Cisco Jabber 8.x Pilot Deployment Guide-1.2

Cisco Jabber 8.
x Pilot Deployment Guide

Version 1.2
Advanced Services, Collaboration Team
Document Usage
This document covers the on-prem and hybrid cloud deployment models for
different Jabber clients. The below tables give the components needed when
configuring a particular deployment model.
Click on any of the features below to go to the respective configuration.
On-Prem Deployment Model

IM/Presence
IM/Presence +
Voice
IM/Presence
IM/Presence +
Voice + Video
IM/Presence
LDAP Integration
LDAP Integration
LDAP Integration
VOICE
VOICE
IM/Presence
IM/Presence
+ 3rd party
IM/Presence
LDAP
Integration
Third-Party
Integration
VIDEO
Hybrid Cloud Deployment Model

IM/Presence + Voice
VOICE
Hybrid-Cloud Deployment
IM/Presence + Voice + Video

VOICE
VIDEO
VOICE
Jabber for Windows
Jabber for Mac
Jabber for iPhone
Jabber for iPad
Jabber for Android
Copyright 2012 Cisco Systems, Inc. All Rights Reserved.
Table of Contents
Document Usage

VOICE
2
2
2
Table of Contents
Figures
Tables
13
Version Control
14
Purpose
15
Prerequisites/Assumptions
15
Recommendations
17
Jabber Architecture
18

18
19
Network Requirements
21
Jabber for Windows

Connection Requirements for Cloud-Based Deployments
Jabber for MAC
Jabber for iPhone
Jabber for iPad
Jabber for Android
21
22
23
24
24
26
IM/Presence
27
Cisco Unified Presence Postinstallation Setup

27
Activating Cisco Unified Presence Services
31
Cisco Unified Presence Server Node Name Considerations
33
Cisco Unified Presence Server Node Name Defined by Hostname
34
Cisco Unified Presence Server Node Name Defined by IP Address
34
Changing Hostname to IP Address After Installation for Cisco Unified Presence Deployed
Without DNS domains
35
Changing Proxy Domain Name for Cisco Unified Presence Deployed Without DNS domains
35
CUP Cluster Deployment
37
High Availability
37
LDAP Integration
39
Configuring LDAP Synchronization
40
Configuring LDAP Authentication

LDAP Integration for Jabber for Windows
Uploading the configuration file
Configure the TFTP Setting for Jabber for Windows to download jabber-config.xml file
LDAP User lookup for Android, Mac, iPad & iPhone Jabber Clients
Configuring the LDAP Attribute Map
Configuring LDAP Server
Creating LDAP Profiles and Adding Cisco Jabber Users to the Profile
Cisco Unified Presence Cisco UCM Integration
Assigning the Licensing Capabilities
Assign Roles and Permissions for End Users
Modifying the User Credential Policy
Configuring the SIP Trunk Security Profile for Cisco Unified Presence
Configuring the SIP Trunk for Cisco Unified Presence
Specifying Cisco Unified Presence Publish Trunk in Cisco UCM Service Parameters
Cisco Unified Presence Server Integration Steps
Configuring the Presence Gateway
Configuring the SIP Publish Trunk on Cisco Unified Presence
Configuring the Proxy Server Settings
45
46
46
47
48
48
49
50
52
52
53
54
55
56
58
58
58
59
60
VOICE
62
Server Configuration for Client provisioning

Jabber for Windows
Jabber for Mac
Jabber for iPhone
Jabber for iPad
Jabber for Android
Configuring Cisco Unified Communications Manager
Create the SIP Trunk Security Profile
Create the SIP Profile
Create the SIP Trunk
Create a Route Pattern
Create the Voice Mail Pilot
Set Up the Voice Mail Profile
Configuring Cisco Unity Connection
Add the Phone System
Add Port Groups
Add ports
Test the Telephony Configuration
62
62
81
94
101
110
116
116
117
119
121
122
123
124
124
125
127
129
VIDEO
130
Configuring Unified Communications Manager for Video

Configuring Phones with Video capabilities on CUCM server and enable video.
Configuring Cisco Unified Communications Manager regions to support HD video.
Configuring MCU as Video Conference Bridge for HD video Conference on CUCM
Configuring MRG for Video Conference
Configuring the SIP Trunk Security Profile for Video communication server
Configuring the SIP Profile for Video communication server
Configuring the SIP Trunk for Video Communication server.
Cisco VCS Installation and Configuration
130
130
134
135
140
142
143
144
148
Cisco VCS Installation

Cisco VCS Software Upgrade
Cisco VCS configuration
Endpoints Registration with Cisco VCS
148
150
151
156
Third-Party Integration
159
Cisco Unified Presence Federation Overview

Limitation with Third-Party Federations
Federation Deployment models
Inter-domain Direct SIP federation
Federation with Microsoft Lync Server with Static Routes over TCP
Federation with Lync Server with Static Routes over TLS
Partitioned Intra-Domain Federation with OCS
CUPS Inter-domain TCP federation with CUPS
159
160
160
161
162
174
197
207
213
Webex Configuration
Sign in to the Administration Tool
Cisco Webex Administration Tool interface
Creating new users
Webex Site Configuration
Policy configuration
Understanding policies and policy actions
Understanding Groups
Cisco Unified Communications integration with Cisco WebEx
Configuring Cisco UC Integration (CUCM) Cisco WebEx
Understanding the unified communications screen
Specifying Visual Voicemail settings
Creating unified communications clusters
Specifying Cisco Unified Communication Manager integration with Cisco Jabber
Meeting URL configuration
Entering instant message blocking settings
Specifying IM Federation settings
213
213
214
214
224
224
224
237
240
241
241
242
245
248
253
253
254
References
256
Figures
Figure 1 : On-Prem Deployment Model .......................................................................................................... 19
Figure 2 : Hybrid Cloud Deployment Model ................................................................................................. 20
Figure 3 : Access the Unified Presence Server Admin page .................................................................... 28
Figure 4 : Login to Unified Presence Server Admin ................................................................................... 28
Figure 5 : Unified Presence Server Post Install Setup CUCM information ...................................... 29
Figure 6 : Unified Presence Server Post Install Setup AXL information ......................................... 29
Figure 7 : Unified Presence Server Post Install Setup Security Password...................................... 30
Figure 8 : Unified Presence Server Post Install Setup Final Screen .................................................. 30
Figure 9 : Unified Presence Server Post Install Setup Section Navigation ..................................... 31
Figure 10 : Activate Unified Presence Service Activation ........................................................................ 31
Figure 11 : Verify the Status of Unified Presence Services ...................................................................... 32
Figure 12 : Cluster Topology Details ............................................................................................................... 34
Figure 13 : Cluster Topology with IP address .............................................................................................. 34
Figure 14 : Cluster Wide Topology Settings .................................................................................................. 36
Figure 15 : Balanced User Assignment Non- Redundant High Availability Deployment ............. 38
Figure 16 : Active/Standby User Assignment High Availability Deployment .................................. 39
Figure 17 : Jabber Security Settings ................................................................................................................. 48
Figure 18 : License Capabilities Assignment ................................................................................................ 52
Figure 19 : License Capabilities Assignment Verification ....................................................................... 52
Figure 20 : Roles assignment to end users .................................................................................................... 53
Figure 21 : Modify Credential policy for Application/End users .......................................................... 54
Figure 22 : CUPS SIP Trunk Security profile ................................................................................................. 55
Figure 23 : CUPS SIP Trunk ................................................................................................................................. 56
Figure 24 : CUPS SIP Trunk SIP Information configuration .................................................................... 57
Figure 25 : Configuring the CUP Publish Trunk in CUCM Service Parameters................................. 58
Figure 26 : Configuring Presence Gateway ................................................................................................... 59
Figure 27 : Configuring CUP Publish Trunk on CUPS ................................................................................ 60

Figure 28 : Configuring Proxy Server Settings ............................................................................................. 61
Figure 29 : Jabber for Windows - Device Configuration ........................................................................... 63
Figure 30 : Jabber for Windows - Protocol Specific Information ......................................................... 63
Figure 31 : Jabber for Windows-DN configuration..................................................................................... 66
Figure 32 : Jabber for Windows - Configuring Desk Phone .................................................................... 68
Figure 33 : Jabber for Windows - Protocol Specific Info Desk Phone ............................................. 69
Figure 34 : Jabber for Windows - Desk Phone- DN configuration........................................................ 70
Figure 35 : Jabber for Windows - Device Association End user......................................................... 71
Figure 36 : Jabber for Windows - Roles assignment for End user ....................................................... 72
Figure 37 : Configuring TFTP server in CUPS for Jabber .......................................................................... 73
Figure 38 : Configuring CTI gateway in CUPS for Deskphone control ................................................. 74
Figure 39 : Configuring CTI gateway profile ................................................................................................. 75
Figure 40 : User assignment to CTI gateway profile .................................................................................. 75
Figure 41 : Configuring CCMCIP profile for IP Phone services ............................................................... 76
Figure 42 : User assignment to CCMCIP profile ........................................................................................... 77
Figure 43 : IMAP configuration in Unity connection for Jabber ............................................................ 78
Figure 44 : Configuring Mailstore for Jabber users.................................................................................... 78
Figure 45 : Configuring Voicemail Server for Jabber users..................................................................... 79
Figure 46 : Configuring Voicemail profile for Jabber users .................................................................... 79
Figure 47 : User assignment to Voicemail profile ....................................................................................... 80
Figure 48 : Jabber for MAC Device configuration .................................................................................... 81
Figure 49 : Jabber for MAC DN configuration ............................................................................................ 83
Figure 50 : Jabber for MAC Deskphone configuration ........................................................................... 84
Figure 51 : Jabber for MAC Device association for end user................................................................ 85
Figure 52 : Jabber for MAC Roles assignment for end user.................................................................. 86
Figure 53 : Jabber for MAC DN end user association .............................................................................. 87
Figure 54 : Jabber for MAC configuring CCMCIP profiles ...................................................................... 88
Figure 55 : Jabber for MAC Configuring CCMCIP profile ....................................................................... 90

Figure 56 : Jabber for MAC Assign end users to CTI gateway profile ............................................... 90
Figure 57 : Jabber Security Settings ................................................................................................................. 91
Figure 58 : IMAP configuration in Unity Connection ................................................................................. 92
Figure 59 : Jabber for iPhone Device Configuration ............................................................................... 95
Figure 60 : Jabber for iPhone Protocol Specific Information .............................................................. 96
Figure 61 : Jabber for iPhone DN configuration ....................................................................................... 97
Figure 62 : Jabber for iPhone Device association for end user .......................................................... 98
Figure 63 : Jabber for iPhone - Product Specific Configuration for Voicemail ................................ 99
Figure 64 : Jabber for iPhone Configuring SIP dual mode timer..................................................... 100
Figure 65 : Jabber for iPad SIP profile configuration .......................................................................... 103
Figure 66 : Jabber for iPad Device configuration ................................................................................. 104
Figure 67 : Jabber for iPad Protocol Specific configuration ............................................................. 104
Figure 68 : Jabber for iPad DN configuration ......................................................................................... 105
Figure 69 : Jabber for iPad Device association for end user ............................................................. 106
Figure 70 : Jabber for iPad IMAP configuration .................................................................................... 107
Figure 71 : Jabber for iPad Product configuration layout ................................................................. 108
Figure 72 : Jabber for Android Device configuration .......................................................................... 114
Figure 73 : Jabber for Android Protocol specific information ......................................................... 114
Figure 74 : Jabber for Android DN configuration ................................................................................. 115
Figure 75 : Unity Connection SIP Trunk Security Profile .................................................................. 117
Figure 76 : Unity Connection SIP profile .................................................................................................. 118
Figure 77 : Unity Connection SIP Trunk ................................................................................................... 120
Figure 78 : Unity Connection SIP Trunk Inbound calls ................................................................... 120
Figure 79 : Unity Connection SIP Trunk Outbound calls ................................................................ 121
Figure 80 : Unity Connection Route Pattern ........................................................................................... 122
Figure 81 : Unity Connection Voicemail Pilot ........................................................................................ 122
Figure 82 : Unity Connection Voicemail profile .................................................................................... 123
Figure 83 : Unity Connection Phone System Basics configuration ................................................. 124

Figure 84 : Unity Connection Port group configuration ..................................................................... 126
Figure 85 : Unity Connection Reset Port Groups .................................................................................. 126
Figure 86 : Unity Connection Add ports ................................................................................................... 127
Figure 87 : Unity Connection Test Telephony configuration ........................................................... 129
Figure 88 : Video Enabling Video capability on the device ............................................................... 130
Figure 89 : Video Adding E20 ....................................................................................................................... 131
Figure 90 : Video E20 Protocol Specific Information .......................................................................... 132
Figure 91 : Video Adding DN......................................................................................................................... 132
Figure 92 : Video Adding EX60 .................................................................................................................... 133
Figure 93 : Video EX60 Protocol specific information ........................................................................ 134
Figure 94 : Video Add DN ............................................................................................................................... 134
Figure 95 : Video Region configuration.................................................................................................... 135
Figure 96 : Video Conference Bridge configuration Add bridge in CUCM ................................ 136
Figure 97 : Video Conference bridge configuration settings in CUCM .......................................... 137
Figure 98 : Video MCU configuration ........................................................................................................ 138
Figure 99 : Video MCU configuration Add user .................................................................................. 139
Figure 100 : Video MCU configuration Media Port reservation ................................................... 139
Figure 101 : Video MCU configuration Advanced Settings ............................................................. 140
Figure 102 : Video Configuring Media Resource Group(MRG) ........................................................ 141
Figure 103 : Video Configuring Media Resource Group List (MRGL) ............................................ 142
Figure 104 : Video Configuring SIP Trunk Security Profile for VCS ............................................... 143
Figure 105 : Video Configuring SIP Profile for VCS .............................................................................. 144
Figure 106 : Video Adding SIP Trunk to VCS ......................................................................................... 145
Figure 107 : Video CUCM-VCS SIP Trunk configuration settings .................................................... 145
Figure 108 : Video CUCM VCS SIP Trunk Call routing settings ......................................................... 146
Figure 109 : Video CUCM VCS SIP Trunk SIP information ................................................................. 147
Figure 110 : VCS Create Domain ................................................................................................................. 151
Figure 111 : VCS Create Zone with CUCM as peer ................................................................................. 152
Figure 112 : VCS Create Transform for SIP Domain ............................................................................ 153
Figure 113 : VCS Create Transform to convert CUCM IP address to SIP domain ...................... 154
Figure 114 : VCS Create Transform to convert VCS IP address to SIP domain ........................... 154
Figure 115 : VCS Rule to remove SIP domain ......................................................................................... 155
Figure 116 : VCS Rule to dial full URI ........................................................................................................ 155
Figure 117 : VCS Rule to route calls to CUCM ......................................................................................... 156
Figure 118 : Inter-Domain SIP Federation ................................................................................................. 161
Figure 119 : Configuring CUPS Service Parameters for Federation over TCP............................... 162
Figure 120 : Service Parameters for SIP Proxy for Federation........................................................... 162
Figure 121 : Configuring SIP Federation ..................................................................................................... 163
Figure 122 : Configuring SIP Federation to OCS/Lync .......................................................................... 163
Figure 123 : Configuring Static routes for Federation ........................................................................... 164
Figure 124 : Configuring Static Routes ........................................................................................................ 165
Figure 125 : Restart CUPS services for federation configuration ...................................................... 165
Figure 126 : Lync Server Management Shell configuration for Static Routes .............................. 166
Figure 127 : Lync Server Management Shell Site Information ....................................................... 167
Figure 128 : Lync Server Management Shell configuration- Add pool ............................................ 168
Figure 129 : Lync Server Download topology ....................................................................................... 169
Figure 130 : Lync Server Configure SIP gateway ................................................................................. 170
Figure 131 : Lync Server Publish Topology ........................................................................................... 171
Figure 132 : Lync Server Configuring Access policy for users ........................................................ 172
Figure 133 : Configuring CUPS Service Parameters for Federation over TLS ............................... 174
Figure 134 : Service Parameters for SIP Proxy for Federation over TLS ........................................ 174
Figure 135 : Configuring SIP Federation ..................................................................................................... 175
Figure 136 : Configuring SIP Federation to OCS/Lync .......................................................................... 175
Figure 137 : Configuring Static routes for Federation ........................................................................... 176
Figure 138 : Configuring Static Routes ........................................................................................................ 176
10
Figure 139 : Configuring TLS peer subject ................................................................................................ 177

Figure 140 : Configuring TLS context ........................................................................................................... 178
Figure 141 : Validating Lync certificate ...................................................................................................... 178
Figure 142 : Verify Peer Server Status ......................................................................................................... 179
Figure 143 : CUPS Certificate Management ................................................................................................ 180
Figure 144 : Certificate List .............................................................................................................................. 180
Figure 145 : Generate CSR ................................................................................................................................ 182
Figure 146 : Download CSR .............................................................................................................................. 183
Figure 147 : Import Certificate for CUPS ..................................................................................................... 184
Figure 148 : Import Certificate to CUPS ...................................................................................................... 185
Figure 149 : Restart CUPS services for certificate upload .................................................................... 186
Figure 150 : Lync Add Static Route to CUPS ............................................................................................ 189
Figure 151 : Lync Server Management Shell Site Information ........................................................ 190
Figure 152 : Lync Server Management Shell Trusted application server ................................... 191
Figure 153 : Lync Download topology ...................................................................................................... 192
Figure 154 : Lync Publish Topology .......................................................................................................... 194
Figure 155 : Lync Configure user policy ................................................................................................... 195
Figure 156 : Lync Add allowed domain .................................................................................................... 196
Figure 157 : Webex Admin tool login ........................................................................................................... 213
Figure 158 : Webex admin page ..................................................................................................................... 214
Figure 159 : Webex admin Users ................................................................................................................ 216
Figure 160 : Webex admin Add users ....................................................................................................... 216
Figure 161 : Webex admin Add policy group ......................................................................................... 217
Figure 162 : Webex admin Edit User account settings ....................................................................... 218
Figure 163 : Webex admin UC settings for user .................................................................................... 219
Figure 164 : Webex admin import/Export User ................................................................................... 221
Figure 165 : Webex admin CSV file for user import ............................................................................ 223
Figure 166 : Webex admin Webex site configuration ......................................................................... 224
11
Figure 167 : Webex admin Policy example 1 ......................................................................................... 225

Figure 168 : Webex admin Policy example 2 ......................................................................................... 225
Figure 169 : Webex admin Add policy ...................................................................................................... 226
Figure 170 : Webex admin Add actions to a policy .............................................................................. 227
Figure 171 : Webex admin Group information ..................................................................................... 237
Figure 172 : Webex admin Add Group ...................................................................................................... 238
Figure 173 : Webex admin Edit Group ...................................................................................................... 239
Figure 174 : Webex admin Delete Group ................................................................................................. 240
Figure 175 : Webex admin Unified Communications Configuration ............................................. 242
Figure 176 : Webex admin Visual Voicemail configuration ............................................................. 244
Figure 177 : Webex admin Unified Communications click to call settings ................................. 246
Figure 178 : Webex admin Add new cluster ........................................................................................... 247
Figure 179 : Webex admin Meeting URL configuration ..................................................................... 253
Figure 180 : Webex admin IM Block settings ......................................................................................... 254
Figure 181 : Webex admin IM federation settings ............................................................................... 255
12
Tables
Table 1 Configuration checklist for IM/Presence Deployment ............................................................. 27
Table 2 Configuration checklist for Voice Deployment ............................................................................ 62
Table 3 Configuration checklist for Video Deployment ........................................................................ 130
Table 4 Configuration checklist for Third Party Integration .............................................................. 159
Table 5 Configuration checklist for Cloud deployment ......................................................................... 213
13
Version Control
Modification History
Version No.
1.0
Issue Date
21-Aug-2012
1.1
10-Oct-2012
1.2
21-Dec-2012
Changes
First Version
Added:
- LDAP Integration
- XMPP Federation between CUPS
- CUPS Intra Domain Federation with OCS 2007
Added:
- Network Infrastructure requirements for
Clients
- Timer information for Mobile clients
- VCS installation and configuration with
endpoints registration
14
Purpose
This document covers the steps required to deploy Cisco Jabber for Everyone in
on-prem and hybrid cloud deployment models for pilot deployments.
The document comprises of separate sections for:
- IM/Presence
- Voice
- Video
- Third party integration for XMPP,SIP federation
- Webex Cloud configuration
Prerequisites/Assumptions
1. Cisco UCM and Cisco Unified Presence are already installed on the
recommended platform.
Cisco UCM Installation Guide:

www.cisco.com/en/US/docs/voice_ip_comm/cucm/install/8_6_1/install/cm
ins861.html
Cisco Unified Presence Installation Guide:

www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/install_upgr
ade/installation/guide/Installation_Guide_for_Cisco_Unified_Presence_Relea
se_8.6.html
2. Licenses have been procured for Cisco UCM and Cisco Unified Presence.
In order to take advantage of the free IM and Presence offering of Jabber for
Everyone, you will need to obtain the license COP file (ciscocmfree_im_v1.0.cop.sgn). This file can be obtained directly from Cisco.com. For
example, version 8.6 is at this link:
http://www.cisco.com/cisco/software/release.html?mdfid=283782839&flowid=26
422&softwareid=282204704&release=UCT&relind=AVAILABLE&rellifecycle=&relt
ype=latest
3. Cisco UCM services have been startedCallManager and AXL Web Service.
4. Wireless and network services have been provisioned.
5. Required firewall ports have been opened. See the list below:
www.cisco.com/en/US/docs/voice_ip_comm/cups/8_0/english/port/cupsp
ortusage.html
15
6. Clients have been installed with compatible software levels.
Cisco Unified Presence software compatibility:

www.cisco.com/en/US/docs/voice_ip_comm/cups/8_0/english/compatibilit
y/cupcompatibility8x.html#wp65733
7. Customer or partner possesses valid Cisco Technical Assistance Center (TAC)

contract for troubleshooting and configuration assistance.
8. The following software versions were used to create this document.
Components
Software Version
Cisco UCM
Cisco Unified
Presence
8.6.2.20000-2
Features
Supported
8.6.3.10000-23
Jabber for Mac
8.6.3
Jabber for Windows
9.0.3
Jabber IM for iPhone
1.0.1
Jabber for iPhone
8.6.4
Jabber for iPad
9.0.1
Jabber for Android
8.6.4
IM/Presence +
Voice
IM/Presence +
Voice
IM/Presence
IM/Presence +
Voice
IM/Presence +
Voice + Video
Voice
16
Recommendations
Below are some of the recommendations for a Jabber deployment.
1. DNS enabled environment.
2. CUCM LDAP sync and authentication.
3. On-premise deployment should always be deployed with directory
integration.
4. Device Names:
a. Desktop Clients For Jabber for Windows and Jabber for MAC the
device name can be free form. However it is recommended to use
CSF<name> e.g CSFJOHNCHAMB for the device name. This makes it
easier to identify and troubleshoot if needed.
b. Mobile Clients Device names should start with specific keywords
i. Jabber for iPhone TCT, e.g TCTIPHONE
ii. Jabber for iPad TAB, e.g TABIPAD
iii. Jabber for Android BOT, e.g BOTANDROID
17
Jabber Architecture
There are two deployment models for the Jabber solution which are discussed in
this document.
1. On-Premises
2. Hybrid Cloud

