Collaboration 3
Collaboration 3
Collaboration 3
■ Cisco TelePresence Endpoint Portfolio Overview: This section describes the entire
Cisco TelePresence Endpoint portfolio.
■ Cisco Intelligent Proximity for Content Sharing: This section discusses this new
technology Cisco created that enables users to interface with their video endpoints from
smartphones, tablets, and computers.
■ Cisco Jabber Video for TelePresence Characteristics and Installation: This section
describes characteristics of Jabber Video for TelePresence, what components are needed
for it to work, and how to configure them.
CHAPTER 7
This chapter discusses TelePresence endpoints within Cisco’s product line. This chapter
notes key differences between the software bases for each product grouping, identifies
what call control servers can be used for each product grouping, and discusses relative char-
acteristics for each endpoint.
Caution The goal of self-assessment is to gauge your mastery of the topics in this
chapter. If you do not know the answer to a question or are only partially sure of the
answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you correctly guess skews your self-assessment
results and might provide you with a false sense of security.
1. What technology does TIP use during immersive calls that allows endpoints to con-
serve bandwidth and streamline the sending and receiving of audio and video?
a. DX80
b. EX90
c. CTS 1100
d. CTS 500
3. What is the software base for the DX series endpoints?
a. TC
b. Android
c. Apple IOS
d. CTS
4. Which Integrator solution uses EuroBlocks for audio connections?
a. SX20
b. SX80
c. C60
d. C90
5. How many XLR mic outputs does the C90 have?
a. 2
b. 4
c. 6
d. 8
Chapter 7: Cisco TelePresence Endpoint Characteristics 159
6. Which of the following features differentiates the MX300 G2 endpoint from the
MX300 endpoint?
a. 55-inch monitor
b. 1920x1200 resolution
c. 1 PC port
d. 2-2nd input sources
7. Which of the following is not a feature that comes with the MX800 endpoint?
a. Bluetooth
b. High-frequency sound waves
c. IP WLAN to LAN connection
d. Circuit-switched connection
10. Which of the following is not a component used when deploying a Jabber Video for
TelePresence solution?
a. Cisco VCS
b. Cisco TMS
c. Cisco Unified CM
d. DNS
170 CCNA Collaboration CIVND 210-065 Official Cert Guide
parameters necessary for provisioning to work. In addition, TMS creates two databases:
TMS Agent and SQL. This is a second sequence of SQL dedicated exclusively to TMSPE.
The first step in configuring provisioning is to establish replication between TMS and the
VCS. To enable replication, the VCS must have the device provisioning option key installed.
This option key enables two databases on the VCS, TMS Agent, and Open DS. To estab-
lish replication, on TMS go the System menu and the Navigator submenu. Click the VCS,
and then click the Provisioning tab. Configure the settings displayed on this page. A visual
confirmation will indicate replication is established. Figure 7-3 illustrates the provisioning
configuration settings on TMS, along with the visual confirmation indicating replication has
been established.
Information that is replicated between the VCS and TMS include user account information,
phonebooks, and the availability of provisioning licenses, which exist on TMS. This infor-
mation is stored on the Open DS and SQL databases enabled with provisioning.
Once replication has been established, the next step is to configure the provisioning data-
base on TMS. This can be found by navigating to the System menu and the Provisioning
submenu. The Provisioning submenu has three options: Users, FindMe, and Devices. The
Users option is where all the configurations for Jabber Video for TelePresence need to be
configured. The elements that need configured here include groups, users, user settings,
configuration templates, and schemas. Groups are used to segregate users based on varying
privilege levels that will be assigned to them using templates. If all users will share the same
Chapter 7: Cisco TelePresence Endpoint Characteristics 171
privileges, no additional groups need to be configured. User settings are the URI schemes
that will be used for dialing and identifying Jabber Video for TelePresence clients. These
URI patterns are template based so that they can be applied to all users within a group.
Schemas are sets of configuration options based on the system type and version being used.
For each schema used, a template must be configured. Templates are the configurations
settings that will be applied to a group of users. Each schema must have at least one tem-
plate associated with it, but schemas can support multiple templates as well. Users can be
configured manually or integrated through a Lightweight Directory Access Protocol (LDAP)
server, like Microsoft Active Directory (AD).
To create groups, select the root group, and then click the Add Group button at the top of
the left column. When the pop-up window appears, enter the group name and click Save.
Once a group has been created, users can be added to that group. To add a manual user,
click the Add User button at the top of the left column. The top three fields must be con-
figured at a minimum. They are Display Name, User Name, and Password. Click Save when
finished. Figure 7-4 shows the Add Group and Add User buttons, along with the manual
user configuration pop-up window.
To integrate LDAP users, click the Configure button under the User Import menu in the
right column. Select the type from the drop-down list of choices. They are Active Directory
(AD), Active Directory with Kerberos (Secure AD), and Lightweight Directory Access
Protocol (LDAP). Fill in the configuration fields presented on the pop-up window and click
Save. Once complete, synchronization with the LDAP server can be initiated by clicking the
Sync Now button. Figure 7-5 shows the configuration fields needed for AD integration.
172 CCNA Collaboration CIVND 210-065 Official Cert Guide
Now that groups and users have been added to the provisioning directory, user settings can
be configured. In the right column, click Edit under User Settings. At a minimum, the video
address pattern and device address pattern must be configured. The video address pattern
is the address that will be displayed on a destination endpoint when in a call. The device
address pattern is the address that will be used to dial provisioned devices. Typically, these
patterns are configured the same. Click OK when finished. Figure 7-6 shows how these user
settings are configured.
Now you can add schemas. At the bottom of the left column, click the Configuration
Templates menu. Click the Add Schema button at the top of the left column, browse to
where the schema is located on your computer, and then click OK. Figure 7-7 shows how to
browse for schemas.
Chapter 7: Cisco TelePresence Endpoint Characteristics 173
After all schemas have been uploaded to TMS, templates can be created based on these
schemas. Select a schema, and then click the Add Template button at the top of the left
column. Configure a name for the template and click OK. Select the template that was just
created in the right column, and click Edit Configurations below the Configurations sec-
tion. Configure all the configuration settings needed and click Save. Many setting options
within a template can be configured. Cisco recommends three settings be configured at a
minimum. Those three settings are the SIP Server Address, Presence Server URI, and the 7
Phone Book Server URI. Figure 7-8 shows how to configure templates.
Once the templates have been configured, click the Users and Groups menu at the top of
the left column. Select a group from the list that was created in a previous step. At the bot-
tom of the right column, click Assign Templates from the Configuration Templates section,
check the box beside all the templates that should be assigned to this group, and click Save.
After templates have been assigned to groups, Jabber Video for TelePresence clients are
ready to be used.
After the Jabber Video for TelePresence application has been installed on your computer,
open the applications and enter the username and password as they have been configured
in the provisioning directory. Click the wrench/screwdriver X icon and select the Sign-in
Settings menu option. Enter the IP address or the URL of the internal server (VCS Control),
external server (VCS Expressway, which is optional), and the SIP domain. Click OK when
finished, and then click the Sign In button when finished. After you are signed in, calls can
be placed to other endpoints. Figure 7-9 shows what the Jabber client will look like after
the sign-in process is complete.
Summary
Cisco has many endpoint solutions available that span three main software-based platforms.
They are CTS software based, Android software based, and TC software based. These
endpoints have a variety of different features, use two different communication protocols
to communicate (SIP and H.323), and register to two different call control servers (Cisco
Unified CM and Cisco VCS). Some of the key topics discussed include how TIP works
using immersive telepresence room solutions with multiplexing technology for RTP and
RTPC protocols. Nonimmersive CTS endpoints include the CTS 500, CTS 1100, and the
TX1300 endpoints. Immersive endpoints include the TX9000 series and the new IX5000
Chapter 7: Cisco TelePresence Endpoint Characteristics 175
series. DX series endpoints include the DX650, DX70, and DX80. The TC portfolio is the
most expansive of the three previously mentioned software-based product lines. SX end-
points include the SX10, SX20, and the SX80. Other integrator systems include the C40,
C60, and C90. Personal systems include the EX60 and the EX90. Comparisons were made
between the MX200 and MX200G2, in addition to between the MX300 and MX300G2.
Other MX meeting room solutions include the MX700 and the MX800. Many different
peripheral devices can be used in conjunction with these TC endpoints (namely, the new
and improved cameras called Precision60 cameras, which work with the SpeakerTrack dual
camera option). Other great and innovative products are the Touch 8 and Touch 10 control-
ler pads. Intelligent Proximity for Content Sharing is another great example of the leading
ingenuity Cisco brings to collaboration solutions. Finally, there is the Cisco Jabber Video
for TelePresence soft client that brings mobility together with Cisco’s premium HD video
solutions.
7
176 CCNA Collaboration CIVND 210-065 Official Cert Guide
CTS, RTP, SRTP, RTCP, multiplex media, TIP, IMTC, H.265, UC, WSVGA, LCD, FHD
capacitive, HDMI, DVI, EuroBlock, BNC, XLR, RCA, YPrPb, S-video, ISDN, BRI, PRI,
PRI, V.35, TMS, VCS, LDAP, AD
7
This chapter covers the following topics:
■ Cisco TelePresence CTS Software-Based Endpoint Setup: This section discusses
three different options used to interface with the Cisco TelePresence CTS software-
based endpoints.
