Ltrcol 2250

LTRCOL-2250
Multiparty Conferencing for Audio,

Video and Web Collaboration using
Cisco Meeting Server
Paul Giralt ([email protected])

Markus Schneider ([email protected])
Agenda
• Cisco Meeting Server Overview
• Lab Overview
• Microsoft Interoperability
• Edge
• Lab Tips
LTRCOL-2250 © 2019 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Cisco Webex Teams
Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session
How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
cs.co/ciscolivebot#LTRCOL-2250
Overview
Audio Video Web Content
User experience Virtually limitless scale Extensible design
Connect the way you want on Everyone can meet Flexible APIs to work with
the device of your choice and share together your business processes
Cisco Meeting Server Architecture
Platform Components
Lync/S4B Direct Cisco Meeting App

Cisco Meeting App Federation WebRTC
External
Load TURN
Web Bridge
Balancer Server
XMPP Recording /
Call Bridge Database
Server Streaming
Lync FE Cisco Meeting App

Call Control Active Directory
SIP / H.323
Lab Overview
Lab Topology
CMM
Skype for Business Cisco Meeting Servers Skype for Business via
Infrastructure Office 365 or
MS Infrastructure
cms1a cms1b cms1c

cmsgw
TURN
WebRTC
Exp-C Exp-E
Audio/Video
Endpoints Unified CM Expressway Edge WebRTC
Configuration Tasks
• CMS Server Configuration Basics • Unified CM Integration
o Certificates o Ad-hoc Conferencing
o Database Clustering • CMS Call Bridge Groups
o Web Admin
• BONUS: Managing Meetings
o Call Bridge Clustering
o XMPP Clustering • BONUS: Expressway Edge
• CMS API Introduction o Web Proxy and TURN server

o External Skype for Business
o Web Bridge
Integration
o LDAP Synchronization and
Authentication • BONUS: On-premise Skype for
Business
o CMS Inbound / Outbound Dial Plan
Management and Administration Tools
CLI / MMP Web GUI API SFTP
SSH, Dial Plan and Most Licenses,

Serial Console, Call Bridge configuration Certificates,
VM console admin that is not in Logs, Backups
MMP Upgrades
Cisco Meeting Server Spaces
Personal meetings
• Invite others to your personal meeting using your own join details
Scheduled meetings
• Cisco TelePresence Management Suite (including Microsoft Outlook integration)
• One-Button-to-Push support
Ad hoc conference with UCM
• Escalate 1:1 calls to add participants
CMS
WebRTC:
https://join.domain.com
SIP Endpoints:
[email protected]
CMA: Your Personal Space
Spaces
Phone / PSTN: Skype for Business

+1(408) 555-5555
Click:
Users / LDAP Integration
• No local users (except for Admin and API access)
• LDAP Mapping can create personal Spaces with a primary and secondary Space and
user URI
• Should not overlap with other URIs in the network
• Multiple LDAP sources
Active
Directory CallBridge Database
AD
+ Space
Key parameters for mapping

User (XMPPID & URI) [email protected]
Username: [email protected]
Space URI [email protected]
Space URI user part: $sAMAccountName$.space
2nd Space URI [email protected]
Space secondary URI user part: 7$telephoneNumber$
Certificates
• Each service requires a certificate:
• WebAdmin, XMPP, WebBridge, CallBridge, Loadbalancer, Trunk, Database Cluster,
Recording Server, Streaming Server
• Encryption is mandatory! Certificate Types
• Can share certificates between services Self-signed by CMS
Private CA Signed
• Database / Microsoft Interop present
Public CA Signed
unique requirements
Plan certificates in advance and combine where possible!
Redundancy and Scale
Benefits Cluster Options
• Increased capacity • Database Cluster
• Spaces, Users, Dial Plan, Cluster-
• Resilience wide configuration
• Geographic optimization • Provides Resiliency
• Call Bridge Cluster

• Distributed calls for capacity &
Other core components, such as resiliency
Web Bridge, can be deployed on
multiple servers for redundancy and • XMPP Cluster
load distribution • Provides Resiliency
CMS Dial plan: Call Processing
CMS ALWAYS uses domain-based routing to determine call treatment
Incoming Call Rules Forwarding Rules Outgoing Call Rules
• Is the call for this CMS? • Should the call be • Destination?