The on-prem deployment model consists of the following features and components:
Client uses on premise services for IM/Presence, Voice, Video

User configuration on CUCM
Client configuration on CUCM & CUP
Audio conference by DSP Resources
Voice Messaging by CUC
Contact source: EDI/UDS for Jabber Windows and LDAP for other Jabber
clients
Aligns with CUPC model
Video conference by MCU
Federation with MS OCS 2007/ Lync 2010
XMPP federation with Google talk, IBM Same time 8.2 / 8.5 & 3rd party XMPP
complaint server
SIP federation with Microsoft OCS/LCS/Lync server and AOL server
Calendar integration with MS Exchange 2010
18
Figure 1 : On-Prem Deployment Model

The hybrid cloud deployment model consists of the following features and
components:
Client uses webex cloud services for IM/Presence

Client uses on-prem services for Voice and Video.
User configuration on Webex cloud org admin tool.
Client configuration on CUCM & CUP
Audio conference by DSP Resources
Voice Messaging by CUC
Video conference by MCU
19
Figure 2 : Hybrid Cloud Deployment Model
20
Network Requirements
For all the Jabber clients there are some strict requirements for ports and protocols
that need to be opened in the firewall or to be accessed for various communications.
The below tables give the information on the same.
Jabber for Windows

ICMP should be allowed for Jabber for windows to communicate to CUCM.
Port
Protocol
Description
Inbound
16384 to 32766
UDP
69
UDP
6970
HTTP
80
TCP
(HTTP)
143
IMAP
389
(TCP)
UDP / TCP
3268
TCP
Receives Real-Time Transport Protocol (RTP)

media streams for audio and video. You set
these ports in Cisco Unified Communications
Manager.
Outbound
Connects to the Trivial File Transfer Protocol
(TFTP) server.
Connects to the TFTP server to download Cisco
Jabber for Windows configuration files.
Connects to services such as Cisco WebEx
Meeting Center for meetings or Cisco Unity
Connection for voicemail.
Connects to Cisco Unity Connection to access,
download, and play voicemail messages.
Connects to an LDAP directory service.
Connects to a Global Catalog server for contact
searches.
(HTTPS)
Connects to services such as such as Cisco

WebEx Meeting Center for meetings or Cisco
Unity Connection for voicemail.
636
LDAPS
Connects securely to an LDAP directory service.
3269
LDAPS
Connects securely to the Global Catalog server.
443
993
TCP
IMAP
(SSL)
Connects to Cisco Unity Connection to retrieve

and manage the list of voice messages for the
user, and the voice messages themselves.
21
2748
TCP
5060
UDP / TCP
5061
TCP
TCP
5222
(XMPP)
IMAP
7993
(TLS)
8191
TCP
Connects to the CTI gateway, which is the CTI

Manager component of Cisco Unified
Communications Manager.
Provides Session Initiation Protocol (SIP) call
signaling.
Provides secure SIP call signaling.
Connects to Cisco Unified Presence for instant
messaging and presence.
Connects to Cisco Unity Connection to access,
download, and play secure voicemail messages.
Connects to the local port to provide Simple
Object Access Protocol (SOAP) web services.
8443 is the port for web access to Cisco Unified
Communications Manager and includes
connections for the following:
8443
HTTPS
Cisco Unified Communications Manager IP

Phone (CCMCIP) server for assigned devices.
User Data Service (UDS) for contact resolution.
16384 to 32766
UDP
Sends RTP media streams for audio and video.
53
DNS
Provides hostname resolution.

Sends peer to peer file transfers.
1080
SOCKS5
Bytestreams
If port 1080 is in use, Cisco Jabber for Windows

attempts to use the next available port in the
range from 1081 to 1089.
In on-premises deployments, Cisco Jabber for
Windows also uses this port to send screen
captures.
Connection Requirements for Cloud-Based Deployments

Cisco Jabber for Windows requires open, unrestricted access on ports 80 and 443
between the client and the following domains:
webex.com and all subdomains
webexconnect.com and all subdomains
22
Jabber for MAC

Port
Protocol
1638432766
UDP
69
UDP
TCP
80
HTTP
IMAP
143
389
(TCP /
TLS)
TCP
TCP
443
HTTPS
636
LDAPS
IMAP
993
(SSL)
2748
5060
5061
TCP
UDP /
TCP
TCP
TCP
5222
(XMPP)
IMAP
7993
(TLS)
8191
TCP
8443
TCP
16384-
UDP
Description
Inbound
Receives Real-Time Transport Protocol (RTP) media
streams for audio. These ports are configured in Cisco
Unified Communications Manager.
Outbound
Connects to the Trivial File Transfer Protocol (TFTP) server
to download the TFTP file.
Connects to services such as Cisco Unified MeetingPlace or
Cisco WebEx for meetings, Cisco Unity or Cisco Unity
Connection for voicemail features.
Connects to Cisco Unity or Cisco Unity Connection to retrieve
and manage the list of voice messages for the user, and the
voice messages themselves.
Connects to the LDAP server for contact searches.
Connects to services such as Cisco Unified MeetingPlace or
Cisco WebEx for meetings, Cisco Unity or Cisco Unity
Connection for voicemail features.
Connects to the secure LDAP server for contact searches.
Cisco Jabber for Mac does not support port 3269
Note
(Active Directory Global Catalog over LDAPS).
Connects to Cisco Unity or Cisco Unity Connection to retrieve
and manage the list of voice messages for the user, and the
Connects to the CTI gateway, which is the CTIManager
component of Cisco Unified Communications Manager.
Provides Session Initiation Protocol (SIP) call signaling.
Provides secure SIP call signaling.
Connects to the Cisco Unified Presence server for availability
status and instant messaging features.
Connects to Cisco Unity Connection to retrieve and manage
the list of secure voice messages for the user, and the secure
Connects to the local port to provide Simple Object Access
Protocol (SOAP) web services.
Connects to the Cisco Unified Communications Manager IP
Phone (CCMCIP) server to get a list of currently-assigned
devices.
UDP Sends RTP media streams for audio.
23
32766
44442
HTTP
The client listens for events from Cisco Unified Client

Services Framework.
Jabber for iPhone

Feature
Protocol
Network
Protocol
Port
Remarks
Unified CM
Registration
TCP
TCP
5060
SIP port for Unified CM

Registration
Internet Calling
TFTP
UDP
69, then
Ephemeral
N/A
Desk Phone
Integration
QBE
TCP
2748
N/A
Media
RTP
UDP
1638432766
UDP
20002050
This range is specified by the

Unified CM in the device
configuration file. These are
the default values and can be
any valid port.
Client local port used to
connect to the Trivial File
Transfer Protocol (TFTP)
server to download the
TFTP file.
LDAP with optional TLS
LDAPS
Active Directory Global
Catalog over LDAP
Active Directory Global
Catalog over LDAPS
Directory
Directory
LDAP
LDAPS
TCP
TCP
389
636
Directory
LDAP
TCP
3268
Directory
LDAPS
TCP
3269
IMAP
TCP
143
N/A
IMAP
TCP
7993
IMAP with SSL/TLS
8080
Client
Unity
Connection
Voicemail
Unity
Connection
Voicemail
Extension
Mobility
Jabber for iPad

Port
Protocol
Description
Inbound
24
16384-32766
UDP
69
TFTP
80 and 6970
HTTP
5060
UDP/TCP
5061
TCP
8443
TCP
16384-32766
389
443
UDP
TCP
VMRest
7080
HTTPS
8443
HTTPS
636
LDAPS
Receives Real-Time Transport Protocol (RTP) media

streams for video and audio. You set up these ports
in Cisco Unified Communications Manager.
Outbound
Connects to the Trivial File Transfer Protocol (TFTP)
server to download the TFTP file
Connects to services such as Cisco WebEx Messenger
for meetings and Cisco Unity Connection for
voicemail features
If no port is specified in a TFTP server address, Cisco
Jabber for iPad will try port 6970 to obtain phone
setup files and dial rule files.
Provides Session Initiation Protocol (SIP) call
signaling
Provides secure SIP call signaling
Connects to the Cisco Unified Communications
Manager IP Phone (CCMCIP) server to get a list of
currently assigned devices
UDP Sends RTP media streams for video and audio
Connects to the LDAP server for contact searches
Connects to Cisco Unity Connection to retrieve and
manage voice messages.
Connects to the User Data Services (UDS) for contact
searches in Cisco Unified Communications Manager
Connects to the secure LDAP server for contact
searches
25
Jabber for Android

Feature
Unified CM
Registration
Internet
Calling
Desk Phone
Integration
Protocol
Network
Protocol
Port
Remarks
TCP
TCP
5060
SIP port for Unified CM Registration
TFTP
UDP
69
N/A
QBE
TCP
2748
N/A
Media
RTP
UDP
1638432766
Directory
Unity
Connection
Voicemail
Unity
Connection
Voicemail
LDAP
TCP
389
This range is specified by the Unified

CM in the device configuration file.
These are the default values and can
be any valid port.
LDAP with optional TLS
VMREST
TCP
143
N/A
VMREST
TCP
7993
IMAP with SSL/TLS
26
IM/Presence
IM/Presence is the basic feature of Jabber clients
- Provided by the Unified Presence server in an on-prem deployment.
- Provided by the Webex cloud in a hybrid cloud deployment.
Table 1 Configuration checklist for IM/Presence Deployment
S.No
1
2
3
4
Configuration needed
Unified Presence Post Installation Setup
Unified Presence Unified Communications Manager Integration
Unified Presence Server configuration
LDAP configuration
Cisco Unified Presence Postinstallation Setup

After installing the Cisco Unified Presence publisher, administrators are required to
configure Cisco UCM publisher and AXL information on the Cisco Unified Presence
publisher server. A post installation deployment wizard starts the first time an
administrator logs into Cisco Unified Presence Administration. Follow the steps
below to complete post installation setup on the Cisco Unified Presence publisher.
Log in to the Cisco Unified Presence Administration page by providing the
application username and password that were provided during the installation of
Cisco Unified Presence.
27
Figure 3 : Access the Unified Presence Server Admin page
Figure 4 : Login to Unified Presence Server Admin
After logging in, complete the Post Install Setup Wizard as follows:
Enter the Cisco Unified Communications Manager publisher hostname in the
Hostname field.
[optional] Enter the Cisco Unified Communications Manager publisher IP address
in the IP Address field.
If your network does not have DNS, you must enter an IP address because the
hostname will not automatically resolve to an IP address. If the hostname can
resolve to an IP address using DNS, you can leave the IP address blank, and the
application will detect the IP address automatically.
28
Figure 5 : Unified Presence Server Post Install Setup CUCM information
Enter AXL configuration information:

Enter the user ID for the appropriate application user, who is assigned the Standard
AXL API Access role on the associated Cisco UCM publisher server.
Enter and confirm the AXL password.
Select Next.
By default, the Standard AXL API Access role is assigned to the CCMAdministrator
user ID.
Figure 6 : Unified Presence Server Post Install Setup AXL information
Enter Security Password configuration information:

Change and confirm the security password provided during the initial installation of
Cisco Unified Presence. When installing subsequent Cisco Unified Presence servers,
29
note that those subscriber servers will use this new security password and not the
one used during the installation of the Cisco Unified Presence publisher server.
Select Next.
Figure 7 : Unified Presence Server Post Install Setup Security Password
Verify your configuration, and complete one of the following actions:

Select Back to correct an error.
Select Confirm to proceed.
Figure 8 : Unified Presence Server Post Install Setup Final Screen
Perform one of the following actions:

Select Home to view the Cisco Unified Presence Administration window.
Select System Dashboard to view the Cisco Unified Presence System Dashboard
window.
Select Topology to view the Cluster Topology window.
30
Figure 9 : Unified Presence Server Post Install Setup Section Navigation
Configuration of the Cisco Unified Presence publisher server is now complete.

Activating Cisco Unified Presence Services
1. Select Cisco Unified Serviceability > Tools > Service Activation.
2. Select the Cisco Unified Presence server from the Server menu.
3. Turn on the following services on all presence servers.
Cisco UP SIP Proxy
Cisco UP Presence Engine
Cisco UP Sync Agent
Cisco UP XCP Authentication Service
Cisco UP XCP Connection Manager
Figure 10 : Activate Unified Presence Service Activation
31
4. Click Save.
5. Ensure that the services are running from Cisco Unified Presence
Serviceability > Tools > Control Center-Feature Services.
Figure 11 : Verify the Status of Unified Presence Services
32
NOTE:
If an error message displays, check that AXL is running on Cisco UCM and that you
have the correct user ID and password. Using a browser, enter http://<<CUCM
Hostname>>/axl. You will be prompted for the user ID and password. If the details
that you enter are correct, a web page displays confirmation that AXL is running and
ready to receive requests.
You cannot run the Post Installation Setup Wizard a second time. If you need to
change the Cisco UCM publisher address or AXL information after this initial
configuration, select System > CUCM Publisher in Cisco Unified Presence
Administration.
Subsequent servers on Cisco Unified Presence will obtain the Cisco Unified
Communications Manager publisher information from the publisher server
following the configuration checks on the publisher server.
Cisco Unified Presence Server Node Name Considerations

If the Cisco Unified Presence Server node name (CUPS Admin Page -> System ->
Cluster Topology is configured as HOSTNAME rather than as an IP address, and
that hostname is not resolvable, Cisco Jabber will be unable to connect to that
server.
Resolution:
1. For Cisco Unified Presence deployed with DNS, have a DNS entry to resolve the
Cisco Unified Presence fully qualified domain name (FQDN), and also make
sure the workstation is part of the Active Directory domain.
2. If the workstation is not part of the domain, only the FQDN, and not the
hostname, will be resolvable. In that case, you will have to either make that
workstation part of the domain or create a local host entry on that workstation
by editing the hosts file located in C:\WINDOWS\system32\drivers\etc.
Then log back into Cisco Jabber.
3. For Cisco Unified Presence deployed without DNS, change the hostname to the
IP address in Cluster Topology, followed by a restart of the Cisco UP XCP Config
Manager and Cisco UP XCP Router services located in Cisco Unified Presence
Serviceability > Tools > Network Services.
33
Cisco Unified Presence Server Node Name Defined by Hostname

Figure 12 : Cluster Topology Details
Cisco Unified Presence Server Node Name Defined by IP Address

Figure 13 : Cluster Topology with IP address
34
Changing Hostname to IP Address After Installation for Cisco Unified Presence

Deployed Without DNS domains
1. From Cisco Unified Presence Administration, perform the following tasks on
the subscriber server:
a.
Navigate to System > Cluster Topology.
b.
Select Edit under the server in the Subclusters section.
c. Change the IP address of the Cisco Unified Presence server in the Node
Configuration section.
4. Restart the Cisco UP XCP Config Manager and Cisco UP XCP Router services
located in Cisco Unified Presence Serviceability > Tools > Network
Services.
Changing Proxy Domain Name for Cisco Unified Presence Deployed Without
DNS domains
If your Cisco Unified Presence deployment does not use DNS domain, the proxy
domain name is set to DOMAIN.NOT.SET during installation. Cisco recommends that
you change this value to the enterprise domain value after installation is complete.
1. Before you change the domain name, you must stop the following services on
all nodes in the cluster:
Cisco UP Presence Engine: Select Cisco Unified Presence Serviceability

> Tools > Control Center - Feature Services.
Cisco UP Proxy: Select Cisco Unified Presence Serviceability > Tools >
Control Center - Feature Services.
Cisco UP XCP Router: Select Cisco Unified Presence Serviceability >

Tools > Control Center - Network Services.
2. Perform the following steps to configure the new domain value:

a. Select Cisco Unified Presence Administration > System > Cluster
Topology.
b. In the left pane, select Settings.
c. Configure the Domain Name value with the new domain.
35
d. Select Cisco Unified Presence Administration > System > Service

Parameters, select server and then the Cisco UP SIP Proxy service.
e. Configure the Federation Routing Cisco Unified Presence FQDN with the
new domain.
f. You will be prompted to confirm these configuration changes. Select OK for
both prompts, and then select Save.
3. In the command-line interface (CLI), enter the following command to set the
new domain:
set network domain <new_domain>
This command invokes a reboot of the server.
4. Manually regenerate all certificates on the local Cisco Unified Presence
server.
a.
Select Cisco Unified OS Administration > Security > Certificate

Management
b. Click Generate New.

c. Select Certificate Name and click Generate New
d. Repeat Step c. for every type of Certificate
When you regenerate the Tomcat certificate, you must restart Tomcat. You
can restart Tomcat after you regenerate all of the certificates on the local
server. Use this command in the CLI to restart Tomcat: utils service restart
Cisco Tomcat
Figure 14 : Cluster Wide Topology Settings
36
5. After you change the default domain name, you can restart the Cisco UP
Presence Engine, Cisco UP Proxy, and Cisco UP XCP Router services.
CUP Cluster Deployment
The Cisco Unified Presence multi-node scalability feature supports the following:
Six nodes per cluster
45, 000 users per cluster with maximum of 15, 000 users per node in a full
Unified Communication mode deployment
Recommendation: The resources on all Cisco Unified Presence servers are
equivalent in terms of memory, disk size, and age. Mixing hardware classes results
in servers that are under-powered, therefore resulting in poor performance.
You configure a Balanced Mode deployment model. In this case, the total number of
users is equally divided across all nodes in all subclusters. Cisco Unified Presence
defaults to Balanced Mode user assignment to achieve optimum performance.
The multi-node feature introduces the concept of a subcluster. A subcluster is a
single Cisco Unified Presence server, or a pair of Cisco Unified Presence servers,
where each node has an independent database and set of users operating with a
shared availability database that is able to support common users.
High Availability
You have to manually turn on High Availability in a subcluster; Cisco Unified
Presence does not turn on High Availability in a subcluster by default. You can turn
on High Availability in a subcluster when:
there are two nodes in the subcluster, and
both nodes have IP addresses that are resolvable addresses, and
both nodes are running Cisco Unified Presence Release 8.5 or higher.
You can either assign users to the nodes in the subcluster before or after you turn on
High Availability for the subcluster.
Restriction: You can only turn on High Availability in a subcluster when there are
two nodes assigned to that subcluster. The High Availability checkbox does not
display when there are no nodes, or one node, assigned to the subcluster.
1. Cisco Unified Presence Administration > System > Cluster Topology.
2. Select the edit link on the appropriate subcluster.
3. Check Enable High Availability.
37
Note To turn off High Availability for the sublcluster, uncheck Enable High
Availability.
4.
Select Save.
Figure 15 : Balanced User Assignment Non- Redundant High Availability

Deployment
38
Figure 16 : Active/Standby User Assignment High Availability Deployment
LDAP Integration
LDAP Integration with CUCM & CUP is 3 steps process and you can configure a
corporate LDAP directory in this integration to satisfy a number of different
requirements:
LDAP Synchronization: Provision users automatically from the LDAP directory
into the Cisco Unified Communications Manager database. Cisco Unified
Communications Manager synchronizes with the LDAP directory content so you
avoid having to add, remove, or modify user information manually each time a
change occurs in the LDAP directory.
LDAP Authentication: Authenticate users using the LDAP directory credentials.
Cisco Unified Presence synchronizes all the user information from Cisco Unified
Communications Manager to provide authentication for users of the Cisco Jabber
client and Cisco Unified Presence user interface.
LDAP User lookup: Enable LDAP directory lookups in Cisco Unified Presence to
allow Cisco Jabber client users to search for and add contacts buddy list from the
LDAP directory.
39
Configuring LDAP Synchronization

LDAP synchronization uses the Cisco DirSync service on Cisco Unified
Communications Manager to automatically provisions users from the LDAP
corporate directory and to synchronize information (either manually or
periodically) from a corporate LDAP directory. Cisco Unified Communications
Manager still uses its local database, but disables its facility to allow you to create
user accounts. You use the LDAP directory interface to create and manage user
accounts. Here are the steps outlined to enable LDAP synchronization on CUCM.
1. Ensure Cisco DirSync service is activated and running. Select Cisco Unified
Serviceability > Tools > Control Center Feature Services > CUCM Publisher
to verify the status
2. If Cisco DirSync service is not running then Select Cisco Unified Serviceability
> Tools > Service Activation > CUCM Publisher to activate service
3. Select Cisco Unified CM Administration > System > LDAP > LDAP System.
4. Check Enable Synchronizing from LDAP Server and Save. Leave Server
Type and Attribute for User ID to default as depicted below
40
5. Select Cisco Unified CM Administration > System > LDAP > LDAP
Directory
6. Click Add New and you will receive warning message as depicted below
7. Enter LDAP Configuration Name, LDAP Manager Distinguished Credentials

and LDAP User Search Base. LDAP Manager Distinguished Name can be a
LDAP user with read-only permission. Configure LDAP Directory
Synchronization schedule as per the need. As per below depicted
configuration, CUCM will synchronize users in every 7 days.
41
Note: LDAP Manager Distinguished Name can be defined using following

syntax
username@domain- User can be in any OU
CN=username;DC=domain;DC=root i.e.
CN=ucldapsync;DC=jabberlab;DC=pod3;DC=com User should be in
Users OU
Enter the Host Name or IP address of LDAP server and leave other settings to
default and click Save. Use Host Name only if CUCM is configured with DNS.
You can also add redundant LDAP server if applicable
42
8. Click Perform Full Sync Now once LDAP directory gets added successfully
to synchronize users with LDAP server
9. Select Cisco Unified CM Administration > User Management > End User
to verify LDAP synchronization status. LDAP users should appear on End
User page
10. Select Cisco Unified CM Administration > User Group > Standard CCM
End User. Click Add End Users to Group > Select All > Add Selected to add
end users to Standard CCM End User group.
43
11. Select Cisco Unified CM Administration > User Group > Standard CTI
Enabled. Click Add End Users to Group > Select All > Add Selected to add
end users to Standard CTI Enabled group.
12. Select Cisco Unified CM Administration > Server > Licensing >
Capabilities Assignment to enable users for IM & Presence capabilities
44
Configuring LDAP Authentication

The LDAP authentication feature enables Cisco Unified Communications Manager to
authenticate user passwords against the corporate LDAP directory.
1. Select Cisco Unified CM Administration > System > LDAP > LDAP
Authentication.
2. Enable LDAP authentication for users.

