CMR Cloud Lab Guide Community

Collaboration
Meeting Room
• CMR Premises
• CMR Hybrid
• CMR Cloud
Brought to you by the Solutions Readiness Engineers

2015
Collaboration Meeting Room Cloud Lab
Disclaimer
These exercises are intended to demonstrate one way to configure Cisco’s Collaboration Meeting Room
solutions, to meet the specified requirements of this lab. There are various ways that this can be
accomplished, depending on the situation and the customer's goals/requirements. Please ensure that you
consult all current official Cisco documentation before proceeding with a design or installation. This lab is
primarily intended to be a learning tool, and may not necessarily follow best practice recommendation at
all times, in order to convey specific information.
No infringement is intended in the use of the two characters from Peter Robinson’s Inspector Alan Banks novels and
the Left Bank Pictures television for ITV network series DCI Banks.
Solutions Readiness Engineers Version 5.1 Page 2 of 46

Table of Contents

Disclaimer ..................................................................................................................................................................................................................... 2
Lab Overview ............................................................................................................................................................................................................... 4
Lab Systems Information .......................................................................................................................................................................................... 5
User Information .......................................................................................................................................................................................................... 5
WebEx Site Information: ........................................................................................................................................................................................... 5
Resources ...................................................................................................................................................................................................................... 6
Section 1: CMR Overview ............................................................................................................................. 7

What is Cisco Collaboration Meeting Room (CMR)? ................................................................................................................................... 8
Why Choose CMR? ........................................................................................................................................................................................................ 8
Which CMR deployment do I choose? ............................................................................................................................................................... 8
Section 2: Preliminary Configuration .......................................................................................................... 10

Our Initial Environment ....................................................................................................................................................................................... 11
SIP Configuration ....................................................................................................................................................................................................... 12
VCS Control (VCS-‐C) Configuration ................................................................................................................................................................. 20
VCS Expressway Configuration ......................................................................................................................................................................... 28
Section 3: CMR Cloud ................................................................................................................................. 34

CMR Cloud Overview ............................................................................................................................................................................................. 35
Verifying WebEx Site Administration Settings for CMR Cloud ............................................................................................................... 39
Appendix A ................................................................................................................................................. 45

Certificate Installation on VCS Expressway ................................................................................................................................................ 45
Certificate Installation ............................................................................................................................................................................................. 46


Lab Overview
CMR Cloud Lab Diagram


Lab Systems Information
Domain = srevideoX.goldlabs.ciscosystems.com (X = Your assigned pod number (2 through 10))

System IP Hostname Username Password Role(s)
10.10.X.7 video-ad-tms Administrator C!sc0123 GC, AD
Microsoft Active Directory
Version Windows Server 2012 R2
Cisco Unified Communications 10.10.X.10 video-cucm Administrator C!sc0123 Call Control
Manager Version 10.5.2.11900-3
10.10.X.5 vcsc admin C!sc0123 Call Control
VCS Control (VCS-C)
Version X8.5.1
10.11.X.6 vcse admin C!sc0123 Traversal
VCS Expressway (VCS-E) (see next table) vcse admin C!sc0123 Server
Version X8.5.1
Registered to
10.10.X.40 SX20-3040 admin <blank>
SX20 Video Endpoint CUCM
Version TC7.3.1.8a4696f
Registered to
10.10.X.41 SX20-4041 admin <blank>
SX20 Video Endpoint VCS Control
Version TC7.3.1.8a4696f
Workstation 10.10.X.91 CMR-WS01 abanks C!sc0123 Workstation
Workstation 10.10.X.92 CMR-WS02 acabbot C!sc0123 Workstation
Throughout these lab steps, we will refer to the domain as

srevideoX.goldlabs.ciscosystems.com or to an IP address as 10.10.X.something.
Note:
Remember that the X in the domain name or in IP addresses should always be replaced by
your one- or two-digit pod number.
User Information
Username Password First Name Last Name Extension Role

abanks C!sc0123 Alan Banks 3040 WebEx Admin
acabbot C!sc0123 Annie Cabbot 4041 CMR Cloud user
WebEx Site Information:
CMR Cloud Address ! cloud-srelab.webex.com


Resources
o Cisco Unified Communications Manager
CUCM Documentation Guide ! http://www.cisco.com/c/en/us/support/unified-
communications/unified-communications-manager-callmanager/products-maintenance-
guides-list.html
• CUCM Administration Guide 10.0(1)
• CUCM Features and Services Guide 10.0(1)
(CUCM guides for 10.5 were not posted at the time when this guide was published.)
o Cisco TelePresence Management Suite Configuration Guides

http://www.cisco.com/c/en/us/support/conferencing/telepresence-management-suite-
tms/products-installation-and-configuration-guides-list.html
o CMR Hybrid Configuration Guide with TMS 14.6

http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/tms/config_guide
/cmr_hybrid_config_guide_tms_14_6.pdf
o Cisco VCS/Cisco Expressway and CUCM via SIP Trunk Deployment Guide (CUCM 8,9,10 and
X8.5)
http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/vcs/config_guide
/X8-5/Cisco-VCS-SIP-Trunk-to-Unified-CM-Deployment-Guide-CUCM-8-9-10-and-X8-5.pdf
o Cisco TelePresence Management Suite Extension for Microsoft Exchange Deployment Guide
– Version 4.1
http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/tmsxe/install_gui
de/Cisco-TMSXE-deployment-guide-4-1.pdf
o Cisco Virtual TelePresence Server (vTS)

http://www.cisco.com/c/en/us/support/conferencing/telepresence-server-on-virtual-
machine/model.html
o CMR Landing page on CCO

http://www.cisco.com/go/cmr
o Create and Manage Room Mailbox – Exchange Server 2013 and Office 365
https://technet.microsoft.com/en-us/library/jj215781%28v=exchg.150%29.aspx
o Impersonation and EWS in Exchange

https://msdn.microsoft.com/en-us/library/office/dn722377%28v=exchg.150%29.aspx
o CMR Cloud Configuration Guide

http://www.cisco.com/c/dam/en/us/td/docs/telepresence/infrastructure/solutions/cmrclou
d/CMRCloudEnterpriseDeployment.pdf
o Voice of the Engineer link (Partner Community)