■ Configure a Cisco TelePresence CTS Software-Based Endpoint: This section cov-
ers the first-time setup process for Cisco TelePresence CTS software-based endpoints,
how it caches DHCP addresses, how and when to use the default IP address, how to
default the endpoint, and how to statically assign IP information and TFTP server
addresses.
■ Calibrate a Cisco TelePresence CTS Software-Based Endpoint: This section
discusses how to run the First-Time Setup Wizard and how to calibrate the Cisco
TelePresence CTS software-based endpoints.
■ Cisco TelePresence CTS Software-Based Endpoint User Accounts: This section
covers the different user accounts available on Cisco TelePresence CTS software-based
endpoints, how to secure those accounts, and how to perform the password recovery.
CHAPTER 8
This chapter looks more closely at the similarities of the registration process the CTS end-
point uses to that of other UC products. Further discussion includes a beginning-to-end
process demonstrating how to configure the CTS endpoint, calibrate it to the room environ-
ment, and set up and support user accounts.
Caution The goal of self-assessment is to gauge your mastery of the topics in this
chapter. If you do not know the answer to a question or are only partially sure of the
answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you correctly guess skews your self-assessment
results and might provide you with a false sense of security.
180 CCNA Collaboration CIVND 210-065 Official Cert Guide
1. Which of the following Cisco IP Phones can be used as a control device with the
Cisco CTS 500-32 endpoint?
a. 7970
b. 8831
c. 8945
d. 9971
2. Which of the following Cisco Touch controllers can be used as a control device with
the Cisco CTS 500-32 endpoint?
a. Touch 8
b. Touch 10
c. Touch 12
d. Touch devices cannot be used with this endpoint.
3. Which option allows for multiple TFTP servers to be discovered during the DHCP
process?
a. Option 66
b. Option 99
c. Option 15
d. Option 150
4. Which of the following are ways that can be used to interface with the Cisco CTS
500-32 endpoint?
a. 192.168.1.2
b. 192.168.100.2
c. 192.168.2.2
d. 192.168.200.2
6. Which of the following commands will reset the Cisco CTS 500-32 endpoint but not
delete any Image Slot files?
7. When can the Setup Wizard be used on the CTS 500-32 endpoint?
a. Guest
b. Admin 8
c. User
d. Helpdesk
182 CCNA Collaboration CIVND 210-065 Official Cert Guide
Foundation Topics
The first object that needs to be identified when setting up CTS 500-32 endpoints is the
control device used to interface with them. Cisco makes two options available to the cus-
tomer. The first is a Cisco 7970G or 7975G VoIP phone. Alternatively, the Cisco Touch 12
can be used. The following steps outline the process a CTS 500-32 endpoint goes through
to register to the Cisco Unified CM:
1. A Cisco CTS 500-32 endpoint receives power from a power cube. When a VoIP
phone is used, it receives PoE from the CTS 500-32 endpoint, but both endpoints
send separate communications out across the network.
2. The first message they send out is the Cisco Discovery Protocol (CDP) to the switch.
This CDP communication is used to obtain the voice VLAN information.
3. Once VLAN discovery is complete, the two endpoints will a Dynamic Host Control
Protocol (DHCP) Discovery message to the DHCP server. Typically the DHCP server
is a router, but the Cisco Unified CM can also fulfill this role. A limitation in using
the Cisco Unified CM is that it only allows support for 1000 devices. However, in
either case, an option is made available for the TFTP server address to be discovered
at the same time. This option is called Option 150. Once the DHCP server receives
the DHCP Discovery, it responds with a DHCP Offer. The DHCP offer includes an
IP address, subnet mask, default gateway address, TFTP server address (with use of
Option 150), and possibly one or more Domain Name System (DNS) addresses. The
endpoints respond to the DHCP Offer with a DHCP Request for the specific informa-
tion sent in the DHCP Offer. The DHCP server then sends a DHCP Acknowledgment
authorizing the use of the DHCP information exchanged and end the DHCP session.
4. Now that both endpoints have appropriate IP address information and the TFTP
server address, they can send a TFTP Get message to the TFTP server. This message
is typically sent over HTTP when using current endpoints, although TFTP signaling
could be used as well. The communication the endpoints sent to the TFTP server con-
tains their MAC addresses because that is what the Cisco Unified CM uses to identify
the endpoint. The first element the endpoint tries to download is a certificate trust
186 CCNA Collaboration CIVND 210-065 Official Cert Guide
The CTS 500-32 endpoint allows users to interact with it using the CLI as well. Before using
the CLI, it is important to understand that there is no Telnet support on this device, nor is
there a serial or console interface. Therefore, only Secure Shell (SSH) can be used. To use
SSH, you need to use an emulator, like PuTTY, to begin the session. Enter the IP address
of the endpoint and click Open. When prompted, enter the username and password. When
you see the admin: prompt, you have successfully logged in. The command structure is simi-
lar to the CLI of the Cisco Unified CM, because it is built from the same Red Hat software
kernel. The ? can be used to list commands that are less familiar. Some of the base-level
commands are utils, show, call, and set. Whereas calls could not be initiated from the web
interface, they can be initiated from the CLI. The third way users can interact with the CTS
500-32 endpoint is by using the Cisco Touch 12 control pad. Menu options only display
on the Cisco Touch 12 after the endpoint has registered and the Touch 12 has received its
system load file from the endpoint. The user options are limited on the Touch 12 as com-
pared to the web interface and the CLI. Your average user will only need to use the control
pad for basic calling functions on the CTS 500-32 endpoint. Therefore, the Touch 12 can be
used to place calls, end calls, and share content. If OBTP is scheduled with the CTS 500-32
endpoint, a button will appear on the control pad to start the meeting. Users can also view
call statistic information using this device.
By default, the CTS 500-32 endpoint uses DHCP to obtain IP address information. Should
the endpoint need to be rebooted at any time, the IP information obtained during the
DHCP process will be cached and reused after the reboot process is complete. When the
endpoint first boots, the user will first see the Touch 12 and the monitor power on. The
monitor will display the Cisco name and logo for about 60 seconds and then return to sleep
mode. Meanwhile, the control pad displays circles in the lower-left corner of the screen
numbered 1 through 7. These are POST tests of sorts that the endpoint uses throughout the
boot and registration process. When the Touch 12 gets to the number 4 circle, the monitor
wakes up again and displays its own circles numbered 1 through 6. In addition, a box on the
right side of the monitor lists MAC, IP, VLAN, 802.1X, and CTS S/W. The MAC address
settings and CTS S/W settings will display immediately, and the 802.1X will display Not
Required. However, the IP and VLAN options will first appear blank. When the CDP and
DHCP processes are complete, the IP and VLAN information will display. Figure 8-4 shows
what the monitor might look like during a CTS 500-32 system startup.
190 CCNA Collaboration CIVND 210-065 Official Cert Guide
As you can see in Figure 8-7, the settings that this wizard will calibrate include the touch
verification, display verification, eye height setup, camera setup, audio verification, and
VGA verification. To start the First-Time Setup Wizard, click the Start button. The first
setting that you need to calibrate is the Touch 12. Several buttons will appear on the touch
display that you will need to “touch” to calibrate this device. Click the Next button when
calibration of the Touch 12 is complete. The next screen is Display Verification. There will
be an image on the display that should match the image on the web interface. If they match,
click Next to calibrate the eye height setup. A red square will display on the monitor. Press
the button located on the back of the pedestal the CTS 500-32 endpoint is mounted on, and
elevate or lower the monitor so that a person’s face would center in the red square when
seated in front of the camera. Once the height is set correctly, the camera can be calibrated.
This is the most difficult part of the calibration process. Locate the cardboard cutout and
click Next. The cardboard cutout has a pattern printed on it that looks like a QR code and
can be folded into a triangle. The monitor displays the same red square from the previous
step. Align the cardboard cutout so that the pattern fills the inside of the red square. It is
important that the cardboard cutout be very still. It is best to stack boxes or something
that it can be placed on so that there is almost no movement at all. When ready, click the
Start button from the web interface, and the camera will take a picture of the image on the
cardboard cutout. That picture will display on the monitor beside an image that is should
match to. If the picture is blurry and out of focus, you can manually adjust the camera to
focus the picture. Pull the cover off the camera and adjust the zoom and focus of the lens.
Click the Try Again button in the web interface to take a picture again. The camera can also
be manually adjusted for pan, tilt, and horizon. There are tiny screws on the bottom of the
camera that can be used to adjust these settings. When you are satisfied with the camera
adjustments and the image quality, click the Next button. Audio verification test the built-in
microphone and speakers. A meter will appear on the web interface. Speak in a normal tone
and watch the needle on the meter move. Then speak very softly and verify that the micro-
phone can still pick up your voice. Speak louder than normal to ensure the microphone can
Chapter 8: Configuring Cisco TelePresence CTS Software-Based Endpoints 191
handle louder outbursts. For the speaker calibration, the endpoint will emit the Cisco tune
over the speakers. Adjust the volume so that the music can be heard at a comfortable vol-
ume. The last calibration test is the Video Graphics Array (VGA) connection. Using a VGA
cable, connect a laptop computer to the endpoint. Click the Start Presentation button that
is made available on the Touch 12. If your computer screen is displayed on the monitor,
this step is compete. If not, you may want to check all your connections to ensure that the
cables are seated properly. Clicking the Finish button circles you back to the welcome and
introduction page shown in Figure 8-7. If you do not want to run the wizard, or if you did
run the wizard and you are finished, you can click the CTS Admin UI button. This redirects
you to the Web Portal login page for the CTS 500-32 endpoint.