3. Configure the LDAP authentication settings.
4. Configure the LDAP server hostname or IP address, and port number
45
If no Lightweight Directory Access Protocol (LDAP) server is configured, end users

will have to create the contact, either by going to the Cisco Unified Presence Server
User Option Page at https://CUPS-IP-ADDRESS/cupuser or by creating it
manually through Cisco Jabber.
LDAP Integration for Jabber for Windows
Jabber for Windows does not use the same LDAP profiles created on Cisco Unified
Presence Server that other clients like Jabber for MAC, iPhone, iPad uses.
A custom configuration file needs to be created and uploaded to the Cisco UCM TFTP
server.
Uploading the configuration file
1. Create a file named jabber-config.xml with any text editor.
Remember:
Use lowercase letters in the filename.
Use UTF-8 encoding.
2. Define the required configuration parameters in jabber-config.xml.

Important note: Ensure that you nest the elements in the configuration file
correctly. If the structure of the configuration file is not valid, Cisco Jabber for
Windows cannot read the settings you define. See the sample XML later in
this guide for more information.
3. Host jabber-config.xml on your TFTP server.
a. Open the Cisco Unified OS Administration interface.
b. Select Software Upgrades > TFTP File Management.
c. Select Upload File.
d. Select Browse in the Upload File section.
e. Select jabber-config.xml on the file system.
f. Do not specify a value in the Directory text box in the Upload File section.
Leave this text box empty to host jabber-config.xml in the default directory of
your TFTP server.
If you host jabber-config.xml in a directory other than the default directory,
you must specify the path and filename as the value of the following
argument on the command line during deployment: TFTP_FILE_NAME. See
46
the Deploy Cisco Jabber for Windows section for more information.
http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/
9_0_1/b_jabber_win_icg_chapter_0101.html
g. Select Upload File.
Sample XML configuration file.
<?xml version="1.0" encoding="utf-8"?>
<config version="1.0">
<Client>
</Client>
<Directory>
<DirectoryServerType>EDI</DirectoryServerType>
<ConnectionType>0</ConnectionType>
<PrimaryServerName>AD IP</PrimaryServerName>
<ServerPort1>GLOBAL CATALOGUE OR DC PORT (389 or 3268, 3268 is
recommended)</ServerPort1>
<UseWindowsCredentials>0</UseWindowsCredentials>
<ConnectionUsername>READ-ONLYUSER@DOMAIN.COM</ConnectionUsername>
<ConnectionPassword>PASSWORD</ConnectionPassword>
<SearchBase1>ou=CUCM Users,dc=starfleet,dc=com</SearchBase1>
<BusinessPhone> telephoneNumber</BusinessPhone>
<HomePhone>homePhone</HomePhone>
<MobilePhone>homePhone</MobilePhone>
</Directory>
<Policies>
</Policies>
<CUCM>
</CUCM>
</config>
The config file can also be created using the below tool.
For more information, refer to the link below:

www.cisco.com/en/US/docs/voice_ip_comm/jabber/Windows/9_0_1/b_jabber_wi
n_icg_chapter_0100.html#task_FB59C36497704E0F8DCE0C9CD77EBA03
Configure the TFTP Setting for Jabber for Windows to download jabberconfig.xml file
1. Log in to the Cisco Unified Presence Administration page.
2. Select Application > Cisco Jabber > Settings.
47
3. Enter Primary TFTP Server and Secondary TFTP Server IP addresses.

Figure 17 : Jabber Security Settings
Note: Even if LDAP integration is not enabled, Jabber for Windows will not be able
to search local CUCM users (IM/Presence enabled)if the jabber-config.xml file is
configured for EDI.
LDAP User lookup for Android, Mac, iPad & iPhone Jabber Clients
Configuring the LDAP Attribute Map
1. Select Cisco Unified Presence Administration > Application > Cisco
Jabber > Settings
2. Select a supported LDAP server from Directory Server Type.
The LDAP server populates the LDAP attribute map with Cisco Jabber user fields
and LDAP user fields.
If necessary, make modifications to the LDAP field to match your specific LDAP
directory. The values are common to all LDAP server hosts. Note the following LDAP
directory product mappings:
Product
LastName Mapping
UserID Mapping
Microsoft Active Directory
SN
sAMAccountName
48
iPlanet, Sun ONE or OpenLDAP
SN
uid
For Cisco Jabber to display the profile photo, in the LDAP attribute map, you must
map the Cisco Jabber "Photo" value to the appropriate LDAP attribute.
Cisco Jabber uses the jpegPhoto LDAP attribute by default to display the
user photo, which is present in the Windows 2003 and 2007 Active Directory
schema.
Windows 2000 Active Directory uses the thumbnailPhoto attribute.
You can set up a parameterized URL string in the Photo field in the LDAP attribute
map so that Jabber can fetch pictures from a web server instead of from the LDAP
server. The URL string must contain an LDAP attribute with a query value
containing a piece of data that uniquely identifies the photo of the user.
Cisco recommends that you use %%<userID>%% as the substitution string.
http://mycompany.example.com/photo/std/%%uid%%.jpg
http://mycompany.example.com/photo/std/%%sAMAccountName%%.jpg
Configuring LDAP Server

Jabber > LDAP Server.
2. Select Add New and enter the LDAP server name. Enter an IP address or an
FQDN (Fully Qualified Domain Name) of the LDAP server.
49
Specify the port number used by the LDAP server. The defaults are:
TCP389.
TLS636.
Check the LDAP directory documentation or the LDAP directory configuration for
this information.
3. Select TCP or TLS for the protocol type.
4. Select Save
Creating LDAP Profiles and Adding Cisco Jabber Users to the Profile
Cisco Jabber connects to an LDAP server on a per-search basis. If the connection to
the primary server fails, Cisco Jabber attempts the first backup LDAP server, and if it
is not available, it then attempts to connect to the second backup server.
Cisco Jabber also periodically attempts to return to the primary LDAP server. If an
LDAP query is in process when the system fails over, the next available server
completes this LDAP query.
Jabber > LDAP Profile.
50
2. Select Add New and enter LDAP Bind DN, password, Search Context (user
search base) into the fields. Select Primary LDAP Server followed by up to 2
Backup servers if applicable.
51
3. Select & Check Make this the Default LDAP Profile for the System
4. Click Add Users to Profile and select all users to add to this profile.
Cisco Unified Presence Cisco UCM Integration
Assigning the Licensing Capabilities
1. Select Cisco Unified Communications Manager Administration > System
> Licensing > Capabilities Assignment.
2. Click Find.
3. Perform one of the following actions:
Click the user link to display the Capabilities Assignment Configuration
window.
To assign capabilities to more than one user, perform the following:
Select users as required.
Click Bulk Assignment.
Figure 18 : License Capabilities Assignment
4. Check Enable CUP.

5. Check Enable CUPC to enable Cisco Unified Personal Communicator
capability.
Figure 19 : License Capabilities Assignment Verification
52
Assign Roles and Permissions for End Users

1. Select User Management > End User.
2. Select the appropriate user from the list.
3. Select Device Association in the Device Information section.
4. Select Find to retrieve a list of available devices.
5. Select the device with which you want to associate the user from the list of
available devices.
6. Select Save Selected/Changes.
9. Select Add to User Group in the Permissions Information section.
10. Select the appropriate user groups with which you want to associate the user
from the list. At a minimum, you should associate the user with the following
group:
Standard CCM End Users
Figure 20 : Roles assignment to end users
53
11. Select Add Selected.

12. Select Save.
Modifying the User Credential Policy
1. Select Cisco Unified Communications Manager Administration > User
Management > Credential Policy Default.
2. Edit the Application User Password, End User Password, and End User PIN
entries as required.
Figure 21 : Modify Credential policy for Application/End users
3. For each entry, configure the following:
54
Uncheck User Must Change at Next Login.
Check Does Not Expire.
4. Click Save.
Modifying User Credential Policy
Credential Policy
Application User Password
End User Password
End User PIN
User Must Change at Next

Login
Uncheck
Uncheck
Uncheck
Does Not Expire
Configuring the SIP Trunk Security Profile for Cisco Unified Presence
> Security Profile > SIP Trunk Security Profile.
2. Click Find.
3. Click Non Secure SIP Trunk Profile.
4. Verify that the setting for Device Security Mode is Non Secure.
5. Verify that the setting for Incoming Transport Type is TCP+UDP.
6. Verify that the setting for Outgoing Transport Type is TCP.
7. Check to enable these items:
Accept Presence Subscription
Accept Out-of-Dialog REFER ** (If this profile is associated with an
Extension Mobility Cross Cluster (EMCC) SIP trunk, Accept Out-of-Dialog
REFER is enabled regardless of the setting on this page.)
Accept Unsolicited Notification
Accept Replaces Header
Figure 22 : CUPS SIP Trunk Security profile
55
8. Click Save.
Configuring the SIP Trunk for Cisco Unified Presence
1. Select Device > Trunk from Cisco Unified Communications Manager
Administration.
2. Click Add New.
3. Select SIP Trunk for the Trunk Type.
4. Select SIP for the Device Protocol and None(Default) for the Trunk Service
Type.
5. Click Next.
6. Enter the Device Name for the SIP trunk.
7. Select Default for the Device Pool.
Figure 23 : CUPS SIP Trunk
56
8. In the SIP Information section at the bottom of the window, for the
Destination Address field, enter either the IP address or the FQDN of the
Cisco Unified Presence server.
9.
Enter 5060 for the Destination Port.
10. Select the Non Secure SIP Trunk Profile created in the previous step for the
SIP Trunk Security Profile.
11. Select Standard SIP Profile for the SIP Profile.
Figure 24 : CUPS SIP Trunk SIP Information configuration
57
12. Click Save.

13. The configuration changes will not take effect on the trunk until a reset is
performed. Use the Reset button or Job Scheduler to execute the reset.
Specifying Cisco Unified Presence Publish Trunk in Cisco UCM Service
Parameters
> Service Parameters.
2. Select a Cisco UCM server.
3. Select a respective Server, and choose Cisco CallManager as the Service.
4. In the Clusterwide Parameters (Device - SIP) section, select the SIP trunk
created previously for CUP PUBLISH Trunk.
Figure 25 : Configuring the CUP Publish Trunk in CUCM Service Parameters
5. Click Save.
Cisco Unified Presence Server Integration Steps

Configuring the Presence Gateway
1. Select Cisco Unified Presence Administration > Presence > Gateways.
58
2. Click Add New.

3. Select CUCM for the Presence Gateway Type.
4. Enter a description of the presence gateway in the Description field.
5. Specify the FQDN, DNS SRV FQDN, or IP address of the associated Cisco
Unified Communications Manager server in the Presence Gateway field.
Figure 26 : Configuring Presence Gateway
6. Click Save.
Configuring the SIP Publish Trunk on Cisco Unified Presence
1. Select Cisco Unified Presence Administration > Presence > Settings.
2. Select a SIP trunk from the CUCM SIP Publish Trunk drop-down list.
59
Figure 27 : Configuring CUP Publish Trunk on CUPS
3.
Select Save.
Configuring the Proxy Server Settings

1.
Select Cisco Unified Presence Administration > Presence > Routing >
Settings.
2.
Select On for the Method/Event Routing Status.
3.
Select Default Cisco SIP Proxy TCP Listener for the Preferred Proxy
Listener. Click Save.
60
Figure 28 : Configuring Proxy Server Settings
61
VOICE
Jabber clients provide phone functionality via Unified communications manager in
an on-prem or hybrid deployment model. We can have either softphone mode or
deskphone mode (controlling the deskphone) to make calls.
Table 2 Configuration checklist for Voice Deployment
S.No
1
2
3
Unified Communications Manager configuration for Unity Connection
Unity Connection configuration

Jabber for Windows
Restriction: Cisco Jabber for Windows does not support the automatic registration
features in Cisco Unified Communications Manager.
Set up software phones
Cisco Jabber for Windows users require software phones to place audio calls using
their computers. You must add software phones on Cisco Unified Communications
Manager.
Create a Client Service Framework (CSF) device
1. Open the Cisco Unified Communications Manager Administration interface.
2. Select Device > Phone.
3. Select Add New.
4. Select Cisco Unified Client Services Framework from the Phone Type menu.
5. Select Next.
6. Select the device protocol.
7. Select Next.
8. Configure the following information:
a.
Specify the device name in the Device Name field. Device Name could
be free form with a maximum of 15 characters.
b.
Enter a descriptive name for the phone in the Description field, if
required.
62
c.
Select Default from the Device Pool list.
d.
Select Standard Client Services Framework from the Phone Button
Template list.
e.
Configure all the required fields.
f.
To use an adjunct license with the device, select the user ID from the
Owner User ID list.
g.
To use an adjunct license with the device, select the device name from
the Primary Phone list.
Figure 29 : Jabber for Windows - Device Configuration
h. Enter information in the Protocol Specific Information section as follows:

Figure 30 : Jabber for Windows - Protocol Specific Information
63
64
9. Select Save.
Add a directory number to a device
1. Open the Phone Configuration window for the device.
2. Select Add a new DN in the Association Information section.
3. Specify a directory number in the Directory Number field.
4. Specify all other required configuration settings.
65
Figure 31 : Jabber for Windows-DN configuration
5. Select Save.
Set up desk phone devices
Cisco Jabber for Windows users can control desk phones to place audio calls on a
desk phone using their computers. You must add desk phones on Cisco Unified
Create a desk phone device
1. Open the Cisco Unified Communications Manager Administration interface.
3. Select Add New.
4. Select the appropriate device from the Phone Type menu.
5. Select Next.
6. Select the device protocol.
66
7. Select Next.
8. Configure the following information:
a.
Specify the device name in the Device Name field.
b.
Enter a descriptive name for the phone in the Description field, if
required.
c.
Select Default from the Device Pool list.
d.
Select the appropriate template from the Phone Button Template list.
e.
Configure all the required fields.
f.
To use an adjunct license with the device, select the user ID from the
Owner User ID list.

g.
To use an adjunct license with the device, select the device name from
the Primary Phone list.

h.
Enter information in the Protocol Specific Information section as
follows:
67
Figure 32 : Jabber for Windows - Configuring Desk Phone
9. Select Allow Control of Device from CTI to enable Cisco Jabber for Windows
to control the desk phone.
Restriction: If you do not select Allow Control of Device from CTI, Cisco Jabber for
Windows cannot control the desk phone.
68
Figure 33 : Jabber for Windows - Protocol Specific Info Desk Phone
10. Select Save.

Add a directory number to a device
1. Open the Phone Configuration window for the device.
2. Select Add a new DN in the Association Information section.
3. Specify a directory number in the Directory Number field.
4. Specify all other required configuration settings.
69
Figure 34 : Jabber for Windows - Desk Phone- DN configuration
5. Select Save.
Configure user associations
4. Select Find to retrieve a list of available devices.
5. Select the device to which you want to associate the user from the list of
available devices.
70
Figure 35 : Jabber for Windows - Device Association End user

9. Select Add to User Group in the Permissions Information section.
10. Select the appropriate user groups to which you want to associate the user
from the list. At a minimum, you should associate the user to the following
groups:
Standard CCM End Users
Standard CTI Enabled
71
If the user has a Cisco Unified IP Phone 9900 or 8900 series model phone,
also select the following group: Standard CTI Allow Control of Phones
supporting Connected Xfer and conf user group.
If the user has a Cisco Unified IP Phone 6900 series model phone, also select
the following group: Standard CTI Allow Control of Phones supporting
Rollover Mode.
Figure 36 : Jabber for Windows - Roles assignment for End user

12. Select Save.
Set up communication
You must set up communication between Cisco Jabber for Windows, Cisco Unified
Presence, and Cisco Unified Communications Manager so that Cisco Jabber for
Windows can interact with devices such as software phones and desk phones.
72
Attention: You must provide a CTI gateway profile and a CCMCIP profile to enable
audio and video capabilities for Cisco Jabber for Windows.
Prepare your TFTP server
Cisco Jabber for Windows downloads a file that contains device information for
users on Cisco Unified Communications Manager using the TFTP server.
Note: Install and configure your TFTP server first.
1. Open the Cisco Unified Presence Administration interface.
2. Select Application > Cisco Jabber > Settings. In some versions of Cisco Unified
Presence, this path is as follows: Application > Cisco Unified Personal
Communicator > Settings.
3. Specify the IP address of your primary TFTP server in the Primary TFTP
Server field. Depending on your version of Cisco Unified Presence, the fields
to specify the IP addresses of your TFTP servers are in one of the following
sections:
Cisco Jabber Security Settings

CUPC Global Settings
Figure 37 : Configuring TFTP server in CUPS for Jabber
73
4. Specify the IP addresses of your backup TFTP servers in the Backup TFTP
Server fields.
5. Select Save.
Set up a CTI gateway
Cisco Jabber for Windows requires a CTI gateway to communicate with Cisco
Unified Communications Manager.
2. Select Application > Cisco Jabber > CTI Gateway Server. In some versions of
Cisco Unified Presence, this path is as follows: Application > Cisco Unified
Personal Communicator > CTI Gateway Server.
3. Create a new CTI gateway server or confirm the settings in the default
configuration are correct.
Figure 38 : Configuring CTI gateway in CUPS for Deskphone control
4. Select Application > Cisco Jabber > CTI Gateway Profile. In some versions of
Cisco Unified Presence, this path is as follows: Application > Cisco Unified
Personal Communicator > CTI Gateway Profile.
5. Open the appropriate CTI gateway profile. You can use the default CTI
gateway profile. However, if you create a new CTI gateway profile, ensure
74
you specify the correct CTI gateway server in the Primary CTI Gateway
Server field.
Figure 39 : Configuring CTI gateway profile
6. Select Add Users to Profile in the Users in Profile section.

7. Add the appropriate users to the CTI gateway profile.
Figure 40 : User assignment to CTI gateway profile

9. Select Save.
Create a CCMCIP profile
Cisco Jabber for Windows requires a CCMCIP profile to retrieve device names and
settings from Cisco Unified Communications Manager.
75

2. Select Application > Cisco Jabber > CCMCIP Profile. In some versions of Cisco
Unified Presence, this path is as follows: Application > Cisco Unified Personal
Communicator > CCMCIP Profile.
3. Select Add New.
4. Specify a name for the profile in the Name field.
5. Specify the hostname or IP address of your primary Cisco Unified
Communications Manager instance in the Primary CCMCIP Host field.
6. Specify the hostname or IP address of your backup Cisco Unified
Communications Manager instance in the Primary CCMCIP Host field.
7. Leave the default value for Server Certificate Verification.
Figure 41 : Configuring CCMCIP profile for IP Phone services
8. Select Add Users to Profile.

9. Add the appropriate users to the CCMCIP gateway profile.
76
Figure 42 : User assignment to CCMCIP profile

11. Select Save.
Voicemail Configuration
You configure voicemail for Cisco Jabber for Windows on Cisco Unity Connection
and Cisco Unified Presence.
1. Create user profiles on Cisco Unity Connection as appropriate.
2. Ensure users have IMAP access on Cisco Unity Connection.
i.
In Cisco Unity Connection, select Class of Service to open the Edit

Class of Service window.
a. In the Licensed Features section, select Allow Users to Access
Voice Mail Using an IMAP Client and/or Single Inbox.
b. Select Allow IMAP Users to Access Message Bodies.
77
Figure 43 : IMAP configuration in Unity connection for Jabber
3. Set up a mail store on Cisco Unified Presence.

Attention: If you do not provide a mail store server address, Cisco Jabber for
Windows cannot access voicemail.
Figure 44 : Configuring Mailstore for Jabber users
4. Add a voicemail server from Application>Cisco Jabber>Voicemail server
78
Figure 45 : Configuring Voicemail Server for Jabber users
5. Create a voicemail profile on Cisco Unified Presence.

6. Apply the voicemail profile to the appropriate users on Cisco Unified
Presence.
Figure 46 : Configuring Voicemail profile for Jabber users
79
Figure 47 : User assignment to Voicemail profile
80
Jabber for Mac

Create a Cisco Unified Client Services Framework device for each user
To enable users to use phone features on their computers, you must create a new
Cisco Unified Client Services Framework device for each user.
1. Select Cisco Unified Communications Manager Administration > Device >
Phone.
2. Select Add New.
3. Select Cisco Unified Client Services Framework from the Phone Type menu.
4. Select Next.
5. Configure the following information
Figure 48 : Jabber for MAC Device configuration
6. Enter information in the Protocol Specific Information section, as follows:
81
7. Select Save.
8. Select the Add a New DN link in the Association Information section that
displays on the left side of the window.
82
Figure 49 : Jabber for MAC DN configuration
9. Select Save.
Desk Phone Control Mode
Note: If you want Cisco Jabber to be able to control a desk phone, the following must
be true:
83
The desk phone registers to Cisco Unified Communications Manager.
The Cisco Unified Communications Manager server has a CTI server.
Cisco Unified Presence must be configured to enable Cisco Jabber to connect

to a CTI server to control the phone.

