username: jdaniels
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 65 of 75
Lab Guide
Cisco dCloud
16. Confirm Jack Daniels has been added to Local User group.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 66 of 75
Lab Guide
Cisco dCloud
OPTIONAL: If you want to test the Jack Daniels account, sign out of CMM and re-login with jdaniels credentials. See the
screenshot below.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 67 of 75
Lab Guide
Cisco dCloud
c. Username: admin
d. Password: dCloud123!
e. Display name: dcloud-CMS1
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 68 of 75
Lab Guide
Cisco dCloud
3. Click Upload certificate. This will take you to the computer’s Directory. Navigate to the CMM Certificate: Desktop > New CA
Certs > CMM > Certificates. Select the CMM-Certificate-chain.cer file and click Open.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 69 of 75
Lab Guide
Cisco dCloud
5. Confirm the upload was successful. A green box with a check will appear and display the newly added Callbridge to CMM.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 70 of 75
Lab Guide
Cisco dCloud
Then the green box will disappear and CMM Server section look like below.
NOTE: Most notications warning/errors will have disappeared with adding the CMS Callbridge successfully. We do have SSL
Certifcate for the CMM that has expired. We are using the certificate that is native the dCloud certificate.
Ad-hoc Conferencing
Ad-hoc Conferencing uses the CMS Spaces with Workstation 1 and Workstation 2 dialing into Anita Perez’s Space.
1. At Workstation 1, Adam McKenzie Jabber client dials aperez.space@a.dcloud.cisco.com. Adam’s Jabber client joins Aperez
Space as a participant.
2. At Workstation 2, Anita Perez Jabber client dials aperez.space@a.dcloud.cisco.com. Anita’s Jabber client joins Aperez
Space as a participant.
3. Go to the CMM. Click Meetings and click Active to view active meetings on CMS.
4. Click Anita Perez’s Meeting Space to expand the list of participants, status, and meeting options available for this space.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 71 of 75
Lab Guide
Cisco dCloud
5. Click the ellipses [ … ] for any participant’s name. You will see options available as individual participants in this meeting.
Some of these features and options are: Mute Audio, Stop Video, drop the participant, change your layout on device (if
device has the capabilities), and call Call information and Stats. Some action items include:
a. If you hover over the Actions section, you can see the call controls for controls to audio/video or drop the participants
items.
b. If you select a participant in the meeting details, a side panel with call information and individual control will open.
Scroll down to see call stats.
c. If you select Layout, you can change the video layout for all participants who are dialing in from a SIP Endpoint.
Changing of the layout will only affect participants in the meeting and can subsequently change their layouts.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 72 of 75
Lab Guide
Cisco dCloud
7. Click on any participants to change their layout, or mute/unmute participants, stop/start video of participants.
8. Disconnect all participants by pressing End Meeting icon. Click End when prompted, “Are you sure you want to end this
meeting? This will disconnect all participants.”
9. Notice all participants change from green check marks to red X next to the their names.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 73 of 75
Lab Guide
Cisco dCloud
10. Notice eventually all participants associated to the Anita Perez Space will disappear and no Active meeting will be shown.
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 74 of 75
Lab Guide
Cisco dCloud
What’s Next?
Ready to learn more? Try the CMS intermediate lab:
© 2020 Cisco and/or its affiliates. All rights reserved. This document is Cisco Public Information. Page 75 of 75