https://communities.cisco.com/docs/DOC-7823 or http://cs.co/cvoe

Section 1: CMR Overview

What is Cisco Collaboration Meeting Room (CMR)?
One Meeting, One Experience
Strengthen business relationships with Cisco Collaboration Meeting Rooms (CMR). Enable everyone to
meet using virtually any device, for a business-quality video collaboration experience that combines video,
voice, and content sharing technologies.
CMR brings together our industry-leading video conferencing infrastructure and proven, scalable, WebEx
cloud conferencing services to deliver an exceptional meeting experience. With our technology you can
host video-optimized meetings, which are available to anyone, anywhere, on any device.
CMR helps enable people to meet with others in a way that suits their working day. You can:
" Invite others to meet in your personalized, always-available virtual meeting place quickly and
easily, anytime
" Create instant meetings whenever needed, add a third person to your conversation, or start new
meetings
" Reserve the conference rooms and media resources required for scheduled meetings for defined
audiences
Cisco TelePresence Management Suite (TMS) is used to configure and manage the Cisco WebEx bridging
feature in Cisco TelePresence meetings. During the meeting, TelePresence participants see live video of
all other TelePresence participants and the video of the most recently active WebEx participant. WebEx
participants see the video of all other WebEx participants and the video of the most recently active
TelePresence participant.
Why Choose CMR?
" Simple: Intuitive controls allow you to create, launch, and join meetings easily
" Proven: Take advantage of industry-leading Cisco video and web conferencing
" Scalable: Superior scale can enable over 500 participants to join a single meeting
" Global: Enjoy global reach with consistent quality
" Flexible: CMR is available in cloud, on-premises, and hybrid deployment options
1
Which CMR deployment do I choose?
Slide courtesy of Richard Murphy – TME / Cisco live! Session BRKEVT-2803 CMR
1
Information obtained from www.cisco.com/go/cmr
CMR Premises is just that. All components to create and join a meeting in a user’s reserved virtual
meeting room are within the organization’s environment. Cloud services do not come into play. Cisco
TelePresence Conductor, Cisco TelePresence Management Suite, and Cisco TelePresence Management
Suite Provisioning Extension (TMSPE) are configured to facilitate CMR Premises. Conductor utilizes two
databases to do alias matches (Direct Match or Regex) and leverages a new provisioning API to allow it to
integrate with TMS, and by extension TMSPE. As of the early part of 2015, the minimum version
requirements were: Conductor (XC3.0), TelePresence Server (4.1) and/or MCU (4.5), TMSPE (1.4), and
TMS (14.6).
CMR Hybrid leverages an organization’s investment of on premise call control and Cisco TelePresence;
and ties that into WebEx for video rich conferencing. Configuring CMR Hybrid is dependent on Cisco call
control - whether it’s a Voice Communication Server (VCS) centric or Cisco Unified Communications
Manager (CUCM) centric type of deployment. Several components are key to this deployment model,
including TMS (14.6+), TelePresence Server (4.1+) and/or MCU (4.5+) conference bridges, Conductor
(XC3.0+), VCS Control and Expressway (or Expressway-C and Expressway-E) (X8.2.2+ but X8.5+
recommended) and/or CUCM (9.1(2)SU2 or 10.5(2)).
CMR Cloud provides rich video conferencing in the cloud. Sold as an add-on to Cisco WebEx, CMR Cloud
users are able to dial a public URI (SIP or H.323) from any standard video endpoint to join a CMR Cloud
meeting in a WebEx user’s personal room (now known as a collaboration meeting room (CMR). It does
not mandate any call control technology on an organization’s premises. A WebEx Meeting Center site
must be running release WBS29 to support CMR Cloud.
Slide courtesy of Steve Greenberg – CSE / VoE_CMR
This lab will take the participant through the steps of deploying CMR Premises, CMR Hybrid, and CMR
Cloud.


Section 2: Preliminary

Configuration

Our Initial Environment
Our lab starts off with two Cisco TelePresence SX20 Quick Set video endpoint systems, registered to two
different call control systems within the same organization. One SX20 belongs to a fictitious user – Alan
Banks. This endpoint is registered to a Cisco Unified Communications Manager (CUCM). Alan Banks’
SX20 is configured on CUCM with directory number 3040, and is reachable via SIP dialing to the URI of
3040@srevideoX.goldlabs.ciscosystems.com (where the X is your pod number). The second SX20 belongs
to another fictitious user – Annie Cabbot. Annie Cabbot’s SX20 is registered to a Cisco TelePresence Video
Communication Server (VCS) (as its SIP Proxy Server) and is configured with the SIP URI of
4041@srevideoX.goldlabs.ciscosystems.com (again, where the X is your pod number).
The two call control systems (CUCM and VCS) are not fully configured; nor are they linked, so there is no
way for 3040 and 4041 to call one another.
Convert to SIP Early Offer (CUCM-Centric Deployments)

This configuration supports deployments where endpoints are registered to CUCM only or both CUCM and
VCS Control/VCS Expressway. Several prerequisites are required to configure the settings:
• CUCM 9.1(2) or 10.5(2)
• Endpoints in the network registered to CUCM
• Cisco VCS Control (or Expressway-C) (hereinafter referred to as VCS-C) is deployed in the private
network
• Optionally, endpoints in the network registered to VCS Control
• To ensure optimum SIP audio and video connectivity between MCU and TelePresence Server and
the WebEx cloud, it is recommended to set the CUCM region to permit a minimum of 1.3 Mbps
Configure a SIP Trunk between CUCM and VCS-C

• CUCM version: 9.1(2) or 10.5(2)
• VCS version: X8.5
While a SIP trunk between the CUCM and VCS-C is required for endpoints registered to CUCM to
participate in a CMR Hybrid meeting, it is also required for CUCM endpoints to be able to call endpoints
registered to VCS-C (and vice versa).