Phone.
2. Search for the desk phone in the Find and List Phones window.
3. Select the device name of the desk phone.
4. Check Allow Control of Device from CTI to enable CTI to control and monitor
this device.
Figure 50 : Jabber for MAC Deskphone configuration
5. Select Save.
Associate a new device with a user
1. Select Cisco Unified Communications Manager Administration > User
Management > End User.
2. Search for the user in the Find and List Users window.
3. Select the user.
84

5. Search for the device in the User Device Association window.
6. Select the device.
8. Select Back to User from the menu in the Related Links navigation box at the
top right of the window.
9. Select Go.
Figure 51 : Jabber for MAC Device association for end user
10. Verify that the device is listed in the Device Information section on the End
User Configuration window.
Enable control of computer as a phone from CTI
1. Select User Management > End User in Cisco Unified Communications
Manager Administration.
85
2. Select the user you want to add.

3. Select Add to User Group in the Permissions Information group in the End
User Configuration window.
4. Search for "Standard CTI" in the Find and List User Groups window.
5. Select Standard CTI Enabled user group. If the phone of the user is a Cisco
Unified IP Phone 6900, 8900 or 9900 series model, select the Standard CTI
Allow Control of Phones supporting Connected Xfer and conf user group also.
Figure 52 : Jabber for MAC Roles assignment for end user
7. Select Save.
86
Associate a line for a phone device with a user

You must ensure that user IDs are the same between LDAP and Cisco Unified
Communications Manager. This is easier to accomplish if you have LDAP
synchronization enabled in Cisco Unified Communications Manager.
Phone.
2. Search for the device for the user in the Find and List Phones window.
3. Select the name of the device.
4. Select the directory number for the device in the Association Information
section that displays on the left side of the window.
5. Select Associate End Users at the bottom of the window.
6. Search for the user in the Find and List Users window.
7. Select the user, then select Add Selected.
Figure 53 : Jabber for MAC DN end user association
8. Select Save on the Directory Number Configuration window.

Configure CCMCIP profiles for client applications
The CCMCIP service runs on Cisco Unified Communications Manager and retrieves a
list of devices associated with each user. CCMCIP profiles are required before the
client application can retrieve the list of user devices from Cisco Unified
1. Select Cisco Unified Presence Administration > Application > Cisco Unified
Personal Communicator > CCMCIP Profile.
2. Select Add New.
3. Enter the profile name and description.
87
4. Enter information into the fields:

Figure 54 : Jabber for MAC configuring CCMCIP profiles

6. Use the Find and List Users window to find and select users, and select Add
Selected to add users to the profile.
7. Select Save.
88
Configure CTI gateway profiles

You must create CTI gateway profiles in Cisco Unified Presence Administration and
assign primary and backup servers for redundancy.
Before You Begin
The CTI gateway profile must be created before you can add licensed users of
the client application to the application profile.
The CTI gateway server names and addresses must be specified in Cisco
Unified Presence Administration > Application > Cisco Unified Personal
Communicator > CTI Gateway Server before you can select the servers as
primary or backup servers in this procedure.
Cisco Unified Presence dynamically creates a TCP-based CTI gateway profile

based on the hostname of Cisco Unified Communications Manager. Before
using this profile, verify that Cisco Unified Presence and the application
clients can ping Cisco Unified Communications Manager by the DNS name. If
they cannot contact the server, you need to add the IP address of Cisco
Unified Communications Manager in Cisco Unified Presence Administration >
Application > Cisco Unified Personal Communicator > CTI Gateway Server.
You do not need to delete the host profiles that are created automatically.
If you previously configured Cisco Unified Communications Manager with an

IP address through the Cisco Unified Communications Manager
Administration > System > Server menu, Cisco Unified Presence dynamically
creates a TCP-based CTI gateway profile based on that address. The fields in
Cisco Unified Presence Administration > Application > Cisco Unified Personal
Communicator > CTI Gateway Profile are automatically populated, and you
need only add users to the default CTI TCP profile that is created.
Personal Communicator > CTI Gateway Profile.
2. Search for the CTI gateway profile in the Find and List CTI Gateway Profiles
window. If the CTI gateway profile is found, no further action is required.
3. If the CTI gateway profile is not found, select Add New.
4. Enter information into the fields.
89
Figure 55 : Jabber for MAC Configuring CCMCIP profile

6. Use the Find and List Users window to find and select users.
7. Select Add Selected to add users to the profile.
Figure 56 : Jabber for MAC Assign end users to CTI gateway profile
8. Select Save in the main CTI Gateway Profile window.

Configure the proxy listener and TFTP addresses
Note: Cisco recommends that Cisco Jabber use TCP to communicate with the proxy
server. If you use UDP to communicate with the proxy server, availability
information for contacts in the Cisco Jabber contact list might not be available for
large contact lists.
90
Personal Communicator > Settings.
2. Select the Proxy Listener Default Cisco SIP Proxy TCP Listener.
3. Assign the primary (required) and backup (optional) TFTP server addresses
in the fields provided. You can enter an IP address or an FQDN (Fully
Qualified Domain Name).
Figure 57 : Jabber Security Settings
4. Select Save.
Voicemail Configuration
You configure voicemail for Cisco Jabber for MAC on Cisco Unity Connection and
Cisco Unified Presence.
1. Set up a new or existing class of service in Cisco Unity Connection
Administration to enable Internet Mail Access Protocol (IMAP) client access
to voice messages.
a. Expand Class of Service in the section on the left-hand side.
b. Select Class of Service.
c. Select the display name of the applicable class of service in the search
results table, in the Search Class of Service window.
d. Check Allow Users to Use Unified Client to Access Voice Mail, under
Features.
e. Check Allow Users to Access VoiceMail Using an IMAP Client, under
Licensed Features. Then select Allow Users to Access Message Bodies.
f. Select Save.
91
Figure 58 : IMAP configuration in Unity Connection
2. Configure the user:
If the users are existing Cisco Unity Connection users, add them to the Cisco
Unified Communications Manager database. Proceed to Step 4.
If the user is a new user, add the user to the Cisco Unified Communications
Manager database and proceed to Step 3.
3. Create a Cisco Unity Connection user account on the Cisco Unity Connection
server with a voice mailbox for each user.
Note: The user ID in Cisco Unity Connection does not need to match the user
ID in Cisco Unified Presence or in the client application. The client application
has an independent voicemail ID, which is set in the application Options
dialog box. However, you might find it useful to have the same user IDs
across your Cisco Unified Communications system.
4. (Optional) Enable secure messaging as follows:
92
a. Expand Class of Service in the section on the left-hand side.

b. Select Class of Service.
c. Select the display name of the applicable class of service in the search
results table, in the Search Class of Service window.
d. Select the option you require from the Require Secure Messaging dropdown list in the Message Options section.
5. (Optional) Specify how to handle unidentified caller message security for
your users as follows:
a.
b.
c.
d.
e.
Expand Users in the section on the left-hand side.

Select Users.
Select the alias of a user.
Select Edit > Message Settings.
Check Mark Secure in the Unidentified Callers Message Security section.
6. If one does not already exist, specify a web application password in Cisco
Unity Connection for the applicable user accounts.
93
Jabber for iPhone

Install Cisco Options Package file for devices
To make Cisco Jabber available as a device in Unified CM(if you are running CUCM
version 7.1.5+ and its not natively available as a device when you try Add Phone),
you must install a device-specific Cisco Options Package (COP) file on all your
Unified CM servers.
1. Download the device COP file.
COP File download link
Note the MD5 checksum. You will need this later.
Click Proceed with Download and follow the instructions.
2. Place the COP file on an FTP or SFTP server that is accessible from your
Unified CM servers.
3. Install this COP file on the Publisher server in your Unified CM cluster:
From the Navigation list box in the top-right corner of the Unified CM
Administration portal, choose Cisco Unified OS Administration and select Go.
Select Software Upgrades > Install/Upgrade.
-
Specify the location of the COP file and provide the required
information.
Select Next.
Select the device COP file.
Select Next.
Wait for the process to be completed. This process may take some
time.
Reboot Unified CM at a time of low usage.
Restart the Cisco Tomcat service on the Unified CM server.
This step is required for the device icon to display properly on the device list
page in Unified CM. This step clears the Tomcat image cache.
Enter the following command from the CLI:
utils service restart Cisco Tomcat
Let the system fully return to service.
94
To avoid interruptions in service, make sure each server has returned to

active service before you perform this procedure on another server.
4. Install the COP file on each Subscriber server in the cluster. Use the same
process you used for the Publisher, including rebooting the server.
Add user device
Verify that the Device Pool that you will assign to the Cisco Jabber device is
associated with a region that includes support for all supported audio codecs.
1. Sign in to the Unified CM Administration portal.
2. Add a new phone device with Cisco Dual Mode for iPhone as the Phone Type.
3. Enter the required settings for your devices. Device configured with device
name that must be all uppercase and start with TCT.
Figure 59 : Jabber for iPhone Device Configuration
95
Figure 60 : Jabber for iPhone Protocol Specific Information
4. Select Save.
5. Select Apply Config.
6. Select [Line n] - Add a new DN.
7. Enter the directory number of this device.
This can be a new DN; a desk phone with the same DN is not required.
8. If this device is a standalone device (not sharing a DN with a desk phone),
configure these settings to forward calls when Cisco Jabber is not running
and connected to the network, so callers do not receive an error message:
Forward Unregistered Internal

Forward Unregistered External
For more information about these settings, see the online help in Unified CM
for the Forward All and other settings on the same page.
96
9. Set the No Answer Ring Duration to 24 seconds to allow time for Cisco Jabber
to ring before calls go to voicemail.
10. Configure other settings as appropriate for your environment. Cisco Jabber
does not require specific values.
Figure 61 : Jabber for iPhone DN configuration
97
11. Select Save.

12. Navigate to the End User page for the user.
13. Associate the Cisco Dual Mode for iPhone device that you just created for this
user.
Figure 62 : Jabber for iPhone Device association for end user
Set up visual voicemail on Unified CM

Verify that IMAP is enabled: See "Configuring IMAP Settings" in the System
Administration Guide for Cisco Unity Connection at
http://www.cisco.com/en/US/products/ps6509/prod_maintenance_guides_list.ht
ml
1. Sign in to Unified CM Administration.
2. Navigate to the device page for the user.
3. In the Product Specific Configuration Layout section, enter voicemail settings.
98
Figure 63 : Jabber for iPhone - Product Specific Configuration for Voicemail
4. Click Save.
5. Relaunch Cisco Jabber.
If you have allowed end-user configuration editing, delete the voicemail
account on the client and then set up the account again.
6. Step through the wizard until you see an option to enable or confirm your
voice messaging account.
7. Tap Yes.
8. Enter your voice messaging password.
9. Tap Save.
10. Complete the wizard.
Dial Rules
Cisco Jabber for iPhone uses dial rules to make it easier for users to dial phone
numbers from their iPhone.
Application Dial Rules (AppDialRules.xml)
99
Unified CM generates these files when the Cisco Options Package (COP) file for dial
rules is installed.
To setup dial rules please refer the below link:
http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/iPhone/8.6/JABI_BK_J2
9330BB_00_jabber-for-iphone-adminguide_chapter_01.html#JABI_CN_D4050B5A_00
Increase SIP Dual Mode Alert Timer value
Increase the SIP Dual Mode Alert Timer to ensure that calls to the Cisco Jabber
extension are not prematurely routed to the mobile-network phone number.
2. Select System > Service Parameters.
3. Select the server.
4. Select the Cisco CallManager (Active) service.
5. Scroll to the Clusterwide Parameters (System - Mobility) section
6. Increase the SIP Dual Mode Alert Time to 4500 milliseconds.
Figure 64 : Jabber for iPhone Configuring SIP dual mode timer
7. Select Save.
100
Jabber for iPad

Installing Cisco Options Package (COP) file for devices
To make Jabber for iPad available as a device in Unified Communications Manager,
install a device-specific Cisco Options Package (COP) file on all your Unified CM
servers.
1. Download the device COP file for iPad at
http://www.cisco.com/cisco/software/navigator.html?mdfid=280443139&f
lowid=29241.
Unified CM servers.
3. Install the COP file on the Publisher server in your Unified CM cluster by
following these steps:
a.
Select Cisco Unified OS Administration in the Navigation drop-down
list and then select Go.

b.
c.
information.
d.
Select Next.
e.
f.
Select Next.
g.
Follow the instructions on the screen.
h.
Select Next.
Wait for the process to be completed. This process may take some time.
101
i.
Reboot Unified CM at a time of low usage.
j.
Restart the Cisco Tomcat service on the Unified CM server.
This step, which clears the Tomcat image cache, is required for the device
icon to display properly on the device list page in Unified CM.
k.
Enter this command from the CLI: utils service restart Cisco Tomcat
l.
Important: To avoid interruptions in service, ensure that each server has

returned to active service before you perform this procedure on another
server.
process you use for the Publisher, including rebooting the server.
Setting up a dedicated SIP profile
Set up a dedicated SIP profile that allows Jabber for iPad to stay connected to
Unified Communications Manager if the application is running in the background.
1. Sign in to Cisco Unified CM Administration.
2. Select Device > Device Settings > SIP Profile.
3. Create a SIP profile or copy an existing SIP profile.
You can name the profile "Standard iPad SIP Profile."
4. In the Parameters Used in Phone section, enter these values:
Timer Register Delta (seconds)60
Timer Keep Alive Expires (seconds)660
Timer Subscribe Expires (seconds)660
102
Figure 65 : Jabber for iPad SIP profile configuration
5. Select Save.
5. Set the Sip Trying Timer to 1000ms.
Using dial rules for Jabber for iPad
Jabber for iPad uses these two sets of dial rules to make it easier for users to dial
phone numbers from their iPad devices:
103
Directory Lookup Dial Rules (DirLookupDialRules.xml)
For configuring dial rules for iPad please refer the below link
http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/iPad/Admin_doc/outp
ut/b_Jabber_for_iPad_admin_guide_chapter_010.html#concept_D4AF143688BE4BE
EA064984BBECE9BCB
Adding user device
3. Select Add New.
4. Select Cisco Jabber for iPad in the drop-down list and then select Next.
5. Device name must start with TAB, followed by up to 15 uppercased or
numeric characters. Example: TABJOHND.
6. Select Save.
Figure 66 : Jabber for iPad Device configuration
Figure 67 : Jabber for iPad Protocol Specific configuration

104

9. Enter the directory number of this device.
10. If this device is a standalone device (not sharing a DN with a desk phone),
specify these settings to forward calls when the application is not running
and connected to the network so callers do not receive an error message:
Forward Unregistered Internal
Forward Unregistered External
11. Set the No Answer Ring Duration to 24 seconds to allow time for the
application to ring before calls go to voicemail.
12. Specify other settings as appropriate for your environment.
Figure 68 : Jabber for iPad DN configuration
105
13. Select Save.

14. Associate the device that you just created with the user by following these
steps:
Select User Management > End User.
Search for and select the user.
In the Device Information section, select Device Association.
Check the device that you want to associate with the user.
Select Save Selected/Changes.
Figure 69 : Jabber for iPad Device association for end user
106
Setting up visual voicemail

Verify that IMAP is enabled.
Figure 70 : Jabber for iPad IMAP configuration
107

2. Navigate to the device page for the user.
3. In the Product Specific Configuration Layout section, enter voicemail settings.
Figure 71 : Jabber for iPad Product configuration layout
4. Click Save.
5. Relaunch Cisco Jabber.
If you have allowed end-user configuration editing, delete the voicemail
account on the client and then set up the account again.
108
6. Step through the wizard until you see an option to enable or confirm your
voice messaging account.
7. Tap Yes.
8. Enter your voice messaging password.
9. Tap Save.
10. Complete the wizard.
109
Jabber for Android

To make Cisco Jabber available as a device in Cisco Unified Communications
Manager, you must install a device-specific Cisco Options Package (COP) file on all
your Cisco Unified Communications Manager servers.
Install Cisco Options Package file for devices
1. Download the device COP file.
COP File download link
Unified CM servers.
3. Install this COP file on the Publisher server in your Unified CM cluster:
From the Navigation list box in the top-right corner of the Cisco Unified
Communications Manager Administration portal, choose Cisco Unified OS
Administration and select Go.
-

information.
Select Next.
Select Next.
Follow the instructions on the screen.
Select Next.
Wait for the process to be completed. This process may take
some time.
Reboot Cisco Unified Communications Manager at a time of
low usage.
Restart the Cisco Tomcat service on the Cisco Unified
Communications Manager server.
This step is required for the device icon to display properly on the device list
page in Cisco Unified Communications Manager. This step clears the Tomcat
image cache.
Enter the following command from the CLI:
utils service restart Cisco Tomcat
110
process you used for the Publisher, including rebooting the server.
Dial Rules
Cisco Jabber for Android uses dial rules to make it easier for users to dial phone
numbers from their iPhone.
Unified CM generates these files when the Cisco Options Package (COP) file for dial
rules is installed.
To setup dial rules please refer the below link:
http://www.cisco.com/en/US/docs/voice_ip_comm/jabber/Android/8_6/JABA_BK
_A940B90D_00_jabber-for-android-admin-guide_chapter_01.html#d419e529a1635
5. Scroll to the Clusterwide Parameters (System - Mobility) section
7. Select Save.
Note: If after you increase the SIP Dual Mode Alert Timer, incoming calls still arrive
in Cisco Jabber, and are terminated and diverted using Mobile Connect, you can
increase the SIP Dual Mode Alert Timer. The 4500 millisecond value is the lowest
recommended value.
Add user device
Verify that the Device Pool that you will assign to the Cisco Jabber device is
associated with a region that includes support for the G.711 codec.
111
1. Sign in to Cisco Unified Communications Manager Administration.

2. Add a new phone device with Cisco Dual Mode for Android as the Phone
Type.
3. Enter settings for Device-Specific Information.
a. Enter the Device Name The Device Name:
o
Must start with BOT
Must be uppercase
Can contain up to 15 characters
Can include only the following characters: A to Z, 0 to 9, dash (-), or

underscore (_)
We recommend that the device name include the username of the user so it is
easily remembered.
Example: For example the device name of user jsmith would be BOTJSMITH.
b. Choose Standard Dual Mode for Android for the Phone Button Template.
c. Configure the following settings to prevent confusion for the person the user
calls.
o
Media Resource Group List
User Hold MOH Audio Source
Network Hold MOH Audio Source
These settings are not specific to this device. For information, see the Cisco
Unified Communications Manager documentation.
d. Choose desk phone as the Primary Phone if the user has a desk phone.
4. Enter settings for Protocol Specific Information.
a. In the Device Security Profile drop-down list, select Cisco Dual Mode for
Android - Standard SIP Non-Secure Profile.
b. In the SIP Profile drop-down list, select the appropriate SIP profile. See
Create dedicated SIP profile.
Values that are not described in this document are not specific to Cisco Jabber but
may need to be entered for the device to work properly.
5. Enter settings for the Product Specific Configuration Layout section.
112
a. Select the appropriate level of usage tracking in the Cisco Usage and Error
Tracking drop-down list. See Usage and error tracking.
b. In the Application Dial Rules URL field:
o
For Cisco Unified Communications Manager Release 8.6 and later,

leave this field blank.
If you are using Cisco Unified Communications Manager Release 8.5 or

earlier and you want Cisco Jabber devices to apply Application Dial
Rules, you must specify the path to these dial rules files, including the
filenames. Use the following format: tftp://ip address of TFTP
server/pathname to the XML file/XML filename
c. If your directory server requires authentication, enter LDAP username and

password; otherwise leave these fields blank.
These credentials can be for a single read-only account for all users. These
credentials are sent to the client in clear text in the TFTP file. Therefore, we
strongly recommend that LDAP directory administrators generate a
directory query account that has no other rights. Create this account with a
value that is low enough to ensure that its credentials are semi-public
(available to anyone on the local network).
d. Enter any designated emergency numbers in the Emergency Numbers field.
You can enter a comma-separated list of additional emergency numbers that
will always be dialed direct for this user. These numbers must contain only
numerical digits. No spaces, dashes, or other characters are permitted.
Emergency numbers as defined on the device are always dialed direct using
the mobile network (never dialed using Enterprise VoIP) to allow the
location of the caller to be sent automatically to emergency services
personnel where this service is available. Direct-dial numbers can be useful
for users who frequently travel to countries other than the country of their
mobile network provider, if the emergency number differs depending on the
users' location, or if your company has a dedicated security number.
e. Enter your domain in the Domain Name field if the Cisco Unified
Communications Manager setting in System > Server is a hostname that does
not include the domain name.
Example:cisco.com
f. Enter a list of up to three SSIDs separated by forward slashes (/) in the
Preset Wi-Fi Networks field.
Cisco Jabber attempts to connect to Cisco Unified Communications Manager
only after the mobile device is connected to an SSID that you list here, or one
that the user selects in the client. Cisco Jabber must be able to reach Cisco
113
Unified Communications Manager when it is connected to these SSIDs.

Typically, these are your corporate Wi-Fi SSIDs. SSIDs can be up to 32
characters long and are case-sensitive.
Figure 72 : Jabber for Android Device configuration
Figure 73 : Jabber for Android Protocol specific information
6. Select Save.
9. Enter the Directory Number of this device.
114
This can be a new DN; a desk phone with the same DN is not required.
10. If this device is a standalone device (not sharing a DN with a desk hone),
configure these settings to forward calls when Cisco Jabber is not running
and connected to the network, so callers do not receive an error message:
a. Forward Unregistered Internal
b. Forward Unregistered External
For more information about these settings, see the online help in Cisco Unified
Communications Manager for the Forward All and other settings.
11. Set the No Answer Ring Duration to 24 seconds to allow time for Cisco Jabber
to ring before calls go to voicemail.
Figure 74 : Jabber for Android DN configuration
115
12. Select Save.