If you opted not to run the First-Time Setup Wizard, or you want to recalibrate one of the
settings, a tool is provided to perform these tasks from the web interface. After the end-
point has registered, log in to the web interface of the endpoint. In the left menu column
under the Troubleshooting section, click the Hardware Setup option. The display field
right of the menus will show all the above-mentioned calibration options. Click the option
you want to calibrate, and then click the Start button. They can all be calibrated in the same
manner as mentioned earlier.
Whether the endpoint was set up for the first time or a factory reset was performed on
the endpoint, the factory image will be the boot image the CTS 500-32 endpoint will use
each time. An updated image file can be loaded to the endpoint, but the factory image
will still be used unless the boot slot is changed. To upgrade the endpoint, a newer ver-
sion software must be uploaded to the Cisco Unified CM, and the phone load name of
the version you want to use must be specified on the phone settings within the Cisco
Unified CM. Figure 8-8 illustrates the field that needs configured on the Cisco Unified
CM to specify a phone load name. 8
Figure 8-8 Configuring the Phone Load Name on the Cisco Unified CM for a CTS 500-32
Endpoint
194 CCNA Collaboration CIVND 210-065 Official Cert Guide
Summary
For engineers who are proficient with working in a Unified Communications environment,
the CTS 500-32 endpoint should feel relatively familiar. It functions much like a VoIP
phone in as far as how it registers to the Cisco Unified CM. The control device used to
place and disconnect calls can even be a VoIP phone, although only the 7970 and 7975 IP
Phones are supported. Ideally, the Cisco Touch 12 control pad should be used with these
endpoints. Either the IP Phone or the Touch 12 can be used to interface with the end-
point, along with the web interface or the CLI. The endpoint will use DHCP by default,
but if there is an issue preventing the endpoint from receiving IP information, it can use
the default IP address of 192.168.100.2. This address can be used to change the IP settings
to static and assign the necessary addresses. The endpoint will also try to obtain the TFTP
server address using Option150. If the TFTP server address is not obtained, this setting
can be configured manually on the endpoint as well. Should the endpoint need reset, two
options are available for issuing the factory reset. Also, the endpoint can be calibrated using
either the First-Time Setup Wizard or the web interface. The two user accounts on the CTS
500-32 endpoint, the admin user and the helpdesk user, can be secured through the Cisco
Unified CM. Should the password be lost or forgotten, there is also a recovery component
built in to the endpoint to reset the password to its factory setting of Cisco.
Chapter 8: Configuring Cisco TelePresence CTS Software-Based Endpoints 195
CDP, VLAN, DHCP, DHCP Discovery, DHCP Offer, DHCP Request, DHCP Ack, static,
TFTP, Option150, CTMan, DN
This chapter covers the following topics:
■ DX series User Interface: This section examines how to navigate the user inter-
face on the DX series endpoints. Navigation will include using the app store,
accessing the settings menus, and managing the user interface for placing and
receiving calls.
■ Configuring Cisco DX Series Endpoints: This section examines the different set-
tings that need to be configured on the DX series endpoints before they can reg-
ister with the Cisco Unified CM.
■ Registering Cisco DX Series Endpoints: This section explains how to set up the
Cisco Unified CM so DX series endpoints can register.
CHAPTER 9
This chapter discusses some of the different capabilities and protocols that define the
DX series. You will also learn how to use this unique user interface. So that you can reg-
ister a DX to a call control server so that calls can be sent and received, this chapter also
explains explanation how to configure the DX series endpoint and the Cisco Unified
Communications Manager (CM).
Caution The goal of self-assessment is to gauge your mastery of the topics in this
chapter. If you do not know the answer to a question or are only partially sure of the
answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you correctly guess skews your self-assessment
results and might provide you with a false sense of security.
1. Which of the following features are not supported on the DX series endpoints?
a. LDAP
b. H.323
c. SCCP
d. LLDP-MED
4. When resetting a Cisco DX series endpoint using the applications settings menu,
which of the following is required?
a. 123456789*0#
b. #0*987654321
c. **#**
d. ##*##
Chapter 9: Configuring Cisco DX Series Endpoints 199
a. DX650.
b. DX70.
c. DX80.
d. All DX endpoints support PoE.
7. How does a DX series endpoint connect to a smartphone using Intelligent Proximity
for Mobile Voice?
a. 4 digits or characters
b. 4 digits for PINs and 8 characters for passwords
c. 8 digits or characters
d. 8 digits for PINs and 4 characters for passwords
9. How does a Cisco Unified CM identify an endpoint when the endpoint is trying to
register?
10. Calling search spaces are often used on the Cisco Unified CM to administer call
control over phones and other systems. What other setting on the Cisco Unified CM
must be configured in conjunction with calling search spaces?
a. Device pools
b. Regions
c. Route lists
d. Partitions
Chapter 9: Configuring Cisco DX Series Endpoints 203
With an endpoint this feature rich, many organizations may understandably have a con-
cern that their employees will abuse these functions and download games to their phones,
or leverage it in some other nonproductive fashion. The world has suffered enough from
Candy Crush. As Benjamin Franklin said, “An ounce of prevention is worth a pound of
cure.” Cisco has taken preventive steps to allow corporations to customize what end users
are allowed to access on their Cisco DX series endpoint. Cisco offers security at multiple
levels of the network. Security Enhanced (SE) Android provides more protection by iso-
lating applications to keep sensitive data safer. And your IT admin has the option to limit
device capabilities. Some of the functions on the Cisco DX series endpoints that can be
administratively disabled include Google Play, Wi-Fi, Bluetooth, installation of apps from
unknown sources, and USB ports. On a Cisco DX650, you can enable phone-only mode to
provide the following limitations:
■ The user is limited to the home screen, phone application, Contacts application, and
Settings application.
■ The user cannot add shortcuts or widgets to the home screen.
■ Any contacts that are saved to the Contacts application in phone-only mode are stored
locally and will not sync to any server.
■ USB storage devices and SD cards are not supported.
■ Any previously configured account data is hidden from the user when the phone enters
phone-only mode.
■ The phone reboots when you switch from standard profile to phone-only mode, or from
phone-only mode to standard profile.
There are two operating modes for the DX series endpoints: simple and enhanced. Simple
mode offers the following features and limitations:
You can find more information about all these settings, and many more, in the CCNA
Collaboration CICD 210-060 Official Cert Guide. From the Device > Phones screen, you
can verify the registration status of the endpoint. The status should show Registered, along
with the IPv4 address of the endpoint. If the device fails to register, click the Device Name
link to confirm that you correctly entered the MAC address of the endpoint and that the
phone has a line DN. These are common reasons an endpoint will not register.
Summary
The Cisco DX series endpoints are next-generation endpoints that deliver powerful, high-
quality communications and collaboration for a variety of office environments. The Cisco
DX series endpoints provide native support for HD video up to 1080p30 using the video
codec H.264. They also support the annex codec H.264 AVC for HD video at even less
bandwidth. Many features are supported on these endpoints, such as access to cloud ser-
vices, IM, and presence with Cisco Jabber and support for EM. The three main capabilities
of DX series endpoints are registration to the Cisco Unified CM for audio and video call
admission and control, an Android-based applications feature that increases productivity
in the workplace, and an administrative function that allows complete control over what
features on the Cisco DX series endpoints are available for users to access. In addition, the
Cisco DX series endpoints have a built-in function that allows Cisco Intelligent Proximity
for Mobile Voice to be leveraged through Bluetooth technology, so contacts and call his-
tory can be shared between your smartphone and the endpoint, and mobile phone calls can
be picked up, mid-call, from the Cisco DX series endpoints.
Cisco DX series endpoints register exclusively with the Cisco Unified CM. The process for
registering these endpoints is the same as other devices within the Cisco unified communi-
cations and collaboration portfolio. This simplifies the process by not having extra steps in
the process, and it simplifies the troubleshooting process should problems be encountered.
Certain settings must be configured on the Cisco Unified CM before the endpoint can reg-
ister. Best practice is to configure the Cisco Unified CM first, and then set up Option 150
and let DHCP deliver the TFTP addresses to the Cisco DX series endpoints. This “behind
the curtain” approach makes setup of the Cisco DX series endpoints as simple as cabling up
and powering on the endpoint for the endpoint to register with the Cisco Unified CM.