SIP Configuration
Step 1: From CMR-WS01-PodX, launch Firefox via either the icon on the desktop or the taskbar.
Step 2: Browse to https://video-cucm/ccmadmin.
Step 3: Login with:
a. Username ! Administrator
b. Password ! C!sc0123
CUCM presents a warning message when first logged in. In the lab a backup device is not
configured and as such this message can be ignored.
Note:
In a production environment it is highly recommended that CUCM is backed up on a

regular basis.
Configure the Cluster Fully Qualified Domain Name (FQDN)

CUCM must be configured with a FQDN so that it can receive calls to URIs (<address>@domain). This is
also required if CUCM is clustered, so that VCS can send the call to any of the CUCMs in the cluster.
Step 4: Continuing in CUCM from the main menus select System ! Enterprise parameters.
Step 5: Locate the Clusterwide Domain Configuration section.
Press Ctrl+F (Windows) or Command ⌘+F (MAC) and search for Clusterwide to locate
Hint:
this parameter faster.
Step 6: Set the Organizational Top Level Domain to srevideoX.goldlabs.ciscosystems.com

The X in srevideoX.goldlabs.ciscosystems.com or in an IP address like 10.10.X.something
should always be replaced by your one- or two-digit pod number. If you are assigned to
Pod 2, X will become the number 2. (This is different from the login used to connect to the
Reminder:
lab environment (pod02)).
In the VCS-E external address (128.107.217.XX), the fourth octet is also unique to your
pod, as shown in the chart on page 7.
Step 7: Set the Cluster Fully Qualified Domain Name to

srevideoX.goldlabs.ciscosystems.com
Step 8: Click Save.
Create a Copy of the Standard SIP Profile for Cisco VCS
There are a few reasons why copies of the default SIP Profiles are created. Firstly, the
default profiles cannot be modified. Copies can be modified with only those changes that
are necessary. Also, creating copies and assigning them to specific duties makes
Why? troubleshooting quicker by not having to search through and making changes to a single
profile that is being used for multiple purposes. Changes made to a common profile
shared by many devices could result in other functionality no longer working - thus
compounding a troubleshooting session.
Step 9: From the main menus select Device ! Device Settings ! SIP Profile.
Step 10: Click Find.
Step 11: Locate the Standard SIP Profile for Cisco VCS and from the right side click on the Copy
symbol.
Step 12: Give the copied profile the following name ! CMR Standard SIP Profile for Cisco VCS.
Step 13: Continue under SIP Profile Information and verify the following:
a. Default MTP Telephony Event Payload Type ! 101
b. Redirect by Application ! Verify the box is checked
c. Use Fully Qualified Domain in SIP Requests ! Verify the box is checked
Step 14: Scroll down to Trunk Specific Configuration.

a. Verify that Reroute Incoming Request to new Trunk based on ! Never.
b. From the Early Offer support for voice and video calls drop down box select ! Best
Effort (no MTP inserted).
Step 15: Under SIP OPTIONS Ping verify that Enable OPTIONS Ping to monitor destination
status for Trunks with Service Type “None (Default)” is checked.

Step 16: Scroll down to SDP Information and verify that:
a. Allow Presentation Sharing using BFCP ! Verify the
box is checked
Step 17: Click Save.
Step 18: Click Go next to Back to Find/List.
Create a copy of the Standard SIP Profile

Note: Steps 27 through 31 have already been completed in the lab environment, as they were
required to register the SX20 (3040) to CUCM. They are presented here as reference.
Step 19: Click on the CMR Standard SIP Profile.
Step 20: Verify that the box next to Use Fully Qualified Domain in Requests is checked.
Step 21: Scroll down almost to the bottom of the screen to SDP Information within Trunk Specific
Configuration.
Step 22: Verify that the check box for Allow Presentation Sharing using BFCP is checked.
Region Session Bit Rate for Video Calls

Step 24: From the main menus select System ! Region Information ! Region.
Step 26: Select the Default region.

Step 27: Click Default in the Regions Box.
Step 28: Under Modify Relationship to other Regions, set the Maximum Session Bit Rate for Video
Calls to 6000 kbps.
Step 29: Click Apply Config.

Step 30: Click OK in the Apply Configuration pop-up window.
Step 32: Click Reset.
Step 33: Click Restart in the Device Reset pop up box.

Step 34: Click Close.
Configure the SIP Trunk Security Profile

As with the previous SIP Profiles it is good practice to copy and then modify the default profiles.
Step 35: From the main menus select System ! Security ! SIP Trunk Security Profile.
Step 37: Click the Copy symbol to the far right of the Non Secure SIP Trunk Profile.
Step 38: Give it the new name of CMR Non Secure SIP Trunk Profile.

Step 40: Modify the following two fields:
a. Check ! Accept Unsolicited Notification
b. Check ! Accept Replaces Header
As this is a new Profile and not assigned to any Trunks, it’s not necessary to click Reset at
this time.
Create a SIP Trunk to VCS

Step 42: From the main menus select Device ! Trunk.
Step 43: Click Add New.
Step 44: Select the Trunk Type ! SIP Trunk.
Step 45: Verify the Device Protocol displays SIP.
Step 46: Leave the Trunk Service Type as None (Default).
Step 47: Click Next.
Step 48: Configure the new Trunk with the following parameters:
a. Device Name ! CMR_VCS_SIP_Trunk
b. Description ! CMR SIP Trunk to VCS
c. Device Pool ! Default
d. Call Classification ! OnNet

e. Media Termination Point Required ! If checked, clear this check box
☐ Clear this check box if any video phones registered to CUCM are to make or receive
Note: video calls with endpoints registered to VCS.
# Select this check box if only audio devices are registered to CUCM.
f. SRTP Allowed ! Check this box

g. Run On All Active Unified CM Nodes ! Check this box
Step 49: Scroll down to Call Routing Information ! Inbound Calls and check Redirecting
Diversion Header Delivery – Inbound.
Step 50: Scroll down and configure the SIP Information fields as follows:
a. Destination address is an SRV ! Do not select this box
b. Destination address ! vcsc.srevideoX.goldlabs.ciscosystems.com
c. Destination port ! 5060
d. SIP Trunk Security Profile ! Select the profile copied and modified earlier CMR Non
Secure SIP Trunk Profile
e. SIP Profile ! CMR Standard SIP Profile for Cisco VCS

Step 52: Click OK in the pop up box.
Step 53: Click Reset.

Step 54: In the Reset pop up box click Reset once again.
Step 55: Click Close.
Allow numeric dialing from CUCM registered phones to VCS C registered phones
Step 56: From the main menus select Call Routing ! Route/Hunt ! Route Pattern.
Step 58: Create the Route Pattern as follows:
a. Route Pattern ! 4XXX (In this instance the XXX’s do not indicate pod information.)
b. Description ! Route 4XXX extensions to VCS
c. Gateway/Route List ! CMR_VCS_SIP_Trunk
d. Call Classification ! OnNet

Step 60: Click OK in the Authorization Code pop up notification window.
Step 61: Click OK in the Update to the Route Pattern notification pop up window.