13. Navigate to the End User page for the user.
14. Associate the Cisco Dual Mode for Android device that you just created for
this user.
The device should now appear in the Controlled Devices box in either the Device
Information or Device Associations section (depending on your release of Unified
CM).
Configuring Cisco Unified Communications Manager

Create the SIP Trunk Security Profile
1. In Cisco Unified CM Administration, on the System menu, select Security >
SIP Trunk Security Profile.
2. On the Find and List SIP Trunk Security Profiles page, select Add New.
3. On the SIP Trunk Security Profile Configuration page, under SIP Trunk
Security Profile Information, enter the following settings.
116
Figure 75 : Unity Connection SIP Trunk Security Profile
4. Select Save.
Create the SIP Profile
1. On the Device menu, select Device Settings > SIP Profile.
2. On the Find and List SIP Profiles page, select Find.
3. To the right of the SIP profile that you want to copy, select Copy.
4. On the SIP Profile Configuration page, under SIP Profile Information, enter
the following settings.
117
Figure 76 : Unity Connection SIP profile
118
5. Select Save.
Create the SIP Trunk
1. On the Device menu, select Trunk.
2. On the Find and List Trunks page, select Add New.
119
3. On the Trunk Configuration page, in the Trunk Type field, select SIP Trunk.
4. In the Device Protocol field, select SIP and select Next.
5. Under Device Information, enter the following settings.
Figure 77 : Unity Connection SIP Trunk
6. If user phones are contained in a calling search space, under Inbound Calls,
enter the following settings.
Figure 78 : Unity Connection SIP Trunk Inbound calls
7. Under Outbound Calls, check the Redirecting Diversion Header Delivery Outbound check box.
120
8. Under SIP Information, enter the following settings.

Figure 79 : Unity Connection SIP Trunk Outbound calls
9. Adjust any other settings that are needed for your site.
10. Select Save.
Create a Route Pattern
1. On the Call Routing menu, select Route/Hunt > Route Pattern.
2. On the File and List Route Patterns page, select Add New.
3. On the Route Pattern Configuration page, enter the following settings.
121
Figure 80 : Unity Connection Route Pattern
4. Select Save.
Create the Voice Mail Pilot
1. On the Advanced Features menu, select Voice Mail > Voice Mail Pilot.
2. On the Find and List Voice Mail Pilots page, select Add New.
3. On the Voice Mail Pilot Configuration page, enter the following voice mail
pilot number settings.
Figure 81 : Unity Connection Voicemail Pilot
122
4. Select Save.
Set Up the Voice Mail Profile
1. On the Advanced Features menu, select Voice Mail > Voice Mail Profile.
2. On the Find and List Voice Mail Profiles page, select Add New.
3. On the Voice Mail Profile Configuration page, enter the following voice mail
profile settings.
Figure 82 : Unity Connection Voicemail profile
123
4. Select Save.
Configuring Cisco Unity Connection

Add the Phone System
1. Sign in to Cisco Unity Connection Administration.
2. In Cisco Unity Connection Administration, expand Telephony Integrations,
then select Phone System.
3. On the Search Phone Systems page, under Display Name, select the name of
the default phone system.
4. On the Phone System Basics page, in the Phone System Name field, enter the
descriptive name that you want for the phone system.
5. If you want to use this phone system as the default for TRaP connections so
that administrators and users without voicemail boxes can record and
playback through the phone in Cisco Unity Connection web applications,
check the Default TRAP Switch check box. If you want to use another phone
system as the default for TRaP connections, uncheck this check box.
Figure 83 : Unity Connection Phone System Basics configuration
124
6. Select Save.
Add Port Groups
1. On the Phone System Basics page, in the Related Links drop-down box, select
Add Port Group and select Go.
2. On the New Port Group page, enter the applicable settings and select Save.
125
Figure 84 : Unity Connection Port group configuration
3. On the Port Group Basics page, do the following substeps if the Cisco
Unified CM cluster has secondary servers
a.
On the Edit menu, select Servers.
b.
If you want to add a secondary Cisco Unified CM server, on the Edit

Servers page, under SIP Servers, select Add.
c. Enter the following settings for the secondary Cisco Unified CM
server and select Save.
Figure 85 : Unity Connection Reset Port Groups
126
d.
e.
On the Edit menu, select Port Group Basics.

On the Port Group Basics page, select Reset.
Add ports
1. On the Port Group Basics page, in the Related Links drop-down box, select
Add Ports and select Go.
2. On the New Port page, enter the following settings and select Save.
Figure 86 : Unity Connection Add ports
127
3. On the Search Ports page, select the display name of the first voice messaging
port that you created for this phone system integration.
4. On the Port Basics page, set the voice messaging port settings as applicable.
The fields in the following table are the ones that you can change.
128
5. Select Save.
6. Select Next.
Test the Telephony Configuration
1. In the Related Links drop-down list, select Check Telephony Configuration
and select Go to confirm the phone system integration settings.
If the test is not successful, the Task Execution Results displays one or more
messages with troubleshooting steps. After correcting the problems, test the
connection again.
Figure 87 : Unity Connection Test Telephony configuration
In the Task Execution Results window, select Close.
129
VIDEO
Video functionality is provided by some Jabber clients. Depending on the client the
video features supported are different.
Table 3 Configuration checklist for Video Deployment
S.No
1
2
Configuring Unified Communications Manager for video
Configuring MCU for video
Configuring Unified Communications Manager for Video

Configuring Phones with Video capabilities on CUCM server and enable video.
1. From the Cisco Unified CM Administration website, select Device ->Phone
and click Find. The phone should show Registered.
2. Click one of the links (the Cisco Unified IP Phone 9971,8945,7975,7965 for
example) to look at the phone configuration details. Scroll further down to
ensure the video options are enabled. Please check if the Device have Cisco
Camera and Video Capabilities enabled.
Figure 88 : Video Enabling Video capability on the device
Note for Cisco Unified Client Services Framework there will be just Video
capabilities parameter .
130
3. Cisco E20 phone registration steps follow:

a. Log in to the Cisco Unified CM Administration website and select
Device ->Phone. Click Add New and select Cisco E20 from the dropdown menu. Click Next.
Figure 89 : Video Adding E20
Fill in the necessary information in the Device Information and Protocol Specific
Information sections. Click Save.
131
Figure 90 : Video E20 Protocol Specific Information
b. Click the Add a new DN link.

Figure 91 : Video Adding DN
4. Cisco TelePresence EX60 or EX90 phone registration steps follow:
132
a. Log in to the Cisco Unified CM Administration website and select

Device ->Phone. Click Add New and select Cisco TelePresence
EX90 or Cisco Telepresence EX60 from the drop-down menu. Click
Next.
Figure 92 : Video Adding EX60
Fill in the necessary information in the Device Information and Protocol Specific
Information sections. Click Save.
133
Figure 93 : Video EX60 Protocol specific information
a. Click the Add a new DN link.

Figure 94 : Video Add DN
b. Enter the desired extension and choose a Route Partition. Click Save.
Configuring Cisco Unified Communications Manager regions to support HD
video.
1. Go to System>Region.
2. Select the Region relationship.
3. In Max Video Call Bit Rate (Includes Audio) input Bandwidth needed for call.
134
Figure 95 : Video Region configuration
NOTE:As the video resolution for the calls increases, so does the need for
bandwidth. For video bandwidth in the region settings, the suggested values
are 384 kbps for calls where CIF video resolution is desired, 768 kbps where
VGA resolution is desired, and 1.5 Mbps for 720p resolution video calls.
While most video endpoints have variable bit-rate encoders, video phones
such as the Cisco Unified IP Phone 9900 Series have a constant bit-rate
encoder for video. The constant bit-rate encoder provides better motion
video and error resiliency.
Configuring MCU as Video Conference Bridge for HD video Conference on
CUCM
1. Log in to the Cisco Unified CM Administration Console.
2. Select Media Resources ->Conference Bridge and click Add New.
3. Select Conference Bridge Type as Cisco Telepresence MCU
135
Figure 96 : Video Conference Bridge configuration Add bridge in CUCM
4. Fill in Conference Bridge Name, Destination Address.

5. Select Device pool to which this Video conference Bridge should register.
6. Please select port 5060 for Unified CM SIP port and MCU Conference
Bridge Sip port. NOTE: we do not support Secure SIP or HTTPs to COIDAN
MCU.
7. Fill in username ,Password and Http port.
136
Figure 97 : Video Conference bridge configuration settings in CUCM
8. Click Save.
Configuring MCU as Video Conference Bridge for HD video Conference on MCU
1. Log in to MCU web interface.
2. Select Network > Services. Make sure you have web port set to 80.
137
Figure 98 : Video MCU configuration
3. Select Users>Add New User.

4. Enter User ID, Name, Password.
5. Un-check Force user to change password on next login.
6. Select administrator Privileges.
7. Click Add user.
138
Figure 99 : Video MCU configuration Add user
8. Go to Settings>Conferences.
9. Under Conference settings enable Media port reservation.
Figure 100 : Video MCU configuration Media Port reservation
139
10. Under Advanced Settings

11. Select Disconnect Caller for Incoming calls to unknown Conferences or
auto Attendants.
12. Select Never configure PIN for Time to wait when setting up ad hoc
Conference PIN.
Figure 101 : Video MCU configuration Advanced Settings
13. Click Apply changes.

Configuring MRG for Video Conference
1. Go to Media Resources>Media Resource Group.
2. Click Add New.
3. Enter Name (Example MRG-Video-CFB).
4. Select Video Conference Bridge in the Selected Media Resources.
140
Figure 102 : Video Configuring Media Resource Group(MRG)
5. Click Save.
Assigning Video Conference Bridge for MRGL
1. Go to Media Resources>Media Resource Group List.
2. Click Find.
3. Select the Designated MRGL you want to add Video Conference Bridge.
4. Select Video Conference bridge MRG.
141
Figure 103 : Video Configuring Media Resource Group List (MRGL)
5. Click Save.
Note if you have Audio Conference Bridge MRG in the list. Please add Video
Conference Bridge below Audio conference Bridge MRG. So that you will not
user Video Conference Bridges for Audio calls.
Configuring the SIP Trunk Security Profile for Video communication server
1. On CUCM, go to System > Security > SIP Trunk Security profile.
2. Click Add New.
3. Configure Incoming Transport type to TCP+UDP.
4. Configure Outgoing Transport type to TCP.
5. Check Accept Unsolicited Notification.
6. Check Accept Replaces Header.
142
Figure 104 : Video Configuring SIP Trunk Security Profile for VCS
7. Click Save.
Configuring the SIP Profile for Video communication server
1. Log in to Communication manager Administration Console.
2. Select Device>Device settings>Sip profile.
3. Click Add new
4. Configure the sip Profile Information Name.
5. Please check Redirect by Application to support Multiway call with VCS
endpoints if needed.
143
Figure 105 : Video Configuring SIP Profile for VCS
6. Trunk specific configuration section.

7. Select Allow Presentation Sharing using BFCP.
8. Click Save.
Configuring the SIP Trunk for Video Communication server.
1. On CUCM, go to Device > Trunk.
2. Click Add New.
3. Select a Trunk Type of SIP Trunk. Device Protocol displays SIP.
4. Select Trunk Service Type, select None(Default).
144
Figure 106 : Video Adding SIP Trunk to VCS
5. Click Next.
6. Configure the Device Information fields.
Figure 107 : Video CUCM-VCS SIP Trunk configuration settings
7. Configure the Call Routing Information > Inbound Calls fields.

145
Figure 108 : Video CUCM VCS SIP Trunk Call routing settings
8. Configure the Call Routing Information > Outbound Calls fields.
9. Configure the SIP Information fields.
146
Figure 109 : Video CUCM VCS SIP Trunk SIP information
10. Click Save.

11. Click Reset.
147
Cisco VCS Installation and Configuration

This section describes the procedures to install and configure Cisco VCS for call
control.
Cisco VCS Installation
To read more about installing a Cisco VCS, refer to:
http://www.cisco.com/en/US/products/ps11337/prod_installation_guides_list.htm
l.
Follow these steps to perform a fresh installation of Cisco VCS:
1.
2.
3.
Connect a serial cable from a PC to the data port on the Cisco VCS and console
into the Cisco VCS using the serial settings:
Baudrate - 115200
Data bits - 8
Parity - No
Stop bits - 1
Flow control - None
Log in using the default credential (User: admin; Password: TANDBERG).
** Note: Password is case-sensitive.
Respond to the install wizard prompt as shown:
Run install wizard [n]: Type y and press <Enter>.
Installation Wizard
When asked to change the password for the admin account, choose N.
For the IP protocol select IPV4.
Enter the following for the LAN 1 IP address of the Cisco VCS: <XXXXXXXX IP
address is 1.1.1.1>.
Enter the following for the LAN 1 IPv4 subnet mask: <Subnet Mask is
255.255.255.0>.
The IP Default Gateway is <Default Gateway for 1.1.1.2>.
Ethernet speed is <AUTO>.
Use the Secure Shell (SSH) Protocol to administer the Cisco VCS: Select Y.
Use Telnet to administer the Cisco VCS: Select Y.
To respond to the query Restart System?, choose Y.
After the system restarts, you will be prompted to log in again. Log in using
admin/TANDBERG for user/password and respond to the prompt as shown:
Run install wizard [n]: Type n and press <Enter>.
4.
5.
6.
At the prompt, type the command xCommand restart to restart the Cisco VCS.
After the system restarts, go to the Cisco VCS web interface (http:// IP Address
of VCS).
148
7.
Click Administrator login (do not choose User login).
8.
Log in using admin/TANDBERG for user/password.
9.
10.
11.
To change the admin password, select Maintenance ->Login Accounts >Administrator Accounts and click the admin link.
Enter the new password into the Password fields and click Save.
Verify the software version by looking at the lower right corner. If the software
version is X7.02 or later, skip to the Cisco VCS Setup section to start setting up
the Cisco VCS. Otherwise, follow the instructions in the Cisco VCS Software
Upgrade section to upgrade the software.
149
Cisco VCS Software Upgrade

If the Cisco VCS software version is X7.02 or lower, the software needs to be
upgraded. Follow the steps in this section.
1.
2.
3.
Go to the following link to download the latest software. Leave the file as a tar.gz:
http://www.cisco.com/cisco/software/release.html?mdfid=283733603&flowid
=22561&softwareid=280886992&release=X7.0.2&relind=AVAILABLE&rellifecy
cle=&reltype=latest.
** Note: A release key is required if upgrading to a major release (for example, X6
to X7). Release keys can be obtained from:
https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet or by
calling the Cisco Technical Assistance Center (TAC).
After the software is downloaded and the release key is obtained, browse to the
Cisco VCS web interface and log in using the administrator credentials. Select
Maintenance ->Upgrade.
Click Choose File to select the file downloaded previously, and click Upgrade.
150
4.
Enter the release key when prompted for it. Click Continue with upgrade.
5.
At the end of the upgrade, click Reboot system to restart the Cisco VCS.
Cisco VCS configuration

1. Go to http:// IP Address of VCS and log in to the web interface using
administrator credentials.
2.
3.
Name the Cisco VCS. Select System ->System, enter a name in the System name
field, and click Save.
Create a SIP domain. Select VCS Configuration ->Protocols ->SIP ->Domains

and click New. Enter the domain name and click Create Domain.
Figure 110 : VCS Create Domain
151
4.
Set up the Cisco Unified Communications Manager neighbor. Select VCS

Configuration ->Zones and click New. Enter values for the highlighted fields
and put the IP address of Cisco Unified Communications Manager into the Peer 1
Address field. Click Create Zone.
Figure 111 : VCS Create Zone with CUCM as peer
152
5.
6.
If you go back to the zone after the Cisco Unified Communications Manager zone
is created, the state will show Active as long as Cisco Unified Communications
Manager has a SIP trunk configured pointing to the Cisco VCS.
Create a transformation rule to add a SIP domain if none exists. Select VCS
Configuration ->Dial Plan ->Transforms and click New. Change the fields as
shown and click Create Transform.
Figure 112 : VCS Create Transform for SIP Domain
Note: 1 Use priority 3 for this step. The pattern string is ([^@]*), and the
replace string should use the customers SIP domain.
**
This transform rule allows connection of an H.323 call on the Cisco VCS
through SIP.
2
153
7.
Create a transform rule to replace the Cisco Unified Communications Manager IP

address with the SIP domain. Select VCS Configuration ->Dial Plan >Transforms and click New. Change the fields as shown and click Create
Transform.
Figure 113 : VCS Create Transform to convert CUCM IP address to SIP domain
Note: 1 Use priority 4. The pattern string is (.*)@1.1.1.1((:|;).*)?, and the IP

address should be the customers Cisco Unified Communications Manager IP
address. The replace string should use the customers SIP domain.
**
This transform rule allows connection of calls from Cisco Unified

Communications Manager on the Cisco VCS.
2
Create a transform rule to replace the Cisco VCS IP address with the SIP domain.
Select VCS Configuration ->Dial Plan ->Transforms and click New. Change the
fields as shown and click Create Transform.
Figure 114 : VCS Create Transform to convert VCS IP address to SIP domain
** Note:
Use priority 5. The pattern string is (.+)@%ip%(:.*), and the replace

string should use the customers SIP domain.
154
8.
Create a search rule to remove the SIP domain. Select VCS Configuration ->Dial
Plan ->Search Rules and click New. Change the fields as shown and click Create
Search Rule.
Figure 115 : VCS Rule to remove SIP domain
** Note: 1
The pattern string is (.+)@cisco.com.*, and it should use the

customers SIP domain.
2 This search rule allows SIP calls to H.323 calls to work.
9.
Create a search rule to dial with full URI to local zone as shown below. Select VCS
Configuration ->Dial Plan ->Search Rules and click New. Change the fields as
shown and click Create Search Rule.
Figure 116 : VCS Rule to dial full URI
155
** Note: 1
The pattern string is (.+)@cisco.com.*, and it should use the

customers SIP domain.
2 This search rule would keep the calls on the Cisco VCS that are destined for the
local zone.
10.
Create a search rule to route calls to Cisco Unified Communications Manager.

Select VCS Configuration ->Dial Plan ->Search Rules and click New. Change
the fields highlighted and click Create Search Rule.
Figure 117 : VCS Rule to route calls to CUCM
** Note:
The pattern string varies depending on the customers Cisco Unified

Communications Manager dial plan. In this example, all calls with extension
2XXX will be sent to Cisco Unified Communications Manager. The customers SIP
domain should be used in the pattern string. The replace string should use the
customers Cisco Unified Communications Manager IP address.
Endpoints Registration with Cisco VCS
Cisco E20 phone registration steps
11.
12.
13.
14.
On the phone, press the

icon to bring up the home menu. Use
to
navigate to the Menu tab and scroll down to System Information to find out the
software version. If the version is older than TE4.0.0, upgrade the phone
software to the latest version.
On the phone, press the
icon to bring up the home menu. Use
to
navigate to the Menu tab and scroll down to select Startup Wizard.
From the Infrastructure field, choose the Manual option.
Enter XXXX@<domain> in the URI field, where XXXX is the phone extension and
the domain name is defined in Cisco VCS. For example, a phone with extension
3101 registered with domain cisco.com configured in the Cisco VCS would have
URI 3101@cisco.com.
156
Leave Username and Password fields as <empty>.

16. Enter the IP address of the Cisco VCS into the External Manager field.
17. Select Continue to initiate phone registration.
18. After the phone is registered successfully, the extension should appear in
the top left of the phone display. Make a test call to verify phone functions.
For more detailed information about the Cisco E20, refer to the Cisco E20
documentation set available at:
http://www.cisco.com/en/US/products/ps11329/tsd_products_support_series_ho
me.html.
15.
Cisco TelePresence EX60 or EX90 Phone registration steps

Procedures described in this section apply to both EX60 and EX90 for registering
phones with Cisco VCS.
19.
20.
21.
On the phone touch panel, select More ->Settings ->System Information to find
out the software version. If the version is older than TC5.0.0, upgrade to the
phone software to the latest version.
On the phone touch panel, select More ->Settings ->Administrator Settings >Network Settings ->SIP Settings.
Enter XXXX@<domain> in the URI field, where XXXX is the phone extension and
the domain name is defined in the Cisco VCS. For example, a phone with
157
22.
23.
24.
25.
26.
27.
28.
extension 3102 registered with domain cisco.com configured in Cisco VCS would
have URI 3102@cisco.com.
Choose TCP as the Default Transport.
Select Cisco for the Proxy Type.
Select Manual for Proxy Discovery.
Enter the Cisco VCS IP address into the Proxy Address box.
Leave LoginName and Password fields as <empty>.
Click Save to save the changes.
After the phone is registered successfully, the URI should appear in the top
middle of the phone display. Make a test call to verify phone functions.
** Note: If the phone still does not register after awhile, restart the phone. To
restart, select More ->Settings ->Restart, click Restart, and select Restart from
pop-up window to confirm.
158
Third-Party Integration
Third party integration is supported in the Jabber architecture. Depending on the
requirement we can do integration with Lync/OCS, XMPP, SIP federation, etc.
Table 4 Configuration checklist for Third Party Integration
S.No
1
2
3
4
Inter-domain SIP Federation
Federation with Microsoft Lync with Static Routes over TCP
Federation with Microsoft Lync with Static Routes over TLS
Partitioned Intra-Domain Federation with Microsoft OCS
Cisco Unified Presence Federation Overview

This integration enables Cisco Unified Presence users in one enterprise domain to
exchange presence information and Instant Messaging (IM) with users in foreign
domains. Cisco Unified Presence uses different protocols to federate with different
foreign domains.
Cisco Unified Presence uses the standard Session Initiation Protocol (SIP RFC 3261)
to federate with:
Microsoft Office Communications Server Release 2 (OCS R2), OCS 2007,

Microsoft Lync 2010.
AOL SIP Access Gateway (SAG)
SIP federation with AOL enables Cisco Unified Presence users to federate
with the following users:
o Users of AOL public communities, for example, aim.com, aol.com.
o Users of an enterprise whose domain is hosted by AOL.
o Users of a foreign enterprise that federate with AOL. Cisco Unified
Presence could use AOL as a clearing house to federate with these
foreign enterprises.
Cisco Unified Presence uses the Extensible Messaging and Presence Protocol
(XMPP) to federate with:
IBM Sametime Server 8.2 and 8.5
Cisco Jabber Release 6
GoogleTalk
Cisco Unified Presence Release 8.x
Any other server that is XMPP Standards compliant

159
Limitation with Third-Party Federations
Only Cisco Unified Presence Release 8.5(2) or higher supports

interdomain federation with Microsoft Lync. For Cisco Unified Presence
Release 8.5(2) or higher, any reference to interdomain federation with OCS
also includes Microsoft Lync, unless explicitly stated otherwise.
Only Cisco Unified Presence Release 8.5.x or higher supports interdomain
federation with AOL.
If you deploy SIP federation with AOL, Cisco Unified Presence does not
support these AOL users whose screen names are an email address, and not a
userID.
Cisco Unified Presence does not support federation between a Cisco Unified
Presence Release 8.x enterprise, and a Cisco Unified Presence Release 7.0(x)
enterprise.
Cisco Unified Presence supports XMPP federation with GoogleTalk over TCP.
XMPP federation with GoogleTalk over TLS is not supported.
Federation Deployment models
Inter-domain Sip federation with ASA as Edge on the Domain.

o Federation with Microsoft OCS/LCS server.
o Federation with Microsoft LYNC server.
o Federation with AOL Server.
Inter-domain Direct SIP federation.

o Federation with Microsoft OCS/LCS Server using Static Routes over
TCP
o Federation with Microsoft OCS/LCS Server using Static Routes over
TLS
o Federation with Microsoft Lync Server with Static Routes over TCP.
o Federation with Microsoft Lync Server with Static Routes over TLS.
Intra-domain Partition based Federations with OCS over SIP.

o Federation with Microsoft OCS server.
Inter-domain XMPP federation.

o Google Talk Federation with XMPP over TCP.
o IBM Same-time Federation with XMPP over TLS.
o Third-party XMPP complaint server.
160
Inter-domain Direct SIP federation

Figure 118 : Inter-Domain SIP Federation
161
Federation with Microsoft Lync Server with Static Routes over TCP
Configuration on the CUPS Server
1. Configure Federation domain Service parameter for Presence server.
a) Log in to Cisco Unified Presence server Administration console.
https://CUPS-IP-ADDRESS/cupadmin/showHome.do
b) Select System>Service parameter.
Figure 119 : Configuring CUPS Service Parameters for Federation over TCP
c) Select Server>Cisco Sip proxy.