214 CCNA Collaboration CIVND 210-065 Official Cert Guide
CDP, LLDP-MED, PoE, DN, MAC address, device pool, phone button template, calling
search space (CSS), owner, owner user ID, phone load name, allow control of device from
CTI, device security profile, SIP profile, Secure Shell user, Secure Shell password, web
access, SSH access
This page intentionally left blank
This chapter covers the following topics:
This chapter discusses a beginning-to-end process that shows how to configure the TC
endpoint for both a Cisco Unified Communications Manager (CM) and a Cisco Video
Communications Server (VCS). The discussion also covers how to calibrate an endpoint to
the room environment and how to set up and support user accounts and control basic call-
ing features.
Caution The goal of self-assessment is to gauge your mastery of the topics in this
chapter. If you do not know the answer to a question or are only partially sure of the
answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you correctly guess skews your self-assessment
results and might provide you with a false sense of security.
1. In a SIP call using Early Offer, what information is sent with the initial Invite message?
a. SIP
b. SDP
c. H.225
d. H.245
2. Which of the following is not a method of interfacing with TC software-based end-
point?
a. Web interface
b. Touch 8
c. Touch 12
d. CLI through serial interface
3. Which of the following statements is true about how to set up Intelligent Proximity
for Content Sharing on a TC software-based endpoint?
4. How does the Cisco Unified CM identify a TC software-based endpoint when it tries
to register?
a. By the IP address of the TC software-based endpoint
b. By the MAC address of the TC software-based endpoint
c. By the serial number of the TC software-based endpoint
d. By the RRQ of the TC software-based endpoint
5. Which of the following is a phonebook that TC software-based endpoints can receive
from the Cisco TMS?
6. What type of encryption can TC software-based endpoints use when registered to the
Cisco Unified CM?
a. Factory resets only wipe out configuration settings, not upgraded image files.
b. Factory resets only wipe out configuration settings, not upgraded image files or
IP settings.
10
c. Factory resets wipe out configuration settings and upgraded image files.
d. Factory resets cannot be performed on TC software-based endpoints.
10. Which of the following user accounts exist on TC software-based endpoints by
default?
Foundation Topics
When VLAN discovery is complete, the endpoint sends a DHCP Discovery message
to the DHCP server. Similar to a UC environment, Option 150 can be made available
for the TFTP server address to be discovered at the same time; however, the DHCP
RequestTFTPServerAddress setting on a TC endpoint must be enabled for TFTP discovery
to work. For the time it takes to turn this setting on, the External Manager settings could be
configured, so it may prove most prudent just to configure the External Manager settings
manually.
Now that the endpoint has appropriate IP address information and the TFTP server address,
it can send a TFTP Get message to the TFTP server. The communication the endpoints send
to the TFTP server contains their MAC addresses because that is what the Cisco Unified
CM uses to identify the endpoint. Similar to UC environments, the first element the end-
point tries to download is a certificate trust list (CTL) file. The CTL file contains a set of
certificates and is used only when Cisco Unified CM cluster security has been enabled.
Next, the endpoints try to download their own configuration files. After the configuration
file has been downloaded, the endpoints verify that they are running the requested load or
firmware version. TC endpoints will not try to download upgrade firmware files. Although
this is Cisco’s intent for future versions, as of 10.x on the Cisco Unified CM the TC end-
point only validates if the version it is running is a supported version.
224 CCNA Collaboration CIVND 210-065 Official Cert Guide
source endpoint dials the destination alias. When the VCS receives the ARQ message, it
responds with a Request In Process (RIP) message. This is when the VCS reviews all CAC
settings that have been configured and tries to locate the destination alias. If there is some
CAC in place that prohibits the call from continuing, the VCS sends an Admission Reject
(ARJ) to the source endpoint, and the call attempt ends. If there is no CAC in place that
prohibits the call from continuing, the VCS sends an Admission Confirm (ACF) to the
source endpoint. This ACF contains the destination endpoint’s IP address. Using that IP, the
source endpoint sends an H.225 Call Setup message. This message is sent using the Q.931
protocol from the ITU H.320 umbrella standard for circuit-switched communication. (This
was a carryover protocol when the ITU developed the H.323 umbrella standard for packet-
switched communication.)
When the destination endpoint receives the Call Setup message, it sends the VCS its own
ARQ message requesting permission to answer the call. The VCS responds with a RIP mes-
sage, then an ACF. (Because the two endpoints in this scenario are registered to the same
VCS, and there was no CAC prohibiting the call during the first ARQ message, there will
be no prohibitions during this second ARQ. If the destination endpoint were registered to
a different gatekeeper, there could be cause for CAC to prohibit the destination endpoint
from answering the incoming call.) When the ACF is received, the destination endpoint
sends two messages to the source endpoint. The first message sent is an H.225 Alerting
message using the same Q.931 protocol mentioned before. This Alerting message tells the
destination endpoint to ring and sends a ring-back tone to the source endpoint. When the
user of the destination endpoint answers the call, an H.225 Connect message is sent using
the Q.931 protocol.
Most TCP communication uses a three-way handshake (SYN, ACK, SYN/ACK) to establish
communication before important packets are sent. In an H.323 call, the call setup process
establishes that same open line of communication needed before critical capabilities and
UDP port allocations are sent between the two endpoints. The standard used to send this
information is H.245. Because this information is sent over TCP, acknowledgments are
also sent to confirm receipt of the information being exchanged. The first sets of packets
exchanged between the two endpoints are the capabilities exchange. This identifies what
audio and video codecs each endpoint supports, in addition to any other capabilities that
exist, like far-end camera control (FECC) or content sharing. Next is the master/responder
negotiation. (The ITU labels this communication as master/slave negotiation, but it has
become common to refer to it as responder instead of slave.) A master must be decided
between the two endpoints, and the master will decide what codec is to be used for each
capability and what UDP ports each endpoint will use to transmit the packets over. Once
the master is decided, that endpoint sends the codec selection and port allocation for itself
and the destination endpoint to the destination endpoint. When all the port are open, two-
way communication can take place. Figure 10-4 illustrates the H.323 call setup process.
226 CCNA Collaboration CIVND 210-065 Official Cert Guide
Note The SX10 does have a Setup Wizard that can be used to provision the
endpoint during the first time it is booted. Device settings must be provisioned
from the TFTP server for Cisco Unified CM registration or from TMS (TelePresence
Management Suite) for VCS registration.
Figure 10-5 illustrates the button layout of the TRC5 remote control.
Context-sens t ve softkeys
at the bottom of the screen
As Figure 10-5 illustrates, five soft keys are located at the top of the remote control.
These keys correspond with soft key options that display across the bottom of the display.
Different options are made available depending of what the endpoint is doing. For example,
if a user is in a call, there is a soft key option for FECC. If an administrator is configuring a
Chapter 10: Configuring Cisco TelePresence TC Software-Based Endpoints 227
setting on the endpoint, there is a soft key option to toggle between numbers and letters.
Some soft key options are programmable as well. Below the soft keys in the center of the
remote are arrow keys with a checkmark button in the center of them. These arrow keys
can be used to navigate menus and to pan and tilt the camera, whether near-end or far-end
camera control is being used. The checkmark button is like an Enter key used to make selec-
tions. The Zoom button for camera control is located to the right of the arrow keys, and
the Volume button is located to the left. Just above the arrow keys are two buttons. The
left one is for muting the microphone, and the right one is for sharing content if a device,
like a computer, is connected to the endpoint. Below the arrow buttons are three more but-
ton options. The left button bring up the phonebooks on the endpoint. The center button
is a home button. This displays the main menu options no matter where you have navigated
within the menus, or even if there are no menus displayed. The right button is used to bring
up the self-view of the camera connected to the endpoint. It can also be used to change the
layout if the multisite option is being used. Above the number keypad is the Call Answer
and Call Disconnect button. Between them is a C button. This is a Clear, or Backspace, but-
ton. It also takes you to the previous menu set when navigating menus using the remote
control.
Pressing the Home button or the Checkmark button will bring up the first level of menus.
Any menu option that has a black arrow beside it means that selecting it will offer another
level of menu options. From the main level menus, navigating to Settings > Administrator
Settings > Advanced Configuration will take administrators to the menus used to configure
and calibrate an endpoint. Figure 10-6 illustrates how these menus will appear.
10
Figure 10-6 OSD Menus Using the Cisco TRC5 Remote Control
228 CCNA Collaboration CIVND 210-065 Official Cert Guide
code lines are used. If an administrator wants to verify the status of a call, check network
settings, or view the registration status for H.323/SIP, or some other status, the xStatus
code line is used. If an administrator wants to configure a setting on the endpoint, the
xConfiguration code lines are used. For example, if an administrator wants to identify a
system name for an endpoint, the command used is xConfiguration SystemUnit Name:
<system name>. The code used with xConfiguration maps exactly to the menu structure
of the web interface and the OSD. Figure 10-8 lists the commands under xConfiguration
using the CLI.
The next significant settings under Profile 1 are the gatekeeper settings. They are address
and discovery. Address is the address of the gatekeeper you want to register the endpoint
with; in this case, it is the VCS. Discovery determines how the endpoint will locate a gate-
keeper to try to register with. Discovery mode can be configured as Manual or Auto. If
configured as Auto, no gatekeeper address needs to be configured. The endpoint sends out
a GRQ broadcast to locate the gatekeeper, as mentioned toward the beginning of this chap-
ter. Manual uses the address specified in the above field. Best practice suggests leaving this
setting as Manual, which is the default.
