- ExpressVPN vs NordVPN: Which VPN is best for you?
- Ultramarine Linux 40 continues to be one fine unofficial Fedora Spin
- TunnelBear VPN review: An affordable, easy-to-use VPN with few a few notable pitfalls
- VMware Product Release Tracker (vTracker)
- I use this cheap Android tablet more than my iPad Pro - and it costs a fraction of the price
Cisco Expressway, collaborative edge and the beauty of SRND v10.0
Cisco Expressway, collaborative edge and the beauty of SRND v10.0
I would like to spent some time on posting on what Cisco has been calling “Collaborative edge” for a while. For a description of the concept of collaborative edge:
SRND 10.x Is the first time building blocks of collaborative edge: the Cisco Expressways, are actually described on a technical/admin level.
The expressways will be deployed in pairs; one on the inside of the firewall and one in the