Figure 120 : Service Parameters for SIP Proxy for Federation
d) Go to Federation Routing Parameters (Clusterwide) section.

e) Update Federation Routing CUP FQDN for Presence Cluster.
f) Click Save.
2. Configure Foreign Sip Federation domain.
162
a) Select Presence>inter-domain Federation>Sip Federation.

Figure 121 : Configuring SIP Federation
b) Click Add New.

c) Enter Domain Name which will be foreign Domain name.
d) Select Integration Type to Inter-Domain to OCS/Lync.
e) Check Direct Federation.
Figure 122 : Configuring SIP Federation to OCS/Lync
f) Click Save.
3. Configure Static Route for Foreign Domain over TCP.
a) Select Presence>Routing>Static Routes.
163
Figure 123 : Configuring Static routes for Federation
b) Click Add New.

c) Enter Destination pattern.(This should is Reverse Form
Example:.com.pod3.jabberlab.*)
d) Enter Next Hop.( FQDN for Lync server. )
e) Enter Next Hop port. (5060 for TCP on LYNC server)
f) Select Route Type: Domain.
g) Select Protocol Type: TCP.
164
Figure 124 : Configuring Static Routes
h) Leave rest as default.

i) Click Save.
4. Restart Sip proxy service and XCP Router.
a) Log in to Cisco Unified presence serviceability. https://<presence server
ipaddress:8443/ccmservice/
b) Select Tools>Control Centre Feature Services.
Figure 125 : Restart CUPS services for federation configuration
c) Select Server.
d) Select Cisco UP Sip Proxy
e) Click Restart.
165
f) Select Tools>Control Centre Network Services.

g) Select Server.
h) Select Cisco UP XCP Router.
i) Click Restart.
j) Repeat Steps from II to IX on all servers in presence Cluster.

Configuration on the LYNC Server
1. Configuring static route for CUPS server SIP domain.
a) Log in to the LYNC server where Topology Builder is installed.
b) Open the Lync Server Management Shell.
c) Add a Static route for CUPS Sip domain.
Figure 126 : Lync Server Management Shell configuration for Static Routes
$<Variable> = New-CsStaticRoute -TCPRoute -Destination <IP address or
FQDN of Cisco Unified Presence routing node> -Port <SIP listening port
of Cisco Unified Presence routing node> -MatchUri <destination domain>
Example: $tcpRoute = New-CsStaticRoute -TCPRoute -Destination
"10.122.45.56" -Port 5060 -MatchUri "Jabberlab.pod1.com"
d) Adding the Static route to persistent route Database.
Set-CsStaticRoutingConfiguration -Route @{Add=$tcpRoute}
e) Check if the static route is added to persistent route Database.
166
Get-CsStaticRoutingConfiguration -identity global | Select-Object ExpandProperty Route
2. Configure trusted application pool.

a) Open the Lync Server Management Shell
b) Before you add the Trust application pool Get your site information so
you can add Application pool to which site you want.
Figure 127 : Lync Server Management Shell Site Information
Get-CsSite
c) Add the Trusted application pool.

New-CsTrustedApplicationPool -Identity <IP address of Cisco Unified
Presence node> [-Registrar <Service ID or FQDN of the next hop>] -Site
<Site ID for the site where you want to create the trusted application
pool> TreatAsAuthenticated $true -ThrottleAsServer $true
Example: New-CsTrustedApplicationPool -Identity 10.122.45.56 Registrar jabber-ly-pod3.jabberlab.pod3.com -Site 1 TreatAsAuthenticated $true -ThrottleAsServer $true
//Please enter Trust Application pool for both presence servers.
Example: New-CsTrustedApplicationPool -Identity 10.122.45.57 Registrar jabber-ly-pod3.jabberlab.pod3.com -Site 1 TreatAsAuthenticated $true -ThrottleAsServer $true
3. Configure Trusted application server to Create pool.
a) Open the Lync Server Management Shell.
167
b) Make sure you have Application pools are there in your Topology.
c) Add Trust application server to Pool that is created in above step.
Figure 128 : Lync Server Management Shell configuration- Add pool
New-CsTrustedApplication -ApplicationID <application name> TrustedApplicationPoolFqdn <IP Address of Cisco Unified Presence
node> -Port <listening port of Cisco Unified Presence node> EnableTcp
Example:New-CsTrustedApplication -ApplicationID jabber-CUPPub-pod1
-TrustedApplicationPoolFqdn 10.122.45.56 -Port 5060 EnableTcp
//Please enter the All the nodes to
Example:New-CsTrustedApplication -ApplicationID jabber-CUPsub-pod1
-TrustedApplicationPoolFqdn 10.122.45.57 -Port 5060 -EnableTcp
d) Enable topology that you just build.
Enable-CsTopology.
4. Modify Trusted application pools to Disable replication and Point to single IP

address.
a) Sign into the computer where Topology Builder is installed. You must
sign in as a member of the Domain Admins group and the
RTCUniversalServerAdmins group.
b) Select Start > All Programs > Microsoft Lync Server 2010 > Lync
Server Topology Builder.
c) Select the option to download an existing topology.
168
Figure 129 : Lync Server Download topology
d) Expand the Trusted applications servers node.

e) Right-click the trusted application pool that you created and select
Edit Properties.
f) Uncheck Enable replication of configuration data to this pool.

169
g) Select Limit service usage to selected IP addresses

h) In the Primary IP address field, enter the IP address of the presence
server SIP gateway.
Figure 130 : Lync Server Configure SIP gateway
i) Repeat Steps IV trough VII for other application pool you have
created.
j) To update the topology in the Central Management store, in the
console tree, select Lync Server 2010 and from the Actions pane,
select PublishTopology.
170
Figure 131 : Lync Server Publish Topology
5. Configure LYNC Server to communicate on TCP port 5060.

b) Please enter this command below.
Set-CsRegistrar registrar:<FQDN of Lync Server pool> -SipServerTcpPort
5060
Example:Set-CsRegistrar registrar:jabber-ly-pod3.jabberlab.pod3.com SipServerTcpPort 5060
6. Adding Federation domain and External Access Policy to allow users
communicate with Presence domain.
a) Open Microsoft LYNC Server 2010 Control Panel.
b) Sign into the computer where Topology Builder is installed. You must
c) Select External User Access.
d) Click on New>User Policy.
e) Enter Name, Description.
171
f) Check Enable communication with Federated users.

g) Check Enable communication with Public Users.
Figure 132 : Lync Server Configuring Access policy for users
h) Click Commit.
i) Click Federated Domain Tab.
j) Click New> Allowed Domain.
k) Enter Domain Name, Access Edge server.
l) Click Commit.
172
7. Assigning External Access policy to Users who need access to CUPS users.
a) Click on Users Tab.
b) Fill filter to identify Users you want to enable External Policy.
c) Click on user Edit > Show Details.
d) Scroll down to External Access Policy. Assign the one you created for
Federated users and Public users.
e) Click Commit.
f) If we want to assign user in Bulk you can open Lync Server
Management Shell.
g) Run this cmdlet that can all update users
get-csuser | grant-csexternalaccesspolicy -policyname "External
173
Federation with Lync Server with Static Routes over TLS

Configuration On The CUPS Server
1. Configure Federation domain Service parameter for Presence server.
a) Log in to Cisco Unified Presence server Administration console.
https://CUPS-IP-ADDRESS/cupadmin/showHome.do
b) Select System>Service parameter.
Figure 133 : Configuring CUPS Service Parameters for Federation over TLS
c) Select Server>Cisco Sip proxy.

Figure 134 : Service Parameters for SIP Proxy for Federation over TLS
d) Go to Federation Routing Parameters (Clusterwide) section.

e) Update Federation Routing CUP FQDN for Presence Cluster.
f) Click Save.
2. Configure Foreign Sip Federation domain.
174
g) Select Presence>inter-domain Federation>Sip Federation.

Figure 135 : Configuring SIP Federation
h) Click Add New.

i) Enter Domain Name which will be foreign Domain name.
j) Select Integration Type to Inter-Domain to OCS/Lync.
k) Check Direct Federation.
Figure 136 : Configuring SIP Federation to OCS/Lync
l) Click Save.
3. Configure Static Route for Foreign Domain over TLS.
a) Select Presence>Routing>Static Routes.
175
Figure 137 : Configuring Static routes for Federation
b) Click Add New.

c) Enter Destination pattern.(This should is Reverse Form
Example:.com.pod3.jabberlab.*)
d) Enter Next Hop.( FQDN for Lync server. )
e) Enter Next Hop port. (5061 for TCP on LYNC server)
f) Select Route Type: Domain.
g) Select Protocol Type: TLS.
Figure 138 : Configuring Static Routes
h) Leave rest as default.

176
i) Click Save.
j) Go to System>Security >TLS Peer Subject.
k) Add Peer Subject Name.
Note: This need to match with Case what is in Certificate
Figure 139 : Configuring TLS peer subject
l)
Click Save.
m) Go to System>Security >TLS Context Configuration.

n) Select Default_Cisco_UP_SIP_Proxy_Peer_Auth_TLS_Context.
o) Select all Available TLS Ciphers and move to Selected TLS Ciphers.
p) Select the available Peer we added above TLS Peer Subject.
q) Click Save.
177
Figure 140 : Configuring TLS context
r) Click Save.
4. Validating LYNC Server Certificate.
a) Go to System>Security >Certificate Import Tool.
b) Select Certificate Trust Store to CUP Trust.
c) Enter the FQDN for LYNC Server in Peer server.
d) Enter port in 5061 in peer server port.
e) Click Submit.
Figure 141 : Validating Lync certificate
178
f) In the Peer Server status you should see all checks.
Figure 142 : Verify Peer Server Status
g) Click on View Details. To view Certificate details.

NOTE: LYNC Server Certificate should have Client Authentication and Server
Authentication Extensions without this you will get Certificate Unsupported
error.
5. Generating Certificate signed request CUP service.
a) Log in to OS administration. https://CUPS-IP-ADDRESS:8443/cmplatform.
b) Select Security>Certificate Management.
179
Figure 143 : CUPS Certificate Management
c) Click Find.
Figure 144 : Certificate List
d) From the list you should see CUP Certificate which is Self-signed.
180
e) Click on Generate CSR.
181
Figure 145 : Generate CSR
f) Pop up window to generate CSR for specific server.

g) Select Certificate Name to CUP.
182
h) Click Generate CSR.

i) Click Close.
j) Option to Download CSR will be available.
Figure 146 : Download CSR
k) Click on Download CSR.

l) Select Certificate Name to CUP.
m) Save the Certificate.
n) Send Certificate for CA enrolment.
o) Repeat the steps for all CUPS servers in your Cluster.
183
6. Import Certificate for CUP service.

a) Log in to OS administration. https://CUPS-IP-ADDRESS:8443/cmplatform.
b) Select Security>Certificate Management.
Figure 147 : Import Certificate for CUPS
c) Click Upload Certificate/Certificate Chain.

NOTE: Before uploading the certificate. Please make sure you have all Sub CA
chain in Imported in CA.
d) Popup window for Upload Certificate/Certificate Chain opens.
e) Please select Certificate name CUP.
f) Upload File Browse the file and click Upload File
184
Figure 148 : Import Certificate to CUPS
g) Click Close.
h) Go back to Certificate management Window.
i) Click Find.
j) Root CA certificate in CUP-Trust store and Certificate for CUP service.
185
k) Repeat same steps in Import Certificate for CUP service section for all
servers in Cluster.
7. Restart Sip proxy service ,XCP router and Cisco Tomcat.
a) Log in to Cisco Unified presence serviceability. https://<presence server
ipaddress:8443/ccmservice/
b) Select Tools>Control Center Feature Services.
Figure 149 : Restart CUPS services for certificate upload
c) Select Server.
186
d) Select Cisco UP Sip Proxy.

e) Click Restart.
k) Select Tools>Control Centre Network Services.

l) Select Server.
m) Select Cisco UP XCP Router.
n) Click Restart.
o) Repeat Steps from XI to XIV on all servers in presence Cluster.

p) Log in to SSH session to CUPS server.
q) Now run command
187
Utils service restart Cisco Tomcat.
r) Repeat Steps from XVI to XIX on all servers in presence Cluster.

NOTE: Restart Complete cluster is recommended.
Configuration on the LYNC Server
1. Configuring static route for CUPS server SIP domain.
a) Log in to the LYNC server where Topology Builder is installed.
b) Open the Lync Server Management Shell.
c) Add a Static route for CUPS Sip domain.
188
Figure 150 : Lync Add Static Route to CUPS

$tlsRoute = New-CsStaticRoute -TLSRoute -Destination <FQDN of Cisco
Unified Presence routing node> -Port <listening port of Cisco Unified
Presence routing node> -usedefaultcertificate $true -MatchUri
<destination domain>
If Certificate Authority is not same for both Cisco Unified presence server
and MS LYNC server you need to import the CA cert for Presence Server
in LYNC Server Trusted Certificate Store. And issue Static route
command with TLSCertIssuer and TLSCertSerialNumber parameters.
Example for tlsroute using -usedefaultcertificate $true
Example: $tlsRoute = New-CsStaticRoute -TLSRoute -Destination
"Jabber-CUPSPUB-POD1.Jabberlab.pod1.com" -Port 5062 usedefaultcertificate $true -MatchUri "Jabberlab.pod1.com".
Example for TLs Static route with -usedefaultcertificate $False.
Example: $tlsRoute = New-CsStaticRoute -TLSRoute -Destination jabbercupspub-pod1.jabberlab.pod1.com -Port 5062 -UseDefaultCertificate
$false -TLSCertIssuer "Jabber-CA-POD1" -TLSCertSerialNumber
0X1E, 0X16, 0XC2, 0X81, 0XF5, 0XC3, 0X77, 0X93, 0X4A, 0X57, 0X82,
0XCD, 0XA1, 0X4D, 0XD5, 0X1A -MatchUri "jabberlab.pod1.com"
d) Adding the Static route to persistent route Database.

Set-CsStaticRoutingConfiguration -Route @{Add=$tlsRoute}
e) Check if the static route is added to persistent route Database.
Get-CsStaticRoutingConfiguration -identity global | Select-Object ExpandProperty Route
2. Configure trusted application pool.
a) Open the Lync Server Management Shell
b) Before you add the Trust application pool Get your site information so
you can add Application pool to which site you want.
189
Figure 151 : Lync Server Management Shell Site Information

Get-CsSite
c) Add the Trusted application pool.

New-CsTrustedApplicationPool -Identity <IP address of Cisco Unified
Presence node> [-Registrar <Service ID or FQDN of the next hop>] -Site
<Site ID for the site where you want to create the trusted application
pool> TreatAsAuthenticated $true -ThrottleAsServer $true
Example: New-CsTrustedApplicationPool -Identity jabber-cupspubpod3.jabberlab.pod3.com -Registrar jabber-ly-pod3.jabberlab.pod3.com Site 1 -TreatAsAuthenticated $true -ThrottleAsServer $true
//Please enter Trust Application pool for both presence servers.
Example: New-CsTrustedApplicationPool -Identity jabber-cupssubpod3.jabberlab.pod3.com -Registrar jabber-ly-pod3.jabberlab.pod3.com Site 1 -TreatAsAuthenticated $true -ThrottleAsServer $true
3. Configure Trusted application server to Create pool.
b) Add Trust application server to Pool that is created in above step.
190
Figure 152 : Lync Server Management Shell Trusted application server

New-CsTrustedApplication -ApplicationID <application name> TrustedApplicationPoolFqdn <IP Address of Cisco Unified Presence
node> -Port <listening port of Cisco Unified Presence node> EnableTcp
Example:New-CsTrustedApplication -ApplicationID jabber-CUPPub-pod1
-TrustedApplicationPoolFqdn jabber-cupspub-pod3.jabberlab.pod3.com
-Port 5062 EnableTcp
//Please enter the All the nodes to
Example:New-CsTrustedApplication -ApplicationID jabber-CUPsub-pod1
-TrustedApplicationPoolFqdn jabber-cupssub-pod3.jabberlab.pod3.com
-Port 5062 -EnableTcp
c) Enable topology that you just build.
Enable-CsTopology.
4. Modify trusted application pools to Disable replication and Point to single Ip

address.
a) Sign into the computer where Topology Builder is installed. You must
b) Select Start > All Programs > Microsoft Lync Server 2010 > Lync
Server Topology Builder.
c) Select the option to download an existing topology.
191
Figure 153 : Lync Download topology
d) Expand the Trusted applications servers node.

e) Right-click the trusted application pool that you created and select
Edit Properties.
f) Uncheck Enable replication of configuration data to this pool.

g) Select Limit service usage to selected IP addresses
192
h) In the Primary IP address field, enter the IP address of the presence

server SIP gateway.
i) To update the topology in the Central Management store, in the

console tree, select Lync Server 2010 and from the Actions pane,
select PublishTopology.
193
Figure 154 : Lync Publish Topology
5. Adding Federation domain and External Access Policy to allow users

communicate with Presence domain.
a) Open Microsoft LYNC Server 2010 Control Panel.
b) Sign into the computer where Topology Builder is installed. You must
c) Select External User Access.
d) Click on New>User Policy.
e) Enter Name, Description.
f) Check Enable communication with Federated users.
g) Check Enable communication with Public Users.
194
Figure 155 : Lync Configure user policy
h) Click Commit.
i) Click Federated Domain Tab.
j) Click New> Allowed Domain.
k) Enter Domain Name, Access Edge server.
l) Click Commit.
195
Figure 156 : Lync Add allowed domain
6. Assigning External Access policy to Users who need access to CUPS users.
a) Click on Users Tab.
b) Fill filter to identify Users you want to enable External Policy.
c) Click on user Edit > Show Details.
d) Scroll down to External Access Policy. Assign the one you created for
Federated users and Public users.
e) Click Commit.
f) If we want to assign user in Bulk you can open Lync Server
Management Shell.
g) Run this cmdlet that can all update users
get-csuser | grant-csexternalaccesspolicy -policyname "External"
196
Partitioned Intra-Domain Federation with OCS

Cisco Unified Presence Configuration
Enable Partitioned Intradomain Federation

Step 1 Select Cisco Unified Presence Administration > Presence > Settings.
Step 2 Check Enable Partitioned Intradomain Federation with LCS/OCS.
Step 3 Read the warning message and select OK.
Step 4 Select one of the following from the Partitioned Intradomain Federation
Routing Mode drop-down list:
Basic Routing Mode (Default)
Advanced Routing Mode
Step 5 Select Save.

Step 6 After you enable Partitioned Intradomain Federation or select a routing
mode, you must restart the Cisco UP XCP Router on all Cisco Unified Presence nodes
in the cluster. To restart the Cisco UP XCP Router, select Cisco Unified
Serviceability > Tools > Control Center - Network Services.
197
Configure static routes to OCS deployment.

Step 1 Select Cisco Unified Presence Administration > Presence > Routing >
Static Routes.
Step 2 Select Add New.
Step 3 Enter the Destination Pattern value so that the domain, or FQDN, is
reversed. For example:
If the domain is domaina.com, the Destination Pattern value must be
.com.domaina.
If the FQDN is name1.name2.domain.com, the Destination Pattern value must be
.com.domain.name2.name1.
Step 4 Select domain for the Route Type.
Step 5 Enter the IP address of the LCS/OCS server in the Next Hop field.
Step 6 Set the Next Hop Port and the Protocol Type as follows:
For TLS Encryption:
Next Hop Port number is 5061
Protocol Type is TLS
For TCP:
Next Hop Port number is 5060
Protocol Type is TCP
Step 7 Enter the Priority value as follows:
For primary static routes, enter the default Priority value of 1.
For backup static routes, enter a Priority value of greater than 1. (The lower the
value, the higher the priority of the static route.)
Step 8 Select the default values for all other parameters.
Step 9 Select Save.
198
Configure Access Control Lists for OCS deployment.

