The originating SBC must be able to connect to the Webex SIPS server on the IP address determined from the DNS lookups, and be able to negotiate SIP over TLSv1.1 or TLSv1.2. The originating SBC must be capable of using the _sips._tcp DNS SRV record corresponding to the subdomain in the dialed URI's host portion to locate the FQDN of the Webex SIPS server, and resolving the A record for the FQDN to determine the IPv4 address to connect to. The originating SBC must be configured to use a DNS server capable of performing DNS A record and SRV record lookups. Other call protocols or methods, such as insecure SIP over TCP or UDP, H.323, IP dialing, ISDN, Microsoft Lync, or Microsoft Skype for Business, are not supported. The originating Session Border Controller (SBC) of a call must use standards-based SIP Secure (SIPS) URI dialing. You can test your SBC's DNS SRV records and connectivity using the Cisco TAC Collaboration Solutions Analyzer. Webex App users or devices that use Webex Hybrid Calling must have their B2B calling requirements defined by the on-premises equipment configuration, such as Cisco Unified Communications Manager (Unified CM) and Cisco Expressway. Have a DNS PTR record configured for the SBC's FQDN. For the list of root CAs trusted by Webex, see Supported Certificate Authorities for Cisco Webex. Present a TLS certificate signed by a trusted public root Certificate Authority (CA). Present a complete TLS certificate chain including any signing intermediate CA certificates, and the signing root CA certificate. Present a TLS certificate that contains the SBC's FQDN in either the CN or SAN DNS records. Recommended best practices for the destination SBC are: If the destination SBC is a Cisco TelePresence VCS or Cisco Expressway, the minimum supported software version is X8.5.3. The destination SBC must present a server certificate that is not expired. If the destination is a DNS SRV target or host FQDN, there must be a corresponding DNS A record pointing to IPv4 addresses of any SBCs. DNS SRV record, or either a Fully Qualified Domain Name or IPv4 address of a Session Border Controller (SBC) which has a SIPS server listening on the protocol's default port (TCP 5061). The host portion of a destination URI must be a (sub)domain with a _sips._tcp. The destination address must be a URI with both a user and host portion as defined in RFC 3261. Other call protocols or methods, such as insecure SIP over TCP or UDP, H.323, IP dialing, ISDN, Microsoft Lync, or Microsoft Skype for Business, are unsupported. The destination of a call must use standards-based SIP Secure (SIPS) URI dialing.
0 Comments
Leave a Reply. |