The last subheading under Profile 1 is H.323 Alias, and the options here are E.164 and ID.
An E.164 alias, as defined by the ITU, is a numeric alias using digits between 0 and 9 and
should be no longer than 15 digits long. Essentially, it is a phone number. The ITU rati-
fied the parameters for E.164 alias for use with H.320 circuit-switched communications.
However, E.164 aliases were carried over with the development of H.323 packet-switched
communication, and the length of the alias is less significant. On TC software-based end-
points, an E.164 alias can be up to 30 digits long, although that makes for a long phone
number to remember. ID represents an H.323 ID, which is the other type of alias that can be
used with H.323 communications. H.323 IDs can use alphanumeric and special characters up
to 49 characters long. In the past, a common use of H.323 IDs was to use a person’s name.
Someone could dial “John” and place a call to John’s endpoint. Today, a more common use
of H.323 IDs is to configure them in the form of a URI. Make no mistake: H.323 ID is not
a URI. However, they can be configured in the form of a URI. In some production environ-
ments, customers configure both the E.164 alias and the H.323 ID. The E.164 alias is com-
monly used for internal calls, and the H.323 ID, in the form of a URI, is used for external
calls. Figure 10-10 illustrates the H.323 configuration menus available on a TC software-
based endpoint.
Chapter 10: Configuring Cisco TelePresence TC Software-Based Endpoints 233
Each of the settings discussed in this section must be saved before they will take affect.
Once saved, the endpoint should register with the VCS immediately. To verify the registra-
tion was successful, navigate to Home. Under the H.323 heading, Status should show up as
Registered, Gatekeeper should be the VCS address specified in the H.323 configuration set-
ting, Number should be the E.164 alias, and ID should be the H.323 ID.
When registering an endpoint with the VCS, an administrator can choose whether to use
H.323, SIP, or both. Because the foundation for registering a TC software-based endpoint
has been established for H.323, a close examination on how to register the endpoint using
SIP with the VCS is needed. Again, the VCS does not provision settings to endpoints, so all
SIP configuration settings need to be configured on the endpoint before it can register with
the VCS. Navigate to Configuration > System Configuration and click the SIP menu in the
left menu column. There are many more options available than are needed for a basic SIP 10
registration. This section focuses on only the basic settings needed to register an endpoint
with the VCS using SIP. All of these settings can be found under the Profile 1 section. The
first configuration parameter listed under Profile 1 is the Default Transport. This setting can
be configured as TCP, UDP, TLS, or Auto. If none of your calls should be encrypted, set it
to TCP or UDP. If all calls should be encrypted, set it to TLS. If you want SIP calls to try
encrypting first, but to connect anyway if they cannot, use Auto. The default setting is TCP.
Another menu option is Type, which can be configured as Standard or Cisco. Standard
should be used when registering to the VCS, and this is the default setting. This setting will
change automatically to Cisco when registering to the Cisco Unified CM. Administrators
should never need to change this setting, but it is a valuable setting of which to be aware.
234 CCNA Collaboration CIVND 210-065 Official Cert Guide
Below this setting is the Display Name. This name will display on the destination endpoint’s
monitor when you connect. It will also be displayed when connecting through a multipoint
control unit (MCU). If this setting is not configured, the URI address displays in its place.
A little further down is the URI setting. This should be the URI address that users will dial
when they are trying to connect to your endpoint. URI addresses must be in the form of
Host@FQDN. The VCS will qualify the domain, and all SIP registrations will fail if the
domain used in the URI address does not match a domain configured on the VCS. This is
the marking difference between a URI and an H.323 ID. Because the H.323 ID is not actu-
ally a URI, the H.323 registration is allowed to register with a VCS regardless of what comes
after the @. With SIP, however, the domain is a significant part of the alias and must qualify
against domains listed on the VCS.
Some time was spent in this chapter explaining what a SIP server is and how the SIP registrar
and the SIP proxy are functions of the SIP server. To point a TC software-based endpoint to
the VCS for SIP registration, the Proxy 1 address must be configured. Under Proxy 1, two
settings are listed: Address and Mode. Mode for SIP is the same as Mode for H.323. It can
be configured as Manual or Auto and determines how the endpoint will try to locate a SIP
server (VCS) to register with. Leave this setting as Manual. Under Address, configure the
address of the VCS. All the previously mentioned settings need to be saved for the configu-
rations to take place. Figure 10-11 shows how the SIP configuration menus will display on a
TC software-based endpoint.
To verify the endpoint has registered, click the Home menu across the top of the page.
Under the SIP heading, Status should show as registered, Proxy should be the VCS address,
and URI should be the URI address configured on the endpoint.
236 CCNA Collaboration CIVND 210-065 Official Cert Guide
The question pertaining to speed and duplex will be addressed first. The speed options
available on TC software-based endpoints are 10 Mbps, 100 Mbps, and 1000 Mbps (or
1 Gbps). Duplex has to do with how nodes send and receive packets across a network, and
the options are half duplex and full duplex. Both offer two-way communication, but half
duplex only allows for communication to occur one direction at a time. Walkie-Talkies
are perfect examples of half-duplex communication. What happens if both parties using
a Walkie-Talkie try pressing the Talk button at the same time? Neither party will be able
to hear what the other party is saying. Full duplex allows for a node to send and receive
packets at the same time. In IP communications, only full duplex should be used. Using
half duplex in IP communications will double the amount of bandwidth required because
extra ports will need to be opened for two-way communication. Duplex is configured
and displayed with the speed on TC software-based endpoints. The options available are
Auto, 10half, 10full, 100half, 100full, and 1000full. Auto is the default setting and will
use whatever speed the router specifies should be used. It is recommended by Cisco that
Auto should be used. However, it is always good to verify what rate is actually negotiated.
If speed and duplex are configured as Auto, but the status shows half duplex, the setting
will need to be changed on both the endpoint and the router to full duplex. If this setting
is only changed on one device and not the other, you could experience something called
duplex mismatch. Telltale signs that duplex mismatch is occurring include registrations
dropping, calls not connecting, or calls dropping in the middle of the call.
IP addressing information is required when any device wants to communicate across a net-
work. The required components needed are an IP address, default gateway, and the subnet
mask. Other optional network addressing information that could be used are DNS addresses
and, if Option 150 is used, TFTP server addresses. IP addressing information can be deliv-
ered over DHCP, or they can be statically assigned. TC software-based endpoints will use
DHCP by default. If an administrator wants to use static IP addressing, these settings can be
changed. It is not recommended to change these settings from the web interface because
once one component is changed, you may lose connectivity to the endpoint. The best
option is to use the CLI with a serial connection or use the remote control. The commands
that enable you to configure static network settings with the CLI are as follows:
Though placing calls is a fairly intuitive task, several configurable options are available
on TC software-based endpoints that relate to calls. Such options include Auto Answer,
246 CCNA Collaboration CIVND 210-065 Official Cert Guide
SIP, SIP server, SIP proxy, SIP registrar, H.323, H.323 gatekeeper, interworking gateway,
FQDN, DN, CAC, SDP, RAS, GRQ/GCF, RRQ/RCF/RRJ, ARQ/ACF/ARJ, H.225, Q.931,
H.245, OSD, PIP
10
This chapter covers the following topics:
■ Solution Overview and Components: This section examines the Cisco firewall-
traversal solutions available on the market today.
■ Mobile and Remote Access: This section examines how the Cisco collaboration
edge solution addresses mobile and remote-access issues for businesses.
■ Jabber Guest: This section explains how the Jabber Guest solution works and
what components are needed to use Jabber Guest.
■ Configuring Call Mobility: This section provides an overview of the two call
mobility options in a Cisco infrastructure environment that allow other users to
contact your devices with a single-number-reach solution.
CHAPTER 11
This chapter discusses Network Address Translation (NAT) and firewall issues that compa-
nies encounter within a collaboration solution. An overview of Cisco solutions that address
these issues will help you understand the foundational components needed in a Cisco
firewall-traversal solution. This solution enables remote and telecommuters to establish
mobile and remote access to infrastructure within an organization. You will also learn
how business-to-consumer communication can be established using the Cisco Jabber
Guest solution. All of these components can be interlaced together with an explanation
on how different call mobility solutions function, and how they can be configured to
establish a single-number-reach for users with multiple modes of communication.
Caution The goal of self-assessment is to gauge your mastery of the topics in this
chapter. If you do not know the answer to a question or are only partially sure of the
answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you correctly guess skews your self-assessment
results and might provide you with a false sense of security.
a. STUN is hardware intensive because all call media must go through this server.
b. TURN is hardware intensive because all call media must go through this server.
c. ICE is hardware intensive because all call media must go through this server.
d. ICANN is hardware intensive because all call media must go through this server.