Step 1 Select Cisco Unified Presence Administration > System > Security >
Incoming ACL.
Step 2 Select Add New.
Step 3 In the Description field, enter a description of the entry, for example, OCS
Server.
Step 4 In the Address Pattern field, enter one of the following:
All
<domain_name>
<IP_Address>
<FQDN>
Step 5 Select Save.
199
Note: If you are configuring a dedicated Routing Cisco Unified Presence server,
deactivate unnecessary feature services on the Routing Cisco Unified Presence
server.
OCS Configuration
Enable port 5060

Step 1 Select Start > Programs > Administrative Tools > Office
Communications Server 2007 R2.
Step 2 Right-click the FQDN of the Standard Edition or Enterprise Edition front-end
server and select Properties > Front End Properties.
Step 3 Click the General tab.
Step 4 If port 5060 is not listed under Connections, select Add.
Step 5 Select All as the IP Address Value.
Step 6 Select 5060 as the Port Value.
Step 7 Select TCP as the Transport Value.
Step 8 Select OK to close the Add Connection window. Port 5060 should now be
listed under the Connections list.
Step 9 Select OK again to close the Front End Server Properties window.
200
Configure static routes to Cisco Unified Presence deployment

201
Step 2 Right-click the Enterprise Edition pool name or the Standard Edition server
name, as appropriate.
Step 3 Select Properties > Front End Properties.
Step 4 Select the Routing tab and select Add.
Step 5 Enter the domain for the Cisco Unified Presence server, for example,
foo.com.
Step 6 Ensure that Phone URI is unchecked.
Step 7 Enter the IP address of the Cisco Unified Presence server as the Next Hop IP
address.
Step 8 Select TCP for the Next Hop Transport value.
Step 9 Enter 5060 for the Next Hop Port value.
Step 10 Ensure that Replace host in request URI is unchecked.
Step 11 Select OK to close the Add Static Route window. The new static route
should appear in the Routing list.
Step 12 Select OK again to close the Front End Server Properties window.
202
Add host authorization for Cisco Unified Presence deployment

Step 2 Right-click the Enterprise Edition pool name or the Standard Edition server
name, as appropriate.
Step 3 Select Properties > Front End Properties.
Step 4 Select the Host Authorization tab and select Add.
Step 5 If you are entering an FQDN, select FQDN and enter the FQDN of the
Cisco Unified Presence server. For example, cup1.foo.com.
Step 6 If you are entering an IP address, select IP Address and enter the IP address
of the Cisco Unified Presence server. For example, 10.x.x.x.
Step 7 Ensure that Outbound Only is unchecked.
Step 8 Check Throttle as Server.
Step 9 Check Treat as Authenticated.
Step 10 Select OK to close the Add Authorized Host window.
203
Step 11 Repeat Step 4 to Step 10 for each Cisco Unified Presence server.
Step 12 After you add all the Host Authorization entries, select OK to close the
Front End Server Properties window.
204
Note: Restart services on OCS Front End Servers

205
Step 2 Right-click the FQDN of the Standard Edition server or Enterprise Edition
front-end server and select Stop > Front End Services > Front End Service.
Step 3 After the services stop, right-click the FQDN of the Standard Edition server
or Enterprise Edition front-end server and select Start > Front End Services >
Front End Service.
206
CUPS Inter-domain TCP federation with CUPS

To allow Cisco Unified Presence to federate over XMPP, you must enable and
configure XMPP federation on Cisco Unified Presence, following the procedures we
describe in this chapter.
If you have multiple Cisco Unified Presence clusters, you must enable and configure
XMPP federation on at least one node per cluster. The XMPP federation
configuration must be identical across clusters. The Diagnostics Troubleshooter
compares the XMPP federation configuration across clusters, and reports if the
XMPP federation configuration is not identical across cluster.
Turning on XMPP Federation on a Node
This setting is turned off by default.
Step 1 Select Cisco Unified Presence Administration > Presence > Inter
Domain Federation XMPP Federation > Settings.
Step 2 Select On in the XMPP Federation Status menu.
207
Step 3 Select Save.

Configuring the Security Settings for TCP XMPP Federation
Step 1 Select Cisco Unified Presence Administration > Presence > Inter
Domain Federation > XMPP Federation > Settings.
Step 2 Select a security mode from the menu:
No TLSCisco Unified Presence will not establish a TLS connection with the foreign
domain. The system uses a non-encrypted connection to federate with the foreign
domain, and uses the server dialback mechanism to verify the identity of the other
server.
Step 3 Enter the dialback secret if you want to use DNS to verify the identity of a
foreign server that is attempting to connect to Cisco Unified Presence. Cisco Unified
Presence will not accept any packets from the foreign server until DNS validates the
identity of the foreign server.
Step 4 Select Save.
208
DNS SRV Records for XMPP Federation

To allow Cisco Unified Presence to discover a particular XMPP federated domain,
the federated enterprise must publish the DNS SRV record _xmpp-server in its
public DNS server. Similarly, Cisco Unified Presence must publish the same DNS SRV
record in the DNS for its domain. Both enterprises must publish the port 5269. The
published FQDN must also be resolvable to an IP address in DNS.
The record required is:
_xmpp-server._tcp.<domain>
On a windows DNS server here is an example to add SRV record for XMPP server.
209
210
For a single cluster, you only need to enable XMPP federation on one node in the
cluster. You publish one DNS SRV record for the enterprise in the public DNS.
Cisco Unified Presence routes all incoming requests from foreign domains to the
node running federation. Internally Cisco Unified Presence reroutes the requests to
the correct node for the user. Cisco Unified Presence also routes all outgoing
requests to the node running XMPP federation.
You can also publish multiple DNS SRV records, for example, for scale purposes, or if
you have multiple Cisco Unified Presence clusters and you must enable XMPP
federation at least once per cluster. Unlike SIP federation, XMPP federation does not
require a single point of entry for the Cisco Unified Presence enterprise domain. As a
result, Cisco Unified Presence can route incoming requests to any one of the
published nodes in the cluster that you enable for XMPP federation.
In an intercluster and a multi-node cluster Cisco Unified Presence deployment,
when a foreign XMPP federated domain initiates a new session, it performs a DNS
SRV lookup to determine where to route the request. If you publish multiple DNS
SRV records, the DNS lookup returns multiple results; Cisco Unified Presence can
route the request to any of the servers that DNS publishes. Internally
Cisco Unified Presence reroutes the requests to the correct node for the user.
Cisco Unified Presence routes outgoing requests to any of the nodes running XMPP
federation.
If you have multiple nodes running XMPP federation, you can still choose to publish
only one node in the public DNS. With this configuration, Cisco Unified Presence
routes all incoming requests to that single node, rather than load-balancing the
incoming requests across the nodes running XMPP federation.
Cisco Unified Presence will load-balance outgoing requests and send outgoing
request from from any of the nodes running XMPP federation.
Turning On the XMPP Federation Service
You need to turn on the Cisco UP XCP XMPP Federation Connection Manager service
on each Cisco Unified Presence node that runs XMPP federation. Once you turn on
the Federation Connection Manager service from the Service Activation window,
Cisco Unified Presence automatically starts the service; you do not need to manually
start the service from the Control Center - Feature Services window.
Step 1 Select Cisco Unified Serviceability > Tools > Service Activation.
Step 2 Select the server from the Server list box.
Step 3 Select Go.
Step 4 Select the radio button next to the Cisco UP XCP XMPP Federation
Connection Manager service in the CUP Services section.
211
Step 5 Select Save.

Important Notes About Restarting Services for XMPP Federation
If you make a change to any of the XMPP Federation settings, you must restart these
services in Cisco Unified Serviceability: Cisco UP XCP Router (select Tools > Control
Center - Network Services), Cisco UP XCP XMPP Federation Connection Manager
(select Tools > Control Center - Feature Services). When you restart the Cisco UP
XCP Router service, Cisco Unified Presence restarts all the XCP services.
If you enable or disable XMPP federation on a node, you must restart the Cisco UP
XCP Router on all nodes within a cluster, not just on the node where XMPP
federation has been enabled or disabled. For all other XMPP federation settings, a
Cisco UP XCP Router restart is only required on the node to which the setting is
being changed.
212
Webex Meetings and IM/Presence on the cloud are a feature of Jabber clients. The
Jabber client can join or start a meeting depending on its capability.
Table 5 Configuration checklist for Cloud deployment
S.No
1
2
3
Webex Admin configuration
Cisco Unified Communications Manager Integration on Webex admin
Voicemail Configuration on Webex admin
Webex Configuration
Sign in to the Administration Tool
This topic describes the procedure for signing in to Cisco WebEx Administration
Tool using the Web interface
https://webex.com/go/connectadmin
Figure 157 : Webex Admin tool login
1. Enter your sign in details in the Username and Password fields.

2. Select Remember Username if you want to avoid typing in the username
each time you sign in.
213
3. Click Sign In to sign in to Cisco Webex Administration Tool.

Cisco Webex Administration Tool interface
The following graphic explains the tabs available in Cisco Webex Administration
Tool.
Figure 158 : Webex admin page
User
Configuration
Policy Editor
Group
Report
About
Help
Add and configure user information.

Configure settings for various features of Cisco WebEx
such as general information about your organization,
domains, password enforcement, user provisioning, IM
settings, and additional services such as IM federation, IM
archiving, and unified communications.
Set policies and rules for users.
Assign group policies.
View usage reports on users.
View Cisco Jabber version information.
View Cisco Jabber documentation.
From the Administrative Tools tab, you can:
Enable self-registration.
Customize various system-generated emails sent to Cisco Jabber users.
Add new Cisco Jabber users and assign Roles and Groups to these users.
Enforce password requirements
Import and export users from or to comma-separated value (CSV) files.
Define and apply policies and policy actions.
Note: When a User-Only administrator signs into Organization
Administration, only the User, Report, About, and Help links will be
displayed
Creating new users

An Organization Administrator can add new users, one at a time from the User tab
or import using a CSV file.
To create a new user or administrator:
1. In Cisco Webex Administration Tool, click the User tab.
214
215
Figure 159 : Webex admin Users
2. Click the Add icon to open the Add User dialog box.
Figure 160 : Webex admin Add users
Note: Organization Administrators have the ability to create User-Only
Administrator roles. These User Administrators have rights pertaining to
User Management only.
User Administrators cannot create new Organization Administrators.
4. Enter the applicable information in each field. Note that the fields marked
with a red asterisk (*) are mandatory. The default Role is User (nonadministrator).
216
Note: The Business Email is the Username. You cannot edit the
Username.
5. Assign policy group to users.
Figure 161 : Webex admin Add policy group
6. Optionally, click the Policy Group Assignment tab to assign a policy group
to the user. For more information on assigning policy groups, see Assigning
Policy Groups to Users.
7. If IM Archiving is enabled for your Cisco Jabber Organization, the Archive
IMs check box is displayed on the Add User dialog box. The checkbox will
appear grayed out if archiving endpoints have not been configured. To
configure an archiving endpoint, see Setting up IM Archiving.
8. To log IMs for this user for archival, select the Archive IMs checkbox. The
name of the Archiving endpoint is displayed.
9. To change the endpoint, select a different endpoint from the drop down list.
Archiving endpoints are defined in the IM Archiving screen of Cisco Webex
Administration Tool. Selecting Default will assign the user to the endpoint
217
preconfigured as the default endpoint in the IM Archiving screen. For more

information, see Setting up IM Archiving.
10. To assign this user to an upgrade site, select the appropriate site from the
Upgrade Site drop down list as shown in the following graphic. For
information about upgrade sites, see Creating upgrade sites.
Figure 162 : Webex admin Edit User account settings
11. If your Cisco Jabber Organization is enabled with Cisco Unified

Communications, the Unified Communications tab is displayed on the Add
User dialog box as shown in the following graphic.
12. Click the Unified Communications tab to view the settings available for
Cisco Unified Communications.
218
Figure 163 : Webex admin UC settings for user
13. Under Cluster, select the applicable Cisco Unified Communications cluster to
which you want to add this user. For more information, see Creating unified
communications clusters .
14. If your Cisco Jabber Organization is enabled with Cisco WebEx Meeting
Center integration, the Add User dialog box will be displayed.
Notes:
o
The Meeting Account check box will be selected by default if you

have enabled Automatically enable Meeting account when
creating a new user in the Meetings screen. In such a case, you
cannot clear the Meeting Account check box. For more
information, see Enabling Tightly Coupled Integration for a New
Cisco Jabber Deployment with an existing Cisco WebEx Meeting
Center deployment.
When the Meeting Account check box is selected, it means a
corresponding Cisco WebEx Meeting Center account will be
created for this user.
219
15. To assign the Organization Administrator role to the user, select the
Organization Administrator check box.
16. Click Save to add the new user to your Cisco Jabber Organization. New users
receive a welcome email based on the Welcome Email template in Cisco
Webex Administration Tool. For information on email templates, see
Notifications, Emails, and Alert Templates.
Repeat the previous steps to continue adding new users.
Note: If there is missing information or errors when you add new users,
the errors are highlighted in yellow and a message is displayed.
Importing and exporting users
You can easily import a large number of users from a comma separated values (CSV)
file into your Cisco Jabber Organization. Similarly, you can export your Cisco Jabber
Organization users to a CSV file. Importing is a useful way of painlessly adding a
large number of users to your Cisco Jabber Organization thereby saving the effort of
manually adding each user.
To import users from a CSV file:
1. In the Cisco Webex Administration Tool, select the User tab.
2. Click More Actions and select Import/Export Users to open the
Import/Export Users dialog box.
220
Figure 164 : Webex admin import/Export User
You can import/export a large number of users from a comma separated

values (CSV) file into your Cisco Jabber Organization.
3. Click Browse and select the CSV file that contains the list of users you want
to import.
4. Click Import to begin the import process.
After the import is complete, the Organization Administrator who initiated
the import will receive an email with the status of the import. The email
states whether the import was a success, failure, or terminated.
The CSV file is imported and the users appear in the User tab. For more
information on CSV file format and a sample file, see CSV File Format.
5. To export users in your Jabber Organization, click Export in the
Import/Export User dialog box. A progress message indicates that the
221
progress of the export process. A success message indicates that your Jabber
Organization users have been successfully exported.
6. To view the CSV file that contains the exported users, click the time stamp of
the export message. A confirmation prompt appears. The message resembles
the following example:Last export: 2009-06-24 09:02:01.
7. At the confirmation prompt, click Open to view the CSV file containing your
Connect Organization's users. Alternatively, click Save to save the CSV file to
your local computer.
CSV File Format
You use CSV files to import users into your organization. Every CSV file needs to
adhere to a specific format in order for the import to be successful. Before you
import, it is useful to review the following guidelines about creating CSV files.
Every column in the CSV file should have a header with a valid name. For
more information about valid column names, see CSV Fields.
The name of a column should typically correspond to the name of a field in

the user's profile. For example, the First Name field in the user profile dialog
box should have a corresponding column named firstName in the CSV file.
See the graphic below for an example of this one-to-one relationship between
the field name and the CSV column name.
You can have optional or invalid column names in your CSV file. However,
these columns are skipped or re-ordered during the import process.
The status of the import is reported in the CSV file that replicates all the
information from the input file, with a specific column indicating the status.
If a user with the same email address is already in Cisco WebEx, the existing
record in the database is overwritten with the value in the CSV file.
Updates will replace the previous settings. For example, if new roles are
specified for the user, the previous roles are replaced.
The import process runs in the background. This enables you to continue
performing other Cisco WebEx Administration tasks, such as configuration.
222
After the import is complete, a confirmation email is sent to the person who
initiated it. The notification includes a summary of the import results.
The Organization Administrator can cancel an import process that is in

progress.
The following graphic illustrates the one-to-one relationship between CSV column
names and user profile fields.
Figure 165 : Webex admin CSV file for user import
223
Webex Site Configuration

To configure the Webex site please use the below
Figure 166 : Webex admin Webex site configuration
Policy configuration
Understanding policies and policy actions
A policy is a set of rules that includes actions, which determine what Cisco WebEx
features are available to groups of users or to the entire Cisco WebEx Organization.
For instance, Contractor Policy may disable External File Transfer and External IM
for Contractors as shown in the following graphic.
224
Figure 167 : Webex admin Policy example 1
An action is a Cisco WebEx capability that can be controlled through policies. For
example, the External File Transfer action corresponds to the capability of
exchanging files with users outside the Cisco WebEx Organization.
Figure 168 : Webex admin Policy example 2
225
An action is a Cisco WebEx capability that can be controlled through policies. For
example, the External File Transfer action corresponds to the capability of
exchanging files with users outside the Cisco WebEx Organization.
Adding policies
To add or edit policies:
1. Sign in to Cisco WebEx Administration Tool.
2. Click the Policy Editor tab. The Policy List appears to the left and the Action
List appears at the right of the Policy Editor screen as shown in the
following graphic.
Figure 169 : Webex admin Add policy
3. Under Policy List, click Add. "New Policy "appears as the policy name by
default.
4. Enter a unique name for the policy.
5. To add Actions for this policy, see Adding actions to a policy.
6. Select the Applied check box to view a message as shown in the following
graphic.
226
7. Click OK in the message box to apply the policy for the entire Cisco WebEx
Organization.
8. To apply policies to specific groups, see Assigning policies to groups.
Adding actions to a policy
To add actions to a policy:
1. Sign in to Cisco WebEx Administration Tool.
2. Click the Policy Editor tab. The Policy List appears to the left and the Action
List appears at the right of the Policy Editor screen as shown in the
following graphic.
Figure 170 : Webex admin Add actions to a policy
3. Under Policy Name, select the policy to which you want to add actions.
4. To add actions, click Add Action under Action List. The Action Editor
screen appears.
227
5. Select a policy action from the Action Tag Name drop down list. The list of
available action tags appears.
Note: For more information on these actions, see Understanding policies

and policy actions.
6. After selecting the appropriate policy action, select:

228
Enabled: to enable the selected policy action.
Disabled: to disable the selected policy action.
Advanced: to open the advanced configuration options for the

selected policy action.
7. When you select Advanced, in the previous step, the Action Editor dialog box
expands to show the advanced configuration options.
8. Under Action Details Configuration, select the appropriate Action Node

Type: Term Element or Logic.
9. If you have selected Logic, select the relevant logical operator: OR, AND, or
NOT from the logical operators drop down list.
10. If you have selected Term Element, select the relevant Element
Description Type. The Element Description Type determines the behavior
the policy action, that is, whether the policy action will be turned on or off or
under what conditions the policy action will be turned on or off. The
following types are available:
o
Pair Element
229
Exists
Requires
True
False
Call
Note: The True and False values indicate whether the policy action
will be enabled or disabled. The rest of the values determine the
condition under which the policy will be enabled or disabled.
11. Click Save.
Using policy actions available in Cisco WebEx
This section describes the policy actions available in Cisco WebEx. By default, a
newly provisioned Cisco WebEx Organization has all the capabilities granted to all
the users. This means all Cisco WebEx features are available to all users by this
default policy action.
Notes:
Only the end-to-end encryption policy is not enabled by default. The

Organization Administrator needs to explicitly enable this policy.
Administrators then need to create policies only if specific capabilities
for all the users or specific groups of users need to be disabled.
Policy actions cannot be enforced on users using third-party XMPP IM
clients.
No more than 10 VoIP conference attendees can be connected to the
same VoIP conference simultaneously.
External users are users who do not belong to the Cisco WebEx organization but can
still use Cisco WebEx to communicate with users who belong to the Cisco WebEx
organization
Policy
Action
External
File
Transfer
Description
Impact
Controls file
Setting this policy action to
transfer in an IM
FALSE will stop all file
session between
transfers between the
organization
organization users and
Default Value
TRUE
230
users and users

outside the
organization.
external users, including

multi-party IM sessions
with at least one external
user.
FALSE will stop all internal
file transfers.
Controls file
transfer in an IM
Internal File
When this policy action is
session between
not explicitly set to FALSE,
Transfer
users within the
all the users within the
organization.
organization will have the
ability to exchange files
with the internal users.
Controls IM
FALSE will stop all IM
sessions
sessions between users in
between users
the organization and users
External IM
in the
outside the organization.
organization and
This will also stop all
users outside
dependent services like
the organization.
voice, video, and VOIP.
Controls VOIP
FALSE will stop all VOIP
communications
communications in IM
in IM sessions sessions between users in
External
between users the organization and users
VOIP
in the
outside the Organization.
organization and However, other services like
users outside text-based IM sessions and
the organization
file transfers will be
available
FALSE will stop all VOIP
sessions between users
Controls VOIP
within the organization.
communications
However, other services like
Internal
in IM sessions
text-based IM sessions and
VOIP
between users
within the
available.
organization.
TRUE
TRUE
TRUE
TRUE

231
External
Video
Internal
Video
Local
Archive
External
Desktop
Share

ability to use VOIP
sessions.
Controls video
FALSE will stop all video
services in IM
services in IM sessions
sessions
between users within the
between users
organization and users
in the
outside the organization.
organization and However, other services like
users outside text-based IM sessions and
the organization
available.
FALSE will stop all video
services in IM sessions
between users within the
organization. However,
Controls video
other services like textservices in IM based IM sessions and file
transfers will be available.
sessions
between users
within the
organization. not explicitly set to FALSE,
ability to use video
sessions.
Controls the
ability of the
Available on some Jabber
user to locally
clients.
archive IM text
messages.
Controls the
FALSE prevents users
ability of users
within the organization
within the
from sharing their (local)
organization to desktop with users outside
the organization.
share their
desktop with
users outside
the organization. not explicitly set to FALSE,
users can share their (local)
TRUE
TRUE
TRUE
TRUE
232
Internal
Desktop
share
desktop with users outside

the organization.
Controls the
ability of users
from sharing their desktop
within the
with other users within the
organization to
organization.
share their
desktop with
other users
within the
users can share their
organization.
desktop with other users
inside the organization.
FALSE will disable support
for end-to-end Encryption
for IM sessions.
TRUE
If a user is designated to be
logged, the end-to-end
encryption policy setting
will be overridden to be
FALSE. End-to-end
encryption is not supported
for logged users. For more
information, see
Enables users to
Support AES specify support Overview of IM Archiving.
Encryption for end-to-end
For IM
Encryption for Note To apply this policy
exclusively, the Support
IM sessions.
SSL Encoding For IM, and
Support No Encoding For
IM policies should be set to
FALSE. If they are set to
TRUE, the encryption level
negotiated will be the
highest level that the other
party supports. This policy
action is set to FALSE by
default.
FALSE
For more information about

encryption levels, see About
233
Encryption Levels.
FALSE will disable support
for SSL Encryption for IM
sessions.
Enables users to
Support SSL specify support
Encryption
for SSL
For IM
Encryption for
IM sessions.
Controls IM
Internal IM communication
(including between users
White
within the
Listed
organization and
domains) specific type of
contacts.
To apply this policy

exclusively, the
Support AES
Encoding For IM,
and Support No
Encoding For IM
policies should be set
to FALSE. If they are
set to TRUE, the
encryption level
negotiated will be
the highest level that
the other party
supports. For more
information about
encryption levels,
see About
Encryption Levels.