Allow Dialing from CUCM registered phones to VCS Domain
Step 62: From the main menus select Call Routing ! SIP Route Pattern.
Step 64: Configure the SIP Route Pattern with the following parameters:
a. Pattern Usage ! Domain Routing
b. IPv4 Pattern ! srevideoX.goldlabs.ciscosystems.com
c. SIP Trunk ! CMR_VCS_SIP_Trunk

Step 67: Configure the SIP Route Pattern with the following parameters:
a. Pattern Usage ! Domain Routing
b. IPv4 Pattern ! *.webex.com
c. SIP Trunk ! CMR_VCS_SIP_Trunk


VCS Control (VCS-‐C) Configuration
There are three items that need to be configured on the VCS-C:
• Configuring a neighbor zone that connects to the CUCM
• Configuring a search rule to route calls to that zone
• Configuring a transform that converts number@<IP address of cucm> to number@vcs.domain
Step 69: Open a new tab in the browser and browse to https://vcsc or to https://10.10.1.5
Step 70: If presented with the This Connection is Untrusted warning click ! I Understand the
Risks.
Step 71: Click Add Exception.
Step 72: Click Confirm Security Exception.
Step 73: Login with:

a. Username ! admin
Step 74: From the main menus navigate to

Configuration ! Zones ! Zones.
Step 75: Click New.
Step 76: Configure the new Zone as follows:
a. Name ! CMR CUCM Neighbor
b. Type ! Neighbor
c. Hop Count ! 15
d. H.323 mode ! Off

e. SIP mode ! On
f. SIP Port ! 5060
g. Transport ! TCP
The port number and transport used here must match what will be set in CUCM when
Note:
configuring the SIP Trunk from CUCM to VCS-C (or VCS Expressway Core).
h. Accept proxied registrations ! Deny

i. Media encryption mode ! Auto
j. ICE support ! Off
Step 77: Scroll down to Locations.

a. Peer 1 address ! 10.10.X.10 (This is the IP Address of CUCM in your pod.)
Step 78: Under the Advanced section:

a. Zone Profile ! Custom
b. Call signaling routed mode ! Always
Step 79: Scroll down and click Create Zone.

Step 80: Observe the Status change to Active once the communication over the SIP trunk is
established.

Step 81: Click on the newly created CMR CUCM Neighbor zone.
Step 82: Scroll down to the bottom of the page and observe the Zone Status.
Verify the Trunk is Connected on CUCM

Step 83: Return to the browser tab for CUCM.
Step 84: From the main menus select Device ! Trunk.
Step 85: If necessary, click Find.
Step 86: Observe the SIP Trunks have changed to Full Service. This may take a few moments.
If the trunk is not in Full Service there are two places to check:
• Ensure the SIP port numbers are configured for 5060 on both CUCM and VCS.
Note: • On the SIP Trunk on CUCM, ensure the Destination field is configured with the full
VCS-C name: vcsc.srevideoX.goldlabs.ciscosystems.com. If the vcsc host name is
missing the trunks will display No service on CUCM and as Active on VCS-C.
Create a Search Rule to route calls to the CUCM neighbor zone

Step 87: Return to the vcsc tab in Firefox.
Step 88: From the main menus navigate to Configuration ! Dial plan ! Search rules.
Step 89: Click New.

Step 91: Configure the new Search rule as follows:
a. Rule name ! CMR Route to CUCM
b. Description ! Route 3XXX to CUCM
c. Priority ! 75
d. Mode ! Alias pattern match
e. Pattern type ! Regex
f. Pattern string ! (3\d{3})@srevideoX.goldlabs.ciscosystems.com(.*)
g. Pattern behaviour ! Leave
h. On successful match ! Stop
i. Target ! CMR CUCM Neighbor
j. State ! Enabled
Step 92: Click Create search rule.
Create a Transform for CUCM IP Calls

Step 93: From the main menus select Configuration ! Dial plan ! Transforms.
Step 94: Click New.
Step 95: Configure the transform as follows:
a. Priority ! 40
b. Description ! CUCM IP to domain transformation
c. Pattern type ! Regex
d. Pattern string ! (.*)@10\.10\.X\.10((:|;).*)? (X = Pod Number)
e. Pattern Behavior ! Replace
f. Replace string ! \1@srevideoX.goldlabs.ciscosystems.com\2

g. State ! Enabled
Step 96: Click Create transform.
Enable Endpoints registered on CUCM to call endpoints registered on VCS-C

Step 97: Continuing within Transforms.
Step 98: Click New.
Step 99: Create the new Transform as follows:
a. Priority ! 20
b. Description ! Convert CUCM domain info to VCS SIP domain
d. Pattern string ! (4\d{3})@vcsc.srevideoX.goldlabs.ciscosystems.com(:.*)?
e. Pattern behavior ! Replace
f. Replace string ! \1@srevideoX.goldlabs.ciscosystems.com\2
g. State ! Enabled

The result should be two Transforms:

Create a Traversal Zone from VCS-C to the VCS-E
Step 101: From the main menus navigate to Configuration ! Zones ! Zones.
Step 102: Click New.
Step 103: Create the new Traversal Zone as follows:
a. Name ! Traversal to VCS-E
b. Type ! Traversal client
Step 104: Connection Credentials:
a. Username ! srevideo
Step 105: Scroll down to H.323 and set the Mode to Off.
Step 106: Configure the SIP parameters as follows (These must match later on the VCS-E):
a. Port ! 7001
b. Set Media encryption mode ! Auto
Step 107: Scroll down to Locations.

a. Set the Peer 1 address to ! vcse.srevideoX.goldlabs.ciscosystems.com
(Alternatively just enter vcse.)
Step 108: Click Create zone. (This Zone will not become Active until the peer, VCS-E, is configured
further in the lab.)

Create a Search Rule for VCS-E bound calls
Step 109: From the main menus select Configuration ! Dial plan ! Search rules.
Step 111: Create the Search rule with the following parameters:
a. Rule name ! To Traversal
b. Description ! Send Traversal calls to the VCS-E
c. Priority ! 110
d. Target ! Traversal to VCS-E
Test Calls between CUCM and VCS registered SX20s

Both SX20’s were registered to CUCM and VCS to save time in the lab. The camera on each phone may or
may not be configured to display video.
Step 113: Open a new tab in the browser and browse to the first SX20 http://10.10.X.40. This
SX20 is registered to CUCM, is identified as SX20-40, and has extension 3040.
a. Username ! admin
b. Leave the Password field blank.
Step 115: Open another new tab in the browser and browse to the second SX20 http://10.10.X.41.
This SX20 is registered to the VCS-C, is identified as SX20-41, and has extension 4041.
a. Username ! admin
b. Leave the Password field blank.
Step 117: On either SX20, click the Call Control button in the top
menu.