4. What organization created and is responsible for the administration of the Interactive
Connectivity Establishment protocol?
a. ITU
b. ISO
c. IEEE
d. IETF
5. What UDP ports need to be opened on a firewall if H.460.18 is used for firewall
traversal?
a. 1
b. 2
c. 3
d. 4
7. What products are used in the Cisco collaboration edge solution for firewall
traversal?
a. VCS Control and VCS Expressway
b. Expressway Core and Expressway Edge
c. Cisco Unified CM and VCS Expressway
d. Cisco Unified CM and Expressway Edge
8. What is the Cisco Unified Mobility and remote-access solution?
9. Which of the following is a critical component to the Cisco Unified Mobility and
remote-access solution?
a. FindMe
b. Cisco Unified Mobility
c. Single number reach
d. One button to push
Chapter 11: Cisco Legacy Edge Architecture 253
packets are sent out, TCP requires a return communication. If a return communication is not
received in a set amount of time, the packets are re-sent.
■ NAT does not allow communication to be initiated from outside the private network
because the virtual ports can change with each new transmission that is created. So if two
video endpoints behind different NATs want to communicate, one will never be able to
discover the other. For example, if a device were to try to route to the private IP address
of another endpoint, the transmission would fail at the source router because private
IP addresses are not publicly routable. Alternatively, if the source device were to try to
route to the public IP address of the far end router, once the packets arrived, the far end
router would not know which device to route the packets to.
■ The second issue that comes with NAT has to do with UDP (User Datagram Protocol)
transmissions. Whereas TCP communications require a response, UDP communications
are unidirectional. Once video calls are set up using TCP, the audio and video packets are
sent using UDP. Therefore, the one-way transmission has no way of knowing whether
the endpoint residing behind the NAT server received the audio or video packets.
The IETF, who came up with the Session Initiation Protocol (SIP) communications proto-
col and NAT, also came up with the first solution that allowed communications between
private LAN/WANs through a NAT server. That protocol is known as Session Traversal
Utilities for NAT (STUN). After creating the RFC for STUN, The IETF came up with two
other RFC protocols known as Traversals Using Relays around NAT (TURN) and Interactive
Connectivity Establishment (ICE). Figure 11-1 illustrates how STUN can be used for NAT
traversal.
As illustrated in the scenario in Figure 11-1, the endpoint sends a STUN request through
the default gateway to the STUN server located on the public network. The STUN server
is listening on port 5060. The gateway forwards the request to STUN server and changes
port 5060 to another port number. The STUN server records the address and port and
sends a response back to the endpoint. This IP and port are now assigned to the requesting
endpoint. When the endpoint establishes a session (for example, a SIP-based Voice over
IP [VoIP] or video call with an external entity), it can notify the external entity to sends
responses back on the public IP address and port assigned by the STUN server. Now the
UDP connection can successfully be established between two endpoints without NAT
issues hindering the connection.
11
Although STUN is a great solution, it does not work properly with networks using
Symmetric NAT. Symmetric NAT creates a new address and port mapping each time an
internal host tries to connect to an external host. To resolve Symmetric NAT issues, the
IETF came us with another protocol called TURN.
TURN performs much like STUN; however, it uses a relay that STUN does not possess,
allowing for server-reflexive addresses and SNATs (Symmetric NATs) alike. Because the
TURN server is used as a relay, more bandwidth is required, and all media must go through
the TURN server. Figure 11-2 illustrates how a TURN server can be used within a network.
Chapter 11: Cisco Legacy Edge Architecture 259
Communications Mobile and Remote Access also allows the traversal communication to be
leveraged for endpoint registration. Unified Communications Mobile and Remote Access
uses the Expressway Edge as the traversal server that is installed on the public network or in
a DMZ and Expressway Core as the traversal client that is installed on the internal network.
The following connections must be enabled on the firewall:
■ Internal firewall between Cisco Expressway Core and Cisco Expressway Edge
■ SIP: TCP 7001
■ Traversal Media: UDP 36000 to 36001
■ Extensible Messaging and Presence Protocol (XMPP): TCP 7400
■ HTTPS (tunneled over Secure Shell (SSH) between Expressway Core and
■ Expressway Edge): TCP 2222
■ External Firewall between the internet and Cisco Expressway Edge
■ SIP: TCP 5061
■ HTTPS: TCP 8443
■ Extensible Messaging and Presence Protocol (XMPP): TCP 7400
■ Traversal Using Relay NAT (TURN) server control and media: UDP 3478 / 6000
to 61799
■ Media: UDP 36012 to 59999
The external DNS server must be configured with collab-edge._tls.<domain> service records
so that external endpoints can discover that they should use Cisco Expressway Edge for
mobile and remote access. Service records for secure SIP are also recommended for deploy-
ing secure SIP calls on the Internet. The service records must point to the Cisco Expressway
Edge server.
The internal DNS server must be configured with a cisco-uds._tcp.<domain> service record
so that internal endpoints can discover that they should use Cisco Unified CM for direct
registration. Be sure that the uds service records are not advertised externally; otherwise,
issues could result from clients not knowing where to register. When using Cisco Unified
CM IM and Presence, a cuplogin._tcp<domain> service record is also required on the inter-
nal DNS. You must point all call-processing nodes to a Cisco Unified CM cluster fully qual-
ified domain name (FQDN) when configuring the cisco-uds._tcp.<domain> service record.
All Cisco Unified CM IM and Presence server clusters should be configured in the same
manner when configuring the cuplogin._tcp.<domain> service record. The internal DNS 11
records must be available to all internal endpoints and to Cisco Expressway Core.
Unified Communications Mobile and Remote Access requires certificates for secure com-
munication between endpoints outside the network and the internal Cisco Unified CM.
Cisco has recently issued four new certificates to use in conjunction with the Expressway
Edge or the VCS Expressway. Though these new certificates pertain to WebEx integration,
Cisco recommends they be used regardless of whether WebEx is being used. These four
certificated are not included in Table 11-3, which outlines the different certificate types
needed and where they are needed.
262 CCNA Collaboration CIVND 210-065 Official Cert Guide
Note It is important for users to be aware that by default, when a Jabber IM client is
being used, it will try to authenticate with WebEx Connect first, regardless whether
the customer is using WebEx Connect. You can call Cisco, or your service provider,
and have them disable it.
Jabber Guest
Cisco has a new product available through the collaboration edge solution that helps busi-
nesses extend their reach to customers who may not have a video communication solution
available. Cisco Jabber Guest helps customers interact with enterprise workers by using real-
time communications that are high quality, standards based, and comprehensive. Enterprise
workers can send a link to guests, who simply need to click a URL link, website link, or
mobile application to start the interaction. This will start a WebRTC type of a session with
the employee using a Cisco collaboration endpoint. Build these capabilities in to your web-
site or mobile application with the included software development kits (SDKs), or use the
Jabber Guest client experiences. With Cisco Jabber Guest, different user-friendly options
still exist, like audio and video communication. Desktop- and content-sharing capabilities
are not available currently, but receiving content is coming in a future release. Guest users
are not required to enter a username or password because there is no account needed for
those users to employ Jabber Guest.
Each end user can configure Cisco Unified Mobility to his or her own specifications. To
log in to the Self Care Portal on the Cisco Unified CM, navigate to https://CUCM name or
IPaddress>/ucmuser. Enter the user login credentials when prompted. The Cisco Unified
CM system administrator, who also controls what features are available, must set up use of
the Self Care Portal before end users can configure their settings. However, once users log
in, there are several functions they could potentially perform. End users can modify the
mobile number, allowing a cell phone to ring when the primary number is dialed. End users
can control the timers, which are used to control the mobility algorithm. Time schedules
can be established that determine which devices will ring during different hours and days.
For example, Monday through Friday from 9:00 a.m. to 5:00 p.m., a user’s mobile phone,
DX70 desk phone, and Jabber client will all ring for 30 seconds; then the call will redirect to
voice mail. All other hours, the call will go directly to voice mail. Certain callers can also be
blocked from calling Unified Mobility devices.
Similar to Unified Mobility, FindMe is a call mobility feature for Cisco VCS-centric envi-
ronments. Using FindMe requires an option key. The operation of FindMe is very similar
to Cisco Unified Mobility. One significant difference between the two call mobility fea-
tures is the alias used to extend reachability. Cisco Unified Mobility uses the alias of the
primary endpoint to initiate the transfer of the call. FindMe requires a FindMe ID to be
configured for the FindMe account, which is the dial-able alias to be used. When a user
dials the FindMe ID, the VCS initiates a call-processing order. Within the call-processing
order, the alias dialed is identified as a FindMe ID, and the call transfer behaviors will be
based on the FindMe account with which it is associated. The first behavior the VCS looks
for in a FindMe account is what endpoint, or endpoints, the call should be transferred
to first. There are two alternate options of transfer based on the behavior of the first call
transfer. If the call is busy another endpoint, or endpoints, can be specified for the call to
be transferred. Alternatively, if the call rings for a specified duration of time without being
answered, another selection of devices can be specified to transfer the call.
Whereas Cisco Unified Mobility has a Self Care Portal for users to configure their Unified
Mobility settings, Cisco FindMe has a user portal as well. How this portal is accessed will
depend on how the VCS-centric environment is set up. FindMe is a feature of the Cisco
VCS. Navigating to the URL or IP address of the Cisco VCS will present two login options:
Administrator or User. The User login is how FindMe uses can log in to manage their own
FindMe accounts. Cisco TelePresence Management Suite (TMS) can play an active role in
how FindMe works. If TMS Provisioning Extension (TMSPE) integration is used, the User
login portal through the VCS goes away, and a new User portal is made available through
TMS. FindMe accounts are created initially by the VCS administrator, and then configured
by users to their desired specifications. Because organization may need to support thou-
sands of FindMe accounts, TMS integration can be used to provision a FindMe template,
which can be mass distributed to everyone within an organization. Figure 11-6 illustrates the
FindMe user portal on the VCS as it compares to the FindMe user portal on TMS.