FALSE will stop users
within the organization in a
different domain name and
specific domains (added to
the white list) from using
IM sessions with each other.
However, this does not
apply to users within the
organization in the same
domain. This will also
disable other dependent
services such as VOIP, Video
and FileTransfer.
FALSE prevents users from
changing their user profile
view settings.
Controls the
Allow user ability to restrict
to edit the groups of users
view profile from changing
setting their user profile
view settings. This policy action impacts
TRUE
TRUE
TRUE
234
the Allow users to change

their profile view settings
check box in the Profile
Settings screen under the
Configuration tab.
set to FALSE, the Allow
users to change their
profile view settings check
box will have no impact
even if it is selected.
FALSE will prevent users
Controls the
from editing their profile
ability to restrict
information.
Allow user
users from
to edit
editing their
profile
This policy action impacts
profile
the settings in the Profile
information.
Settings screen under the
Configuration tab.
Controls users' Setting this policy action to
ability to send a
Internal
screen capture
Screen
to users within
from sending screen
Capture
the
captures within the
Organization.
Organization.
ability to send a
External
screen capture
Screen
to users outside
from sending screen
Capture
of the
captures outside of the
Organization.
organization.
Send
ability to send
Internal
broadcast
Broadcast
messages to
from sending broadcast
Message users within the
messages inside the
Organization.
Organization.
Send
ability to send
External
broadcast
Broadcast
messages to
Message users outside of
messages outside of the
the
Organization.
TRUE
TRUE
TRUE
TRUE
TRUE
235
Organization.
Allow user ability to send
to send
broadcast
broadcast to messages to a
a directory directory group
messages to a directory
group
within the
group within the
Organization.
Organization.
Controls the HD
Video feature on
computer to
computer calls
FALSE will prevent HD
HD Video when External
Video for all computer to
Video or
computer calls.
Internal Video
policies are
enabled
FALSE will prevent all file
uploads to WebEx file
Controls file
library. Disabling file
upload to the
File Upload
uploads will not affect
Cisco WebEx file
content previously
library
uploaded. The policy takes
effect the next time the user
attempts to uploads a file
FALSE will prevent external
users from accessing any
WebEx file and meeting
External
Controls Cisco
space content.
File and
WebEx file and
Meeting
meeting space
Content previously shared
Archive
sharing with
with external users will
Sharing
external users
continue to be shared if this
policy action value is
changed to FALSE from
TRUE
Controls
whether file
FALSE will prevent file
owners can
owners from sharing the
Public File
share the direct direct file link to other users
Sharing
file link without and will require them to
requiring users explicitly name the users
who received they would like to share the
TRUE
TRUE
TRUE
TRUE
FALSE
236
the file link to

login to
download the
file.
file with.
Note: Organization Administrators who want to disable the following policy

actions for all users should set their value to FALSE:
Internal VoIP
External VoIP
Internal Video
External Video
Internal File Transfer
External File Transfer
Internal Desktopshare
External Desktopshare
The value for both "internal" and "external" must be set to FALSE.
Understanding Groups
The Cisco Jabber Organization Administrator organizes users into groups (or policy
groups). The groups are assigned group policies to determine what actions should
be applied to users belonging to a particular group. Users can be members of one or
more groups.
Note: Cisco Jabber sees a personal library appear as a group associated with
a user, but this group cannot be modified.
To view the Group screen
1. Sign in to the Cisco Webex Administration Tool.
2. Click the Group tab to open the Group screen.
Figure 171 : Webex admin Group information
237
Where you enter the search terms to search for the group you want.
Icons or tools that let you perform tasks related to groups.
Where the list of groups is displayed.
List of policies assigned to the currently-selected group.
Note: The following options are not available when your Cisco Jabber
Organization is set up with Directory Integration and single sign-on
integration:
o
o
o
Creating new groups

Editing existing groups
Deleting existing groups
Adding groups
Only Organization Administrators can create new groups.
To create a new group:
1. Sign in to Cisco Webex Administration Tool.
Figure 172 : Webex admin Add Group
3. Click the Add Group icon to open the Add Group dialog box. The name of the
Parent Group is always displayed at the top of this dialog box.
238
4. In the Group Name field, enter a name for the group.

5. Click OK to create the new group and return to the Group screen.
Editing groups
Editing a group involves only renaming it. Only Organization Administrators can
edit groups.
To edit a group:
Figure 173 : Webex admin Edit Group
3. In the Search field, enter at least one letter of the group that you want to edit
and click Search to view the group that you want to edit.
4. Select the group and click the Rename Group icon to view the Rename
Group dialog box.
5. In the Group Name field, enter the new name for the group and click OK to
return to the Group screen. Your renamed group is now visible in the Group
screen.
239
Deleting groups
A group can only be deleted if the group is empty and has no users associated with
it. However, if a group is not empty, you can delete any users that belong to multiple
groups. You cannot delete the top-level group, which was created when your Cisco
Jabber Organization was provisioned.
To delete a group:
Figure 174 : Webex admin Delete Group
3. In the Search field, enter at least one letter of the group that you want to
delete and click Search to view the group that you want to delete.
4. Select the group and click the Delete Group icon to view the Delete Group
confirmation message.
5. Click OK in the message box to delete the selected group. You cannot retrieve
a deleted group.
Cisco Unified Communications integration with Cisco WebEx

The Cisco Unified Communications (UC) integration with Cisco WebEx enables you
to create and configure new clusters for each of the following types of Cisco UC
integration available for Cisco WebEx:
240
Cisco WebEx Click-to-Call

Cisco UC Integration with Cisco WebEx
It is recommended that the following topics be reviewed prior to proceeding:
Getting started with Cisco Unified Communications Manager for Click to Call
Cisco Unified Communications Manager
Typically, an enterprise will be comprised of several Cisco Unified Communications

Manager (CUCM) clusters. Each of these clusters can be a Cisco WebEx Click-to-Call
cluster or Cisco UC integration with Cisco WebEx cluster. Users are assigned to a
CUCM cluster based on certain predefined grouping criteria. A typical example of a
grouping criterion is to assign users to a CUCM cluster based on their phone
numbers.
Configuring Cisco UC Integration (CUCM) Cisco WebEx
The Cisco UC Integration for Cisco WebEx adds a phone tab to Cisco WebEx. This
new space turns your computer into a full-featured phone, permitting you to place,
receive, and manage calls. The Cisco UC Integration with Cisco WebEx comprises
these following broad steps:
Configuring the CUCM with the Device Type, and setting dial rules. For more
information, see the CUCI-Connect Configuration Guide available at
http://www.cisco.com/en/US/products/ps10627/products_installation_and
_configuration_guides_list.html.
Specifying the Cisco UC Integration with Cisco Jabber settings in the Cisco
WebEx Administration Tool. For more information, see Specifying unified
communication settings.
Understanding the unified communications screen

Cisco Unified Communications integration with Cisco WebEx includes specifying
configuration options for these components:
Cisco WebEx Click-to-Call

Cisco UC Integration for Cisco WebEx
You can configure these components at either your Cisco WebEx Organization level
or by creating a cluster for each component. The following graphic explains the
Unified Communications screen.
1. Click the Configuration tab.
2. Click Unified Communications to open the Unified Communications
screen.
241
Figure 175 : Webex admin Unified Communications Configuration
Enables you to specify Cisco WebEx Click-toCall settings and the URL to download the
Cisco UC Integration for Cisco WebEx Setup
Program. For more information, see
Specifying Cisco Jabber Click-to-Call settings.
Note: The above applies only to Cisco WebEx
6.x.
Enables you to specify Visual Voicemail
settings. For more information, see
Specifying Visual Voicemail settings.
Enables you to create, modify and delete
Cisco UC Clusters.
Specifying Visual Voicemail settings
The Visual Voicemail application is an alternative to the audio voicemail service.
With Visual Voicemail, you can use the screen on your phone to work with your
voice messages. You can view a list of your messages and play your messages from
the list. You can also compose, reply to, forward, and delete messages.
242
Note: Cisco UC Integration for Cisco WebEx must also be configured to

use this service.
When you enable the integration of Cisco WebEx with Visual Voicemail, you can
directly view your Visual Voicemail from within the Cisco Jabber client. Before
enabling the integration of Cisco WebEx with Visual Voicemail, we recommend
reading the following documentation:
Planning to Install Visual Voicemail available at

http://www.cisco.com/en/US/docs/voice_ip_comm/cupa/visual_voicemail/
7.0/english/install/guide/plan.pdf
Installation and Configuration Guide for Visual Voicemail available at
http://www.cisco.com/en/US/docs/voice_ip_comm/cupa/visual_voicemail/
7.0/english/install/guide/Installation_and_Configuration_Guide_for_Visual_V
oicemail_Release_70.pdf
CUCI Connect Configuration Guide available at
_configuration_guides_list.html
To specify Visual Voicemail settings:

1. Click the Configuration tab to open the Organization Information screen.
2. Click Unified Communications to open the Unified Communications
screen.
243
Figure 176 : Webex admin Visual Voicemail configuration
3. Click Voicemail to open the Default settings for Visual Voicemail for CUCI
screen.
Note: Unity Connection customers should enter the Unity Connection

server IP Address or DNS name into the "Voicemail Server" and
"Mailstore Server" fields. It is recommended that all other settings
244
remain as the defaults.

4. To enable Visual Voicemail, select Enable Visual Voicemail.
5. If you want to manually enter the Visual Voicemail settings, select Allow
user to enter manual settings.
6. Enter the following information:
o
Voicemail Server: Name of the Visual Voicemail server with which

the Cisco Jabber client should communicate for retrieving voicemail.
Protocol: Protocol used for communicating with the Visual Voicemail

server. You can select HTTPS or HTTP.
Port: Port associated with the Visual Voicemail server.
Mailstore Server: Name of the mailstore server.
Protocol: Protocol used by the mailstore server. You can select TLS or
Plain.
Port: Port associated with the mailstore server.
IMAP IDLE Expire Time: Time (in minutes) after the expiry of which
the server stops automatically checking for voicemail.
Mailstore Inbox Folder Name: Name of the inbox folder configured

at the mailstore server.
Mailstore Trash Folder Name: Name of the trash folder (typically,

the deleted items folder) configured at the mailstore server.
7. Click Save to save the Visual Voicemail configuration.

Note: The settings entered in these tabs are the default visual voicemail
settings for Clusters and are not configured for a specific server.
Additionally, each cluster must be individually enabled. More...
Creating unified communications clusters
This topic describes the procedure to configure Cisco WebEx for the following
components of Cisco Unified Communications:
Cisco Unified Communication settings for Click-to-Call

Cisco Unified Communication Manager integration with Cisco Jabber
245
Because the configuration steps vary between these UC components, the

configuration instructions are explained in multiple parts within this topic. Refer to
the following documentation resources:
CUCI-Connect Configuration Guide available at

Specifying Cisco Unified Communication settings for Click-to-Call

Important: Organization administrators should contact their customer
support representative for CUCI provisioning.
2. Under IM, click Unified Communications.
Figure 177 : Webex admin Unified Communications click to call settings
3. Click Clusters to display the Clusters screen. Previously created clusters will
be displayed.
246
1. To delete a cluster, select the checkbox next to the cluster name and
click Delete. A confirmation message will be displayed.
2. Click Yes in the confirmation message box to delete the selected
cluster. Clusters with associated users cannot be deleted.
4. Click Add to view the New Cluster dialog box.
Figure 178 : Webex admin Add new cluster
247
5. Enter a name for the new cluster in the Cluster Name box.
6. If it is not already selected, click Enable Cisco WebEx Click-to-Call.
7. Select Allow user to enter manual settings to permit all users belonging to
this cluster to specify their Cisco Unified CM settings.
Note: When you enable this option, user-entered settings will override
the default or global Click-to-Call settings specified for the Cisco WebEx
Organization.
8. In the Cisco Unified Communications Manager (CUCM) box, enter the IP
Address of CUCM configured for your Cisco WebEx Organization. Make sure
that your CUCM includes a Device Type called Client Services Framework
(CSF). For more information on configuring your CUCM to work with CSF,
refer to the section titled Preparing Cisco Unified Communications Manager
in the CUCI-Connect Configuration Guide available at
9. Click Save to save the Click-to-Call cluster settings and return to the Unified
Communications screen. The new Click-to-Call cluster is now displayed
under Cisco Unified Communications Clusters.
Specifying Cisco Unified Communication Manager integration with Cisco

Jabber
To specify Cisco Unified CM integration with Cisco Jabber
1. Click Add to view the New Cluster dialog box.
248
2. Select Allow Cisco UC Manager integration with Cisco Jabber.
3. Select Allow user to enter manual settings to permit users to change the
Primary Server values in basic mode or the TFTP/CTI/CCMCIP Server values
in advance mode.
Note: When you enable this option, user-entered settings will override
249
the default or global CUCM settings specified for your Cisco WebEx
Organization.
4. Under Cisco Unified Communications Manager Server Settings, select:

o
Basic Server Settings: to enter the basic settings for the CUCM
server.
Advanced Server Settings: to enter advanced or more detailed

settings for the CUCM server.
Note: The Server configuration options change based on your selection:

Basic or Advanced.
5. Enter the following values for Basic Server Settings:
o
Primary Server: Enter the IP address of the primary CUCM server.

This server will be configured with TFTP, CTI, and CCMCIP settings.
Backup Server: Enter the IP address of the backup CUCM server. This
server will be configured with TFTP, CTI, and CCMCIP settings and
will provide failover support in case the primary CUCM server fails.
6. If you have selected Advanced Server Settings in Step 4, specify each setting
for TFTP (Trivial File Transfer Protocol), CTI (Computer Telephony
Integration), and CCMCIP (Cisco Unified Communications Manager IP Phone)
servers.
250
7. Enter the IP address for each of the following servers:

o
TFTP Server
CTI Server
CCMCIP Server
Notes:
o
You can specify up to two backup servers for the TFTP server and one backup server each
for the CTI and CCMCIP servers. Enter the appropriate IP addresses for each Backup
Server.
For detailed information about the TFTP, CTI, and CCMCIP servers, see CUCI-Connect
Configuration Guide located at
http://www.cisco.com/en/US/products/ps10627/products_installation_and_configuratio
n_guides_list.html.
8. In the Voicemail Pilot Number box, enter the number of the voice message
service in your Cisco Unified Communications system.
Note: The Organization Administrator typically provides a default voice
message number for your entire Cisco WebEx Organization. However,
you can select the Allow user to enter manual settings check box to
enable users of the cluster to override this default voice message
number.
251
9. Enter the LDAP Server Settings information if you Cisco WebEx

Organization is set up with Directory Integration. To obtain LDAP server
settings, contact your company or Organization's IT administrator.
10. Click Voicemail.
11. Select Enable Visual Voicemail. The Visual Voicemail settings entered here
will be applicable only to the users belonging to this cluster.
12. Select Specific voicemail server for this cluster to specify a voicemail
server, which is different from the voicemail server settings provided for the
entire organization. For information about specifying default Visual
Voicemail settings for the entire organization, see Specifying Visual Voicemail
settings.
13. Select Allow user to enter manual settings to permit users to manually
enter Visual Voicemail settings for this cluster.
14. For information on entering specific Visual Voicemail settings, see Specifying
Visual Voicemail settings.
15. Click Save to save your Unified Communications configuration.
252
Meeting URL configuration

To configure the meeting URL,
1. Click on the Configuration Tab in the Org Administration Tool.
2. Click on Meetings Link under Additional Services.
3. Check: Enable Meeting Integration
4. Enter Meeting URL
5. Enter Brief Description
6. Click Save
Figure 179 : Webex admin Meeting URL configuration
Entering instant message blocking settings

Instant message (IM) blocking settings include specifying the following:
file types that you want to prohibit from being exchanged over IM
communications
URLs that you want to prohibit from being accessed over IM communications
To enter instant message blocking settings

1. Click the Configuration tab to open the Organization Information screen
as the default view.
253
2. Under Connect Client, click IM Block Settings to open the IM Block

Settings screen.
Figure 180 : Webex admin IM Block settings
3. In the Blocked File Types box, enter the file types that you want to block in
IM communications. Separate each file type with a semicolon.
4. In the Blocked URLs box, enter the URLs that you want to prohibit in IM
communications. Separate each URL with a semicolon.
5. Click Save to save the IM blocking settings.
Specifying IM Federation settings
Cisco Jabber can be configured to enable federation with public XMPP-based IM
networks such as Google Talk. It also permits the use of third party XMPP clients to
connect to your Cisco Jabber domain.
To specify IM Federation settings
254

2. Click IM Federation to open the IM Federation screen.
Figure 181 : Webex admin IM federation settings
3. Update your DNS SRV records according to the information displayed on the
IM Federation screen.
Notes:
You can publish two types of records to DNS:
o
o
Publishing the first SRV record enables your users to communicate

with users of public XMPP networks.
Publishing the second SRV record enables your users to use third
party XMPP clients and connect to your Cisco Jabber domain
255
References
Cisco Unified Communications Manager Administration Guide 8.6
http://www.cisco.com/en/US/partner/docs/voice_ip_comm/cucm/admin/8_6_1/c
cmcfg/bccm-861-cm.html
Cisco Unified Presence Server Administration guide 8.6
http://www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/install_upgr
ade/deployment/guide/CUP_deploy.html
Cisco Unity Connection Administration guide 8.6
http://www.cisco.com/en/US/partner/docs/voice_ip_comm/connection/8x/admin
istration/guide/8xcucsagx.html
Jabber for Windows Administration guide
me.html
Jabber for MAC Administration guide
me.html
Jabber for iPhone Administration guide
me.html
Jabber for iPad Administration guide
me.html
Jabber for Android Administration guide
me.html
Cisco Webex Administration guide
http://www.webex.com/webexconnect/orgadmin/help/index.htm
Integration Guide for Configuring Cisco Unified Presence Release 8.6 for
Interdomain Federation
http://www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/integration_
notes/Federation/CUP_8.6_Interdomain_Federation.html
256
Integration Guide for Configuring Partitioned Intradomain Federation for

Cisco Unified Presence Release 8.6 and Microsoft LCS/OCS
www.cisco.com/en/US/docs/voice_ip_comm/cups/8_6/english/integration_notes/
Federation/Intradomain_Federation/Partitioned_Intradomain_Federation.html
257

Cisco Jabber 8.x Pilot Deployment Guide-1.2

Caricato da

Informazioni sul documento

Copyright

Formati disponibili

Condividi questo documento

Condividi o incorpora il documento

Opzioni di condivisione

Hai trovato utile questo documento?

Questo contenuto è inappropriato?

Copyright:

Formati disponibili

Cisco Jabber 8.x Pilot Deployment Guide-1.2

Caricato da

Copyright:

Formati disponibili

Cisco Jabber 8.

x Pilot Deployment Guide

Advanced Services, Collaboration Team

On-Prem Deployment Model

Hybrid Cloud Deployment Model

IM/Presence + Voice + Video

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

On-Prem Deployment Model

On-Prem Deployment Model

Jabber for Windows

Cisco Unified Presence Postinstallation Setup

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Configuring LDAP Authentication

Server Configuration for Client provisioning

Configuring Unified Communications Manager for Video

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Cisco VCS Installation

Cisco Unified Presence Federation Overview

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 27 : Configuring CUP Publish Trunk on CUPS ................................................................................ 60

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 55 : Jabber for MAC Configuring CCMCIP profile ....................................................................... 90

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 83 : Unity Connection Phone System Basics configuration ................................................. 124

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 139 : Configuring TLS peer subject ................................................................................................ 177

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 167 : Webex admin Policy example 1 ......................................................................................... 225

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Cisco UCM Installation Guide:

Cisco Unified Presence Installation Guide:

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

6. Clients have been installed with compatible software levels.

Cisco Unified Presence software compatibility:

7. Customer or partner possesses valid Cisco Technical Assistance Center (TAC)

Jabber for Mac

Jabber for Windows

Jabber IM for iPhone

Jabber for iPhone

Jabber for iPad

Jabber for Android

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

On-Prem Deployment Model

Client uses on premise services for IM/Presence, Voice, Video

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 1 : On-Prem Deployment Model

Hybrid Cloud Deployment Model

Client uses webex cloud services for IM/Presence

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Figure 2 : Hybrid Cloud Deployment Model

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Jabber for Windows

Receives Real-Time Transport Protocol (RTP)

Connects to services such as such as Cisco

Connects securely to an LDAP directory service.

Connects securely to the Global Catalog server.

Connects to Cisco Unity Connection to retrieve

Copyright 2012 Cisco Systems, Inc. All Rights Reserved.

Connects to the CTI gateway, which is the CTI