Step 119: In the Search or Dial textbox under Contacts, type in the number of the other SX20 (3040
or 4041) and then click the green Call button that appears.
Step 120: Under the Participants section, you should see the call being placed. The status should
progress from Dialing to Connecting; and then the call-control buttons should appear to
indicate that the call is in place.
Is the call from 4041 t0 3040 dropping immediately?

Log into the SX20-40 and verify/set the following setting:
• Configuration ! System Configuration
• From the menus on the left click SIP
Tip:
• Under Profile 1 ! URI
• Make sure this is set to 3040@srevideoX.goldlabs.ciscosystems.com
• From the menus on the left scroll up to Conference.
• Under Auto Answer set the Mode to On. Click Save.
Step 121: If you desire to do so, switch to the other SX20 web interface and click on Call Control
there to see that the call shows as in place there.
The web interface on the SX20s will not show the real-time video feed from the camera or
presentation source, nor will you be able to see the video from the other endpoint on the
web interface. If you click on the Main Source screen, you will be shown a snapshot of
Note:
the camera feed for 10 seconds. If you click on the Presentation Source screen, you will
be shown a snapshot of the presentation feed for 10 seconds – which will be a black
screen, because no PC is connected to either SX20.
Step 122: Click the End all or the single End Call button (the call control
button with the red handset icon) on either SX20 to disconnect the
call.
Step 123: (Optional) If you desire to do so, place a call from the other SX20,
back to the SX20 that you originated the call on in Step 110, to ensure that calls are able to
be made in both directions. Remember to also end this call when you are satisfied that two-
way calling is working.


VCS Expressway Configuration
The TelePresence Video Communication Server Expressway or Edge is an important and necessary
component to the deployment of CMR Hybrid. In order to configure the VCS the following, at minimum,
must be in place:
• The VCS Expressway must be running firmware X8.5 or a later release.
• Endpoints are registered to VCS-C, VCS Expressway, and/or CUCM.
• Must be assigned a static IP Address.
• Firewall must have port 5061 open to allow access to VCS Expressway
• Conference Bridge(s) to be used (MCU or TelePresence Server) are already operational within the
network.
• The VCS-C or Expressway-Core is in the private network.
• The VCS Expressway or Expressway-Edge is in the DMZ and has access to the Internet.
• Set zones and pipes appropriately (according to your network’s requirements) to allow a minimum
of 1.1 Mbps for WebEx calls.
• If endpoints are registered to Cisco VCS-C it must be configured as the SIP Registrar/H.323
gatekeeper.
An important step in configuring CMR Hybrid/Cloud is ensuring the VCS Expressway has a WebEx
supported publicly signed certificate. Self-signed certificates are NOT supported.
WebEx supports certificates that are issued by specific Root Certificate Authorities. Certificate providers
may have multiple Root Certificate Authorities and not all may be supported by WebEx. Your certificate
must be issued by one of the following Root Certificate Authorities (or one of their Intermediate Certificate
Authorities) or the call from your Cisco Expressway-E or Cisco VCS Expressway will not be accepted by
WebEx:
• entrust_ev_ca • equifax_secure_ca
• digicert_global_root_ca • entrust_2048_ca2
• verisign_class_2_public_primary_ca_-_g3 • verisign_class_1_public_primary_ca_-_g3
• godaddy_class_2_ca_root_certificate • ca_cert_signing_authority
• Go Daddy Root Certification Authority - G2 • geotrust_global_ca
• verisign_class_3_public_primary_ca_-_g5 • globalsign_root_ca
• verisign_class_3_public_primary_ca_-_g3 • thawte_primary_root_ca
• dst_root_ca_x3 • geotrust_primary_ca
• verisign_class_3_public_primary_ca_-_g2 • addtrust_external_ca_root
This list may change over time. For the most current information, contact WebEx or review the
information at the following link: https://kb.webex.com/WBX83490.
Caution: Wildcard certificates are not supported on Cisco VCS Expressway.
2
To use a certificate generated by entrust_2048_ca with Cisco VCS Expressway upgraded from X7.2, you must
replace the Entrust Root CA certificate in the trusted CA list on the Cisco VCS Expressway with the newest version
available from Entrust. You can download the newer entrust_2048_ca.cer file from the Root Certificates list on the
Entrust web site (https://www.entrust.net/downloads/root_index.cfm).

For information on how to generate a Certificate Signing Request (CSR) please refer to the CMR Hybrid
Config guide for TMS 15 (cmr_hybrid_config_guide_tms_15.pdf) available on CCO.
Each VCS Expressway in the lab is already:

$ Configured with a publicly signed certificate
Note:
$ Configured with DMZ and External IP Addresses
$ System Name, DNS, and NTP information
Create a New DNS Zone

Connection to the WebEx cloud uses a new DNS Zone. Since the VCS-E is externally accessible it is
possible to configure it using the browser on your own PC / Laptop.
Step 124: Launch your own supported browser and navigate to !
https://vcse.srevideoX.goldlabs.ciscosystems.com.
Step 125: Log in with:
a. Username ! admin
Step 126: From the main menus navigate to Configuration ! Protocols – H323.
Step 127: Set the Mode to Off.

Step 129: From the main menus navigate to Configuration ! Protocols ! Interworking.
Step 130: Set the H.323 to SIP interworking mode to Off.

Step 132: From the menus navigate to Configuration ! Zones ! Zones.
Step 134: Configure the Zone with the following parameters:
a. Configuration:
i. Name ! DNS Zone
ii. Type ! DNS
b. H.323
i. Mode ! Off

c. Under SIP:
i. Fallback transport protocol ! TCP
(If the Fallback Transport Protocol is left at UDP it will produce an alarm in the lab environment.)
Step 135: Click Create zone.
Create a Traversal Zone

The VCS Expressway acts as a Traversal Server. An Option Key is required in order to enable this
functionality and has already been applied to this VCS Expressway. To view the installed option keys
navigate to Maintenance ! Option Keys. (Note: Altering these Options keys will result in your VCS
Expressway no longer functioning correctly and will result in lost lab time.)
This Traversal zone should become Active as the Traversal client zone was created earlier on the VCS-C.
Step 136: From the main menus navigate to Configuration ! Authentication ! Devices ! Local
database.
Step 137: Click on New.
Step 138: Create the user:
a. Name ! srevideo
Step 139: Click Create credential.
Step 140: From the main menus navigate to Configuration ! Zones ! Zones.
Step 141: Click on New.
Step 142: Configure the Traversal Zone with the following parameters:
a. Name ! Traversal Zone – Server
b. Type ! Traversal Server
c. Connection credentials:
Username ! srevideo
Step 143: Turn H.323 Mode to Off.
Step 144: Set the SIP parameters to the
following:
a. Port ! 7001
Step 145: Click Create zone.