266 CCNA Collaboration CIVND 210-065 Official Cert Guide
Summary
It is said, “Invention is 10 percent sweat and 90 percent necessity.” Networks have evolved
significantly over the past three and a half decades. Much of the development in proto-
cols and technologies has derived from needs that surfaced throughout this development
process. Some of those needs have been addressed in this chapter, like the limitation of
IPv4 that led to the development of IPv6 and NAT. NAT created other issues with com-
munication across networks, specifically pertaining to voice and video over IP. The proto-
cols that were developed by the IETF to overcome NAT traversal were STUN, TURN, and
ICE. Although these protocols did resolve one issue, they simply bypassed a second issue:
firewall traversal. A proprietary protocol came about, called Assent, that resolved both
the NAT and firewall issues, and maintained a secure environment for corporate networks.
The Assent protocol became the basis for the H.323 traversal standards of the ITU called
H.460.17, H.460.18, and H.460.19.
All of these new standards and protocols led the way to the development of new technol-
ogy products as well. Cisco has two call control solutions available for various industry
needs, and there are also two traversal solutions that exist. For a Cisco VCS-centric envi-
ronment, there is the VCS-traversal solution. This solution features the VCS Control and
VCS Expressway as the traversal components needed. Within a Cisco Unified CM-centric
environment, there is the collaboration edge solution. This solution features the Expressway
Core and Expressway Edge as the traversal components needed. The Cisco Jabber Guest
option offers an addendum to the collaboration edge solution. Cisco Jabber Guest allows
businesses to extend their reachability to other businesses and customers who may not sup-
port a video communications solution.
Another technology developed over the years is call mobility. Cisco solutions offer two
modes of accomplishing call mobility. In a Cisco Unified CM-centric environment, the
Cisco Unified Mobility feature can be leveraged to allow employees to be contacted with
a single number reach. In a Cisco VCS-centric environment, this is accomplished through a
feature called FindMe.
Although the topics discussed in this chapter are beyond the scope of CIVND2, a basic
understanding of them is expected by Cisco. This chapter has included more detail about
these features and products to help prepare you with future certifications you may pur-
sue, and to familiarize you with products and solutions being used in Cisco deployments
globally.
This chapter covers the following topics:
■ Using the Cisco DX Series Problem Reporting Tool: This section explains how to
use the Problem and Reporting tool on DX series endpoints.
■ Isolating and Identifying Issues on Cisco Jabber Video for TelePresence: This
section examines how to isolate registration, call, and media issues on Cisco
Jabber Video for TelePresence soft client.
CHAPTER 12
This chapter describes the various tools that are used to perform regular tasks such as back-
up, restore, and performing upgrades. Other tasks described in this chapter include how to
view call statistic information and pull logs to aid in troubleshooting Cisco TelePresence
collaboration endpoints.
Caution The goal of self-assessment is to gauge your mastery of the topics in this
chapter. If you do not know the answer to a question or are only partially sure of the
answer, you should mark that question as wrong for purposes of the self-assessment.
Giving yourself credit for an answer you correctly guess skews your self-assessment
results and might provide you with a false sense of security.
a. 6
b. 9
c. 12
d. 15
2. How many historical log files can be stored on the Cisco TC software-based
endpoint?
a. 11
b. 12
c. 13
d. 15
3. TC software-based endpoints can be backed up using which of the following options?
a. OSD
b. SCP
c. FTP
d. CLI
4. When upgrading a TC software-based endpoint, which of the following is required?
a. Firmware packet
b. Release key
c. Option key
d. Cisco Unified CM
5. Which of the following CLI commands can be used on TC software-based endpoints
to verify IP connectivity to the VCS?
a. 1
b. 2
c. 3
d. 4
8. Which log on the Cisco CTS software-based endpoints shows SDP messages?
a. Sysop Log
b. Log Files
c. SIP Messages
d. System Status
9. Which of the following CLI commands can be used on CTS software-based endpoints
to verify IP connectivity to the Cisco Unified CM?
a. 384 kbps
b. 128 kbps
c. 64 kbps
d. 24 kbps
12
Chapter 12: Operating and Troubleshooting Cisco TelePresence Endpoints 277
package file you downloaded from Cisco. Click Upgrade. The system starts downloading
the file to the endpoint’s local disk and then performs the upgrade from that disk. Do not
use the endpoint during the upgrade; doing so might interrupt the process. The endpoint
reboots twice during the upgrade. The first reboot is used to finalize the endpoint upgrade.
The second reboot is to finalize the camera upgrade. When the upgrade is successfully com-
pleted, a message appears. This process can take up to 30 minutes.
On the same upgrade page of the web interface, an administrator can add option keys for
new features as required. Option keys allow for extended functionality of the system and
do not require a reboot when added. You might have several option keys in your system.
Review Chapter 7, “Cisco TelePresence Endpoint Characteristics,” for information about
available TC software-based endpoint option keys. If you need to downgrade the software
on Cisco TelePresence TC software-based endpoints, you may need to open a Cisco TAC
case to obtain special release keys.
There is another option to back up, restore, and upgrade TC software-based endpoints.
Cisco TelePresence Management Suite (TMS) is a complete management tool that enables
administrators to manage an entire video network from a single interface. Be aware that
backups cannot be scheduled, nor should they be. Consider if an endpoint were sched-
uled to be backed up by TMS and someone changed settings on that endpoint before the
backup took place; in this case, issues relevant to those changes would be backed up as well.
However, using TMS to perform these tasks offers many benefits. Though a backup can-
not be scheduled, a restore can be. After endpoints have been backed up, an administrator
can schedule that those endpoints are restored once a day or once a week. Two of the main
benefits of using TMS for upgrades are the ability to perform bulk upgrades with a single
click of a button and upgrades can also be scheduled to occur at a time when the systems
will not be in use, such as on a Saturday at midnight. The subject of how to use TMS to
perform these tasks is beyond the scope of the Cisco CIVND material. However, further
discussion on Cisco TMS will follow in later chapters.
If IP connectivity were working across the network, the next step to troubleshooting regis-
tration issues on TC software-based endpoints would be to look for nonmatching configu-
ration settings between the server and the endpoint. For Cisco VCS registration issues, you
need to make sure that the protocol that is used (H.323 or SIP) is enabled at both the end-
point and the server. With H.323, calls are possible without registering to a gatekeeper if
the call setup mode is set to Direct. In direct mode, the endpoint never tries to register to a
gatekeeper. If the desired outcome is for the endpoint to register to the VCS, the call setup
mode will need to be set to Gatekeeper. In gatekeeper mode, calls are not possible until
the endpoint registers. The discovery mode on the Cisco VCS determines how the endpoint
will try to discover the call control server for both H.323 and SIP. If the discovery mode is
set to Automatic, the TC software-based endpoint sends out a broadcast request searching
for any call control device to which it can register. The first call control server to respond is
where the endpoint will try to register, which may not be where the administrator intended
the endpoint to register. If there is no response, registration fails. Best practice suggests
setting the discovery mode to Manual and entering the specific address of a call control
server to which the endpoint will try to register. H.323 registration requests always use UDP
port 1719 for Registration Request (RRQ) messaging to a gatekeeper. SIP, however, could
use UDP port 5060 or UDP over TLS 5061. Make sure that the correct matching transport
protocol is set at both the endpoint and the server for SIP. Note that discovery mode has no
bearing on TC software-based endpoint registration to the Cisco Unified CM.
Issues registering to the Cisco Unified CM are typically caused because the voice VLAN
was not learned from the switch, Dynamic Host Configuration Protocol (DHCP) did not
provide the correct IP settings or the right TFTP server address through Option 150, IP
connectivity to the Cisco Unified CM server or Cisco TFTP server is broken, or the end-
point is provisioned incorrectly. This is also true for Cisco TC software-based endpoints
trying to register to the Cisco Unified CM. Verify that external manager mode is set
to CUCM. If you configure the Cisco TFTP server IP address manually, verify that the
correct address is set in the Cisco TelePresence TC software-based endpoint External
Manager Address field. Also verify that HTTP is chosen for the external manager in the
advanced settings configuration.
Provided the endpoint has registered to the call control server, the next issue that could
be encountered relates to call setup. Because of the complexity of the setup, a great vari-
ety of problems can be experienced when setting up a call with a Cisco TelePresence TC
software-based endpoint. There are few tools on the endpoint itself that can help detect call
setup issues. Most of the tools reside in the Cisco Unified CM or the Cisco VCS, which are
beyond the scope of this class. Verify that the dial plan is correct and that calls can be suc-
cessfully routed by using it. Take a screen capture of system configuration settings, status
messages, and debug files, and then escalate call setup issues to a call control administrator. 12
These administrators can verify CAC settings used to set up bandwidth limits and call privi-
leges that can accommodate a certain number of calls.