• For spaces, users, IVR? forwarded? • Standards-based or
• Is the call for Lync / S4B? • If domain not matched, Lync trunk type
by default reject the call • Any transformation?
• If no match for domain,
check Forwarding rules
Microsoft Interop
Skype for Business Integration Types
Rendezvous : Video and S4B Endpoints meet in a CMS space
Gateway : call goes across CMS for adaptation and transcoding
Dual Homed conferencing – Native experience for both Video and S4B users
Dial IVR+ConferenceID
or
ConferenceID@domain Join Lync Conference Click-To-Join
CMS
Edge
Architecture – Core and Edge with Single Edge
WebRTC
Clients
Outside Firewall
Expressway-E
DMZ TURN
Web-Proxy
UC Traversal
Inside Firewall
Expressway-C
XMPP
UC Traversal
Call Bridge Web Bridge client
CMS
WebRTC
Clients
Microsoft Interop with Expressway – Gateway Calls
Standard SIP Inbound from: [email protected] to: [email protected]
MS SIP Public DNS
CMS GW (To cisco.com):
Media Send call to Exp-C as _sipfederationtls.tcp.cisco.com  Exp-E
standard SIP
GW CMS
TURN
Organization with
MS Infrastructure
[email protected]
[email protected] CUCM Exp-C Exp-E
Inbound call (To cisco.com): Inbound call (To cisco.com): Inbound call (To cisco.com):
If standard SIP, send to CUCM If MS-SIP, send to GW CMS  Send to Exp-C
Microsoft Interop with Expressway – Gateway Calls
Standard SIP
Outbound from: [email protected] to: [email protected]
MS SIP
Public DNS
Media GW CMS anchors call _sip._tcp.ms.com  Not found
& sends new INVITE _sipfederationtls.ms.com  MS-Edge
as MS-SIP call
GW CMS
TURN
Organization with
MS Infrastructure
[email protected]
CUCM Exp-C Exp-E
[email protected]
O365 Clients
Outbound call arrives at Exp-C: Outbound DNS Zone:

 Send to Exp-E as standard SIP If Standard SIP call, query for:
If failure, then send to GW CMS _sip._tcp.ms.com  Not found
GW CMS anchors call & sends If MS SIP call, query for:
new INVITE as MS-SIP call _sipfederationtls._tcp.ms.com  MS Edge
 Send to Exp-E as MS-SIP
Lab Tips
Lab Users
• There are 3 “Inside” clients
• PC1 is Chuck with Jabber &
Skype for Business (User 1)
I’m User1 on YOU as User4
PC2 is Amy with Jabber &
•
Skype for Business(User 2) PC1 on your laptop
• Your laptop is User4
with Jabber and Chrome
• One “Outside” client

• PC3 is Ruba
• Chrome for WebRTC
• Skype for Business for B2B
• All are Remote Desktop

• Static Video Image & No Audio I’m User2 on
PC2 I’m on PC3
Tips & Tricks
• Lab available at: http://cmslab.ciscolive.com
Toggle Menu
Print Presentation
& Lab Manual
Tips & Tricks
Click
• Use Copy / Paste!!!
• CMS CLI / Web pages time out FAST
Right-Click
• CLI / SSH sessions:
Click to open Putty/SSH session, then right-click to paste password
• All device credentials are: admin with password c1sco123
Tips & Tricks
• Redundant tasks often have shortcuts to configure automatically and allow
you to skip ahead.
• At the end of each section, check your work

• Click to call: In most cases, you can click on a link to place the call via
Jabber. Exceptions are when the call is to be placed from one of the
Remote Desktop sessions. In those cases copy/paste can be used.
Lab Topology Standard SIP
MS SIP
Unified CM: @pod#.cms.lab
CMS: @conf.pod#.cms.lab
Internal Skype: @s4b.cms.lab
East DC West DC HTTPS/WebRTC External Skype: @ms.lab
S4B
s4b.cms.lab
cms1a cms1c
cms1b
Public DNS
DB cluster, CallBridge Cluster,
XMPP Cluster, WebBridge cmsgw
Skype for Business (PC3)
CMM [email protected]
TURN Organization
WebRTC Client with MS
(Lab Laptop) Infrastructure
expc1a expe1a
cucm1a
cucm1b
PodUser4 / Jabber B2B standard SIP
(Lab Laptop) [email protected]
WebRTC
Client (PC3)
Internal DNS
PodUser1 / Jabber PodUser2 / Jabber

(PC1) (PC1)
http://cmslab.ciscolive.com
Cisco Webex Teams
Questions?
Use Cisco Webex Teams (formerly Cisco Spark)
to chat with the speaker after the session
How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
cs.co/ciscolivebot#LTRCOL-2250
Complete your online
session survey
• Please complete your Online Session
Survey after each session
• Complete 4 Session Surveys & the Overall
Conference Survey (available from
Thursday) to receive your Cisco Live T-
shirt
• All surveys can be completed via the Cisco
Events Mobile App or the Communication
Stations
Don’t forget: Cisco Live sessions will be available for viewing

on demand after the event at ciscolive.cisco.com
Continue Your Education
Demos in Meet the Related

Walk-in
the Cisco engineer sessions
self-paced
Showcase labs 1:1
meetings
Thank you
Reference
Material
Which Components are Needed
Audio / Video / Geo
Spaces WebRTC External Access CMA
S4B GW Distribution
✅ Clustered ✅Core
Call Bridge ✅Core ✅Core ✅Core
Web Admin ✅Core ✅Core ✅Core ✅Core
XMPP Server ✅Core ✅Core ✅Core
Web Bridge ✅Edge