Create Transforms for incoming Calls
Step 146: From the main menu navigate to Configuration ! Dial plan ! Transforms.
Step 148: Create the Transform with the following parameters:
a. Maintain the Priority of 10.
b. Description ! Add domain information to incoming calls
d. Pattern string ! ([^@]*)
e. Pattern behavior ! Replace
f. Replace string ! \1@srevideoX.goldlabs.ciscosystems.com
Create a Search Rule to send calls to the VCS-C

Step 150: From the main menus navigate to Configuration ! Dial plan ! Search rules.
Step 152: Configure the search rule with the following parameters:
a. Rule name ! Traversal Zone Search Rule
b. Description ! Send Traffic to VCS-C
c. Target ! Traversal Zone – Server

Create a generic Search Rule for External Dialing
Step 154: While still under Search rules, click New.
Step 155: Create the new search rule with the following parameters:
a. Rule name ! DNS Search Rule
b. Description ! Search DNS for External Dialing
c. Priority ! 110
d. Source ! All zones
e. Mode ! Alias pattern match
f. Pattern type ! Regex
g. Pattern string ! (?!.*@%localdomains%.*$).*
h. Pattern behavior ! Leave
i. Target ! DNS Zone
Configure a WebEx Search Rule

Step 157: While still under Search rules.
Step 159: Configure the Search rule with the following parameter s
a. Name ! DNS Rule for CMR Cloud (this Rule is used for both CMR Hybrid and CMR
Cloud.)
b. Description ! Search DNS for External Dialing
c. Priority ! 80
d. Mode ! Alias pattern match

f. Pattern type ! Regex
g. Pattern string ! (.*)@(.*)(\.webex\.com).*
h. Pattern behaviour ! Replace
i. Replace String ! \1@\2\3
j. On successful match ! Stop
k. Target ! DNS Zone


Section 3: CMR Cloud

CMR Cloud Overview
CMR Cloud allows participants to join a meeting from the WebEx web application, from a phone, or from
any standards-based video device. Video devices negotiate all media (main video, content, and audio) to
and from the WebEx cloud. This media flows are setup via either SIP or H.323 (SIP is recommended).
Cisco TelePresence infrastructure may be used for call control and firewall traversal, but is not required.
WebEx offers multiple audio solution options for WebEx application users and phone participants. For CMR
Cloud, available options are WebEx Audio (including Cloud Connected Audio) and Teleconferencing Service
Provider (TSP) audio that has been verified compatible with CMR Hybrid/CMR Cloud.
Recommended Network Infrastructure for CMR Cloud Deployments include:
• Call control, device registration
o Cisco Unified Communications Manager (tested releases: 9.1(1), 9.1(2) and 10.5)
o Cisco VCS-C and Cisco VCS Expressway (tested release X8.1)
• Firewall traversal, mobile and remote access
o Cisco Expressway-C and Cisco Expressway-E (tested release: X8.1)
o Cisco VCS-C and Cisco VCS Expressway (tested release: X8.1)
Version X8.1/X8.1.1, calls to the WebEx cloud will fail if you configure the Cisco
Note: Expressway-E or Cisco VCS Expressway for static NAT and enable media encryption. To
secure calls when using static NAT, we recommend upgrading to X8.2 or later.
Create/Verify CUCM Route Patterns to CMR Cloud
When a WebEx user is set up for CMR Cloud, they will be assigned a nine-digit pilot number that
identifies their meeting room. Participants can dial into a particular meeting room by dialing the
URI formatted as <nine-digit-pilot>@<cmr site name>.webex.com.
If your organization has endpoints that are not capable of URI dialing, you can allow those
Notes:
endpoints to still dial into CMR Cloud by creating a CUCM route pattern that identifies a
particular numeric (using 0-9, * or # on the dialpad) prefix, followed by a nine-digit pilot
number; and routes that string to the VSCc. In our lab, we’ll create a route pattern that looks
for the prefix of 8, followed by nine digits, to route those calls to , to be forwarded to CMR Cloud
Step 161: Return to the browser tab connected to CUCM (https://video-cucm/ccmadmin).

Step 162: From the main menus navigate to Call Routing ! SIP Route Pattern.
Step 163: We’ve already created a SIP route pattern for CUCM to route calls with SIP URIs to the VCS-
C, however, this pattern was srevideoX.goldlabs.ciscosystems.com. We need to either
modify the existing pattern or add another pattern to route all SIP URI calls to the VCS-C.
Under the Find and List SIP Route Patterns section, click the Find button to list all SIP
route patterns.

Step 165: Click on the pattern srevideoX.goldlabs.ciscosystems.com.
Step 166: Note that this pattern is already forwarding traffic to the VCS-C via a SIP trunk. Change the
IPv4 Pattern to be *.* to match all SIP URI dialing. Then, Save the pattern.
Step 167: Navigate to Call Routing ! Route/Hunt ! Route Pattern.

Step 168: Under the Find and List Route Patterns section, click the Add New button to create a
new route pattern.
Step 169: Configure the new Route Pattern as follows:

a. Route Pattern ! 8.XXXXXXXXX (There are 9 X’s in the pattern)
b. Description ! Routing for CMR Cloud
c. Configure the Gateway/Route List to be ! CMR_VCS_SIP_Trunk.
This allows calls dialed from CUCM endpoints to numbers starting with 8, followed by an
additional nine digits, to be forwarded to the VCS-C.