Media issues can be as complex as call setup issues to troubleshoot because many moving
parts can impact audio and video packets sent and received. Video input devices include
cameras, computers for content sharing, document cameras, and video-playing devices.
282 CCNA Collaboration CIVND 210-065 Official Cert Guide
The Sysop Log tab displays system operation messages, including call information, call sta-
tistics, and call errors for the Cisco TelePresence System. As many as 20 individual files are
saved on the Cisco TelePresence System, and each file can contain as many as 100,000 char-
acters. To download the log files, click the Download Sysop Files button at the bottom of
the page. The prompt that comes up presents two options: open to view the log files or save
the log files to the local disk on your computer. If the option to open the log file is chosen,
the last 100,000 bytes of the log are shown, and all available systems operation log files are
downloaded.
The Log Files tab allows administrators to download log files or capture new log files.
You can choose from three download options by selecting the appropriate radio buttons.
None is the default, and no log files are captured unless a download option is chosen. The
Download Existing Log Files option allows you to download existing log files. Click this
radio button and then choose a problem from the Select Problem Type drop-down list to
download logs. The drop-down list contains the following problem types: Audio (Speakers,
Microphones), Video (Displays, Cameras), Projector, LCD, Document Camera, Phone,
Recording, and Other/Unknown. When you click Download Existing Log Files, the system
shows the message “A WinZip download will start within several minutes. Please wait.” The
File Download window appears, prompting you to open or save the file. The other option
available within the Log Files tab is to Capture New Log Files. After you choose from the
Select Problem Type drop-down list and click Capture New Log Files, the system displays
the message “Collecting Cisco TelePresence System log files. This process may take several
minutes. Please wait.” The File Download window appears, prompting you to open or save
the file. When you capture new log files, the system combines and compresses all existing
log files from the codec. The Log Files tab displays the status of the log capture, including
the percentage of completion.
The SIP Messages tab displays all SIP messages sent and received by the CTS software-based
endpoint. You can filter the SIP messages to display a specific type of message in the SIP
log file. You can also choose the number of messages to view at one time. Double-clicking
a SIP message from the list opens the SIP Message Details dialog box for detailed message
reports. You can do the same thing by highlighting the SIP message and clicking Details.
Viewing real-time call statistics is an important function on any endpoint. From the Cisco
CTS web interface, choose Monitoring > Call Statistics. The Real Time Call Statistics sec-
tion lists the details of an in-progress call, including the connection status, registration
status, and local directory number. There is also a Historical Call Statistics (Not Including
Current Call, If Any) section that lists historical information about past calls. There are also
Audio/Video Call sections that list details about a call, such as audio stream statistics of an
audio/video call, video stream statistics of an audio/video call, and audio-only call stream
statistics. These call statistics show both transmit and receive call information. Other critical
information displayed includes local and remote endpoint IP address information, average
latency, differentiated services code point (DSCP), and class of service (CoS) quality of ser-
vice (QoS) markings.
284 CCNA Collaboration CIVND 210-065 Official Cert Guide
that is required for successful registration, such as SIP and HTTP traffic. Make sure that the
UDP and TCP SIP ports 5060 and TCP HTTP port 6970 are open.
If there were no network-related issues found, the next step an administrator must examine
is whether the endpoint has obtained the appropriate IP address of the Cisco TFTP server.
This IP address is usually obtained through Option 150, although it can be configured
manually. The Cisco Unified CM cluster might also be causing issues if the endpoint is not
configured and automatic provisioning is disabled or if required services are not responding.
Oftentimes, CTS software-based endpoints show as registered to the Cisco Unified CM, but
the touch panel does not work. This issue is usually due to the panel-to-system communica-
tion. The touch panel automatically obtains its IP address from the endpoint built-in DHCP
server. Make sure that the server process runs normally using the CLI command utils service
list. When you display the system status at the touch panel, the panel should show the cor-
rect IP address. Another issue that could prevent the touch panel from functioning properly
is related to the firmware load file. When the CTS endpoint receives firmware bin files from
the TFTP server some of the bin files contain the firmware for the touch panel, which the
CTS endpoint is responsible for delivering. If the endpoint performs an upgrade during the
registration process, something could have prevented the CTS endpoint from delivering
the appropriate files to the touch panel. Try rebooting the endpoint to reinitiate this pro-
cess. If that does not work, check that the Cisco Unified CM has the appropriate files
upload for the version the CTS endpoint is running. There should be three files listed (two
for the CTS endpoint, and one for the touch panel).
If you experience degraded audio quality or the call is dropped completely, the Cisco
TelePresence endpoint might be experiencing packet loss or packet jitter for an extended
period. Verify packet loss and jitter through system operation logs or live call statistics
from the CLI or web graphical user interface (GUI). Check the network path to determine
whether jitter or packet loss is observed. If users experience choppy audio during bidirec-
tional discussions, the issue might be caused when the audio echo canceller briefly mistakes
one of the speech patterns for noise and cancels it, resulting in choppy audio. The audio
from the remote side is slightly attenuated before being played out to the speaker. The
echo-cancellation feature removes some of the sound from the talkers during the bidirec-
tional discussions. Check whether there has been a change in the echo path. For example,
someone may have moved the speakers or microphone, or there could be a laptop or other
device directly placed in front of the microphone. Otherwise, this behavior is expected. The
existing filter parameters should be enough to cancel the sound from the speaker. However,
during bidirectional discussions, echo cancellation always removes some sound from the
talker. High CPU or resource saturation can cause hearing echo. This situation might cause
audio-missed interrupts on the endpoint. To get rid of the echo, you can perform a hold
or resume of the call or redial it completely. When you hear echo, the most common issue
is the room acoustic environment. Rarely, the issue is an audio port or microphone issue.
To mitigate the issue, you can install an acoustic panel, or you can put in some furniture or
plants and make sure that the audio volume is set to medium. Check the microphone and
audio port. Unplug or mute the suspected microphone. If the problem persists, the micro-
phone or that audio port is probably the issue. Swap the microphone for another one and
see whether the problem follows the microphone or the codec. Plug only one microphone
into an audio port at a time and continue through all the microphones and audio ports to
Chapter 12: Operating and Troubleshooting Cisco TelePresence Endpoints 285
isolate the problem. Another cause for media issues on any endpoint has to do with duplex.
Video endpoints must use full duplex. Check that the switch ports, endpoints are connected
to and ensure they are not using half duplex. In most cases, autonegotiation will result in
full duplex being used, but this is not always true, which is why it is always good to check.
Users can issue a notification from the device by providing the following information:
■ Select the date that the problem was observed. This field is autopopulated with the date
the tool was invoked, but it can be changed if needed.
■ Select the time that the problem was observed. This field is also autopopulated with the
time the tool was invoked and can be changed.
■ Select the problem application. If you are unsure of the application that had the prob-
lem, choose None.
■ Enter a problem description. Include a concise description of the behavior that was
observed.
■ Enter a customer support e-mail address.
■ The computer that Cisco Jabber Video for TelePresence is installed on must have IP
12
connectivity to the Cisco VCS. Use ping and traceroute from the PC to verify the IP
connectivity.
■ If there is a firewall or access control list along the IP route, ensure that it does not block
SIP traffic at TCP 5060, UDP 5060, or TLS 5061 in either direction.
■ Make sure that the sign-in window shows the correct VCS Control or VCS Expressway
address and domain.
■ Verify that the login credentials are correct for signing in.
Chapter 12: Operating and Troubleshooting Cisco TelePresence Endpoints 287
Summary
Understanding how to pull log information and maintain endpoints is critical in any produc-
tion environment, and becomes an asset in troubleshooting issues when they occur. This
chapter focused on how to use the onscreen display, the web interface, and the CLI to col-
lect log information on Cisco TC software-based endpoints. All system information is writ-
ten to and stored in the Current and Historical log files. This information can be expanded
using debug commands to offer detailed call traces, which will aid in troubleshooting call
setup issues. Administrators should now understand how to perform maintenance on TC
software-based endpoints, including how to back up and restore the configuration settings
of an endpoint and how to perform an upgrade. Key issues have been identified on TC
software-based endpoints that can cause registration, calling, and media issues. These end-
points have tools embedded in them that you can use to troubleshoot these issues.
Cisco CTS software-based endpoints have three logs available that can be accessed through
the web interface. These logs continually capture relevant information about the endpoint
and can be used to troubleshoot issues when they occur. Because CTS software-based end-
points are controlled entirely by the Cisco Unified CM, troubleshooting steps for these
endpoints have been identified in the same manner as troubleshooting other UC or collabo-
ration endpoints within a Cisco Unified CM-centric environment.
Cisco Jabber Video for TelePresence has some tools available locally on the hosting com-
puter that can be use to aid in troubleshooting issues relevant to the soft client. However,
because Jabber Video for TelePresence is dependent on the Cisco VCS and the Cisco TMS
servers, they are the best tools available for troubleshooting Jabber Video for TelePresence
issues. Most issues regarding this soft client will need to be escalated to the VCS or TMS
administrator.
12
288 CCNA Collaboration CIVND 210-065 Official Cert Guide
codec, CoS, DSCP, QoS, SLA, SSH, RTP, SDP, SIP, TLS, URI, MAC
12