Database
✅
(HA & Scale)
Load Balancer ✅Edge ✅Core
Turn Server ✅Expressway 8.9 ✅Expressway 8.9
Cisco Meeting Server Certificate Requirements
Component Certificate Type Comments
WebAdmin self-signed
Public CA Signed
WebBridge self-signed Public CA signed certificate required only if
Public CA Signed CMA WebRTC is used
CallBridge self-signed Self-signed certificates cannot be used in a

Public CA Signed Skype/Lync deployment.
Deployments with TLS SIP Trunks cannot use
self signed certificates.
Trunk self-signed
Public CA Signed
LoadBalancer self-signed
Public CA Signed
Database Cluster Public CA Signed Self-signed certificates cannot be used in a

clustered deployment
Recorder Server self-signed Applications that interface to external devices require Public CA
certificates. Applications that interface internally in the Cisco
Streaming Server self-signed Meeting Server only require certificates signed by an Internal CA.
Self-signed certificates can be created via the MMP interface on
Cisco Meeting however it is strongly recommended that self-
signed certificates only be used for test environments.
Cisco Meeting Server DNS Requirements
Record Type Example Resolves to Description
SRV (*) _xmpp-client._ tcp.example.com The A record xmpp.example.com below. Used by clients to login. The SRV record must
Usually this is port 5222. correspond to the domain used in your XMPP
usernames
SRV (*) _xmpp-server._ tcp.example.com The A record xmpp.example.com below. Used to federate between XMPP servers. The
Usually this is port 5269 SRV record must correspond to the domain
used in your XMPP usernames
A xmpp.example.com IP address of either the XMPP server or a Used by clients to login
Load Balancer which is configured to trunk
to the XMPP server.
A / AAAA join.example.com IP address of Web Bridge This record is not used by the CMS directly;
however, it is common practice to provide an
end user with an FQDN to type into the browser
which resolves to the Web Bridge. There is no
restriction or requirement on the format of this
record.
A / AAAA ukcore1.example.com IP address of the Call Bridge Used by the Lync FE server to contact the Call
nycore1.example.com Bridge
A / AAAA ukcoreadmin.example.com IP address of the MMP Interface This record is used purely for admin pur- poses;
when system administrators prefer a FQDN to
remember for each MMP interface.
SRV (*) _sipinternaltls._tcp.fe.lync-domain.com The A record of the Lync FE server or If you have an FE pool, you can have multiple
FE records pointing to individual FE servers
FE Pool within the pool
A / AAAA fe.lync-domain.com IP address of the Lync FE server You will need one record for each individual FE
server
Dual Home Conference Modes
New in Cisco Meeting Server 2.3
CMS1 CMS2 CMS1 CMS2 CMS1 CMS2
Lync FE / Lync FE / Lync FE /

AVMCU AVMCU AVMCU
Dual Home Cluster Dual Home CallBridge Gateway

• One call to S4B • Up to one call to S4B • One call to S4B per
• Default; same as in in per CallBridge endpoint
older versions • Less inter-cluster links • No inter-cluster links

Ltrcol 2250

Uploaded by

Ltrcol 2250

Uploaded by

LTRCOL-2250

Multiparty Conferencing for Audio,

Paul Giralt ([email protected])

Audio Video Web Content

User experience Virtually limitless scale Extensible design

Lync/S4B Direct Cisco Meeting App

Lync FE Cisco Meeting App

cms1a cms1b cms1c

• CMS API Introduction o Web Proxy and TURN server

CLI / MMP Web GUI API SFTP

SSH, Dial Plan and Most Licenses,

Phone / PSTN: Skype for Business

Key parameters for mapping

Plan certificates in advance and combine where possible!

• Call Bridge Cluster

Incoming Call Rules Forwarding Rules Outgoing Call Rules

• Is the call for this CMS? • Should the call be • Destination?

Gateway : call goes across CMS for adaptation and transcoding

Outbound call arrives at Exp-C: Outbound DNS Zone:

• One “Outside” client

• All are Remote Desktop

• At the end of each section, check your work

PodUser1 / Jabber PodUser2 / Jabber

Don’t forget: Cisco Live sessions will be available for viewing

Demos in Meet the Related

Web Admin ✅Core ✅Core ✅Core ✅Core

XMPP Server ✅Core ✅Core ✅Core

Web Bridge ✅Edge

Turn Server ✅Expressway 8.9 ✅Expressway 8.9

CallBridge self-signed Self-signed certificates cannot be used in a

Database Cluster Public CA Signed Self-signed certificates cannot be used in a

CMS1 CMS2 CMS1 CMS2 CMS1 CMS2

Lync FE / Lync FE / Lync FE /

Dual Home Cluster Dual Home CallBridge Gateway

You might also like