Create a Transform on VCS-C
Step 171: The next step is to create a transform on VCS-C that matches any dial string starting with 8
followed by nine digits. Return to the browser session to the VCS-C https://vcsc. When
prompted for credentials, enter the username of admin and C!sc0123 as the password.
Then click Login.
Step 172: Navigate to Configuration ! Dial plan ! Transforms.
Step 173: Click New to create a new transform.

a. Description ! Translate Numeric Pilot to URI Pilot
b. Pattern type ! Regex
c. Pattern string ! 8(\d{9}) (This matches an 8 followed by nine digits.)
d. Replace string ! \1@cloud-srelab.webex.com
For this lab, all pods are sharing the same WebEx site – cloud-srelab.webex.com.
As a result of the configuration above, when a CUCM endpoint dials 8123456789, CUCM will
forward the call to the VCS-C. The VCS-C will transform the called number and will
Notes:
ultimately route the call to 123456789@cloud-srelab.webex.com. An endpoint registered
directly to the VCS-C can also dial the same pattern (8 followed by nine-digits) and the
VCS-C will perform the same transform and forward the call.
Create a CUCM SIP Route Patterns to Support SX20 Dialing Restrictions
For Our Lab Only

In our lab, we are using SX20 video endpoints. If you try to dial a numeric-only pattern
from an SX20, the SX20 will automatically add its own domain to the numeric pattern to
create a SIP URI (trying to dial 8123456789 from an SX20 will result in the dialed number
being changed to be 8123456789@srevideox.goldlabs.ciscosystems.com). To emulate
Notes:
direct pilot-number dialing on the SX20s in our lab, we will create another SIP route
pattern on CUCM and another transform on the VCS-C to translate that dialed number.
The following CUCM SIP route pattern and VCS-C translation are only required because of
our lab environment. However, if your organization also has endpoints that will only
perform URI dialing, you can use the same tricks that we use here.
Step 176: Click New to create another new transform.

a. Description ! Translate Pilot @SRE dialing to Pilot at the CMR Cloud
b. Pattern type ! Regex
c. Pattern string ! (\d{9})@SRE$
d. Replace string ! \1@cloud-srelab.webex.com
Step 179: Return to the browser session to the CUCM at https://video-

cucm/ccmadmin. When prompted for credentials, enter the username
of Administrator and C!sc0123 as the password. Then click Login.
Step 180: From the main menus navigate to Call Routing ! SIP Route Pattern.

Step 182: Under the Find and List SIP Route Patterns section, click the Add New button to create
a new SIP route pattern.
Step 183: Configure the SIP Route Pattern as follow:

a. IPv4 Pattern ! sre (remember that the SIP patterns are not case-sensitive)
b. Description ! Distinctive Routing for CMR Cloud
c. SIP Trunk/Route List ! CMR_VCS_SIP_Trunk
Step 184: Click Save. As a result of this configuration, CUCM will route calls where the dialed pattern
has sre (or SRE) as the domain part (the part after the @ sign) to the VCS-C.
As a result of the configuration above, when a CUCM endpoint dials 123456789@SRE,

CUCM will forward the call to the VCS-C. The VCS-C will transform the called number and
Note: will ultimately route the call to 123456789@cloud-srelab.webex.com.
Because the dial string includes the @SRE, the SX20s won’t add their own domain to the
dialed pattern.
Verifying WebEx Site Administration Settings for CMR Cloud
Step 185: The WebEx site administrator can enable personal Collaboration Meeting Rooms (also
referred to as Personal Rooms) at the site level and can then enable or disable them for
each user. An administrator can also suspend a personal CMR, which blocks host and guest
access, until the owner changes his or her host PIN. Open a web browser to your pods CMR
Cloud WebEx Site – using the URL of https://cloud-srelab.webex.com/admin.
This WebEx site is a public site and as such can be accessed from your own browser. Since
Note: it is a public site access is via a read only Administration account. In the following WebEx
Admin steps you will only verify configuration.
Step 186: When prompted, log in as username podX (where X is your pod number) with password
C!sc0123

Step 187: Click on Site Settings in the left navigation pane and then scroll down the Site Settings
page until you reach the Cloud Collaboration Meeting Room Options section. Note that
the option to Use a pilot number has been enabled. Also note that users will be notified
that internal (site) users can be reached by dialing their pilot number.
Step 188: Click on Edit User List in the left navigation pane and then click on Pod Number X to view
your pod user’s configuration options.
Step 189: Scroll down the configuration settings page to the General section. There, note that your
pod user has both Personal Room and Collaboration Meeting Room enabled on its account.
Personal Rooms are part of every Meeting Center package. Personal room owners share
the link to their permanent, personalized video conferencing space. Personal Room
meetings can be scheduled ahead of time or the room owner leave their room open and let
Notes: people drop in.
Collaboration Meeting Rooms are similar to Personal Rooms, but Collaboration Meeting
Rooms allow participants to connect from any standard video conferencing hardware or
software.
Step 190: Logout of the WebEx Site Administration page; and redirect your browser to the standard
WebEx user login page. You can get there by modifying the URL in your web browser menu
bar by removing everything after webex.com. (https://cloud-srelab.webex.com)

Step 192: Click the Log In button at the upper right part of the page.
Step 193: Log in with username podX and password C!sc0123.
Step 194: If you’re prompted to Install WebEx Productivity Tools, close the reminder box.
Step 195: From the main WebEx page, note the multiple ways that participants can join your pod
user’s room:
1. Users can open a web browser to https://cloud-srelab.webex.com/meet/podX - this is
the traditional way of joining a personal room – opening a browser and loading the
WebEx client.
2. The nine digit number shown is the pilot number for this user (in this example, it is
382139478).
3. A video conferencing system can dial podX@cloud-srelab.webex.com to go straight into
the meeting room. This is the Collaboration Meeting Room functionality. Note that
video conferencing systems can also dial 382139478@cloud-srelab.webex.com to go
straight into the meeting room.
4. Audio-only endpoints (phones) can call the access numbers through the PSTN and then
provide the same pilot number (identified here as the access code) to connect into the
room

Verification and Completion for CMR Cloud
Step 196: Write down the pilot number for your pod user’s Room (the pilot number in your lab pod will
likely be different than what is shown in the examples in this guide.
Meeting Room Pilot Number: __________________________________________
Step 197: Click the Enter Room button to enter your pod user’s Personal Room. If you’re prompted
to install WebEx client software, please allow the installation.
Step 198: You will be joined into the pod user’s personal room.
Step 199: Leave the WebEx client open; and from CMR-WS01-PodX return to the browser tab to the
SX20 registered to the CUCM at 10.10.x.40 (where x is your pod number). Log into the
SX20 web interface with username admin. There is no password configured on the SX20.
Step 200: Once logged into the SX20, click on Call

Control.
Step 201: Type the pilot number that you recorded
above, followed by @SRE, into the call number box and click the Call button.
Remember:
The @SRE at the end of the dial number is to keep the SX20 from appending its own domain to
Note:
the number.
VCS-C will transform the @SRE to be @cloud-srelab.webex.com

Step 202: On the right side of the screen, you should see that the SX20 is calling. You should see the
status of the call go from Dialing to Connecting and then you should see the call control
buttons appear as shown below. The call control buttons are your indication on the SX20
that the call was successful.
Step 203: Return to the WebEx Meeting Room – you should see that
3040@srevideox.goldlabs.ciscosystems.com has joined the meeting, and you should also
see the video from the SX20’s camera.
Step 204: Leave the WebEx client open; and from CMR-WS01-PodX return to the browser session to
the SX20 registered to the VCS-C at 10.10.x.41 (where x is your pod number). Log into the
SX20 web interface with username admin. There is no password configured on the SX20.
Step 205: Dial the meeting pilot number to call into the meeting room from the second SX20.
Step 206: Returning to the WebEx Meeting Room again, you should see that
4041@srevideox.goldlabs.ciscosystems.com has also joined the meeting.
Step 207: To test content sharing, return to one of the two SX20s, and change the Presentation
Source from PC to Camera.

Step 209: At the bottom of the Presentation Source screen, click the Start Presentation button.
Step 210: Quickly return to the WebEx client. You should now see the camera output of the SX20
showing in the presentation area of the WebEx meeting room.
We used a camera as the presentation source – just to demonstrate that presentation is working
in the CMR Cloud meeting room. If you like, you can change the presentation source back to
Notes: PC. A blank screen will show in the presentation area of the meeting because no PC is
connected to the SX20. If you do this, the presentation will time out after a few seconds
because there is nothing being presented. This is normal behavior.
Step 211: As the pod user on the WebEx client, click the Leave Room button (you may have to click
on the Quick Start tab to get to the button. When you are warned about the meeting
ending for all participants, click the other Leave Room button.
Step 212: After a few seconds, you should see the call clear from both SX20s.
This concludes the CMR Cloud lab. Thank you for participating. Please
remember to complete the survey for this session.


Appendix A
Certificate Installation on VCS Expressway

Certificate Installation
Before installing the server certificate on the Cisco Expressway-E or Cisco VCS Expressway,
Note: make sure it’s in the .PEM format. If the certificate you received is in a .CER format
change the file extension to .PEM to convert it.
Server Certificate
Step 1: From the main menus select Maintenance ! Security certificates ! Server
certificates.
Step 2: Under Upload new certificate click on Browse….
Step 3: Locate the new server certificate. <csr_filename>.pem

Step 4: Click Upload server certificate data.
Trusted CA Certificate(s)
Step 5: From the main menus navigate to Maintenance ! Security certificates ! Trusted CA
certificates.
Step 6: Under Upload click on Browse….
Step 7: Select the Trust certificate <filename.pem>.
Step 8: Click Append CA certificate.

Step 9: Repeat this for all .PEM files.

CMR Cloud Lab Guide Community

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

CMR Cloud Lab Guide Community

Uploaded by

Copyright:

Available Formats

Collaboration

Brought to you by the Solutions Readiness Engineers

Solutions Readiness Engineers Version 5.1 Page 2 of 46

Table of Contents

Section 1: CMR Overview ............................................................................................................................. 7

Section 2: Preliminary Configuration .......................................................................................................... 10

Section 3: CMR Cloud ................................................................................................................................. 34

Appendix A ................................................................................................................................................. 45

Solutions Readiness Engineers Version 5.1 Page 3 of 46

Solutions Readiness Engineers Version 5.1 Page 4 of 46

Lab Systems Information

Domain = srevideoX.goldlabs.ciscosystems.com (X = Your assigned pod number (2 through 10))

Throughout these lab steps, we will refer to the domain as

Username Password First Name Last Name Extension Role

WebEx Site Information:

CMR Cloud Address ! cloud-srelab.webex.com

Solutions Readiness Engineers Version 5.1 Page 5 of 46

o Cisco TelePresence Management Suite Configuration Guides

o CMR Hybrid Configuration Guide with TMS 14.6

o Cisco Virtual TelePresence Server (vTS)

o CMR Landing page on CCO

o Impersonation and EWS in Exchange

o CMR Cloud Configuration Guide

o Voice of the Engineer link (Partner Community)

Solutions Readiness Engineers Version 5.1 Page 6 of 46

Section 1: CMR Overview

Solutions Readiness Engineers Version 5.1 Page 7 of 46

Why Choose CMR?

Which CMR deployment do I choose?

Slide courtesy of Steve Greenberg – CSE / VoE_CMR

Solutions Readiness Engineers Version 5.1 Page 9 of 46

Section 2: Preliminary

Solutions Readiness Engineers Version 5.1 Page 10 of 46

Convert to SIP Early Offer (CUCM-Centric Deployments)

Configure a SIP Trunk between CUCM and VCS-C

Solutions Readiness Engineers Version 5.1 Page 11 of 46

In a production environment it is highly recommended that CUCM is backed up on a

Configure the Cluster Fully Qualified Domain Name (FQDN)

Step 6: Set the Organizational Top Level Domain to srevideoX.goldlabs.ciscosystems.com

Step 7: Set the Cluster Fully Qualified Domain Name to

Step 8: Click Save.

Create a Copy of the Standard SIP Profile for Cisco VCS

Step 14: Scroll down to Trunk Specific Configuration.

Solutions Readiness Engineers Version 5.1 Page 13 of 46

Step 18: Click Go next to Back to Find/List.

Create a copy of the Standard SIP Profile

Step 23: Click Save.

Region Session Bit Rate for Video Calls

Solutions Readiness Engineers Version 5.1 Page 14 of 46

Step 29: Click Apply Config.

Step 33: Click Restart in the Device Reset pop up box.

Configure the SIP Trunk Security Profile

Solutions Readiness Engineers Version 5.1 Page 15 of 46

Step 41: Click Save.

Create a SIP Trunk to VCS

Solutions Readiness Engineers Version 5.1 Page 16 of 46

f. SRTP Allowed ! Check this box

Solutions Readiness Engineers Version 5.1 Page 17 of 46

Step 53: Click Reset.

Step 59: Click Save.

Solutions Readiness Engineers Version 5.1 Page 18 of 46

Step 65: Click Save.

Step 68: Click Save.

Solutions Readiness Engineers Version 5.1 Page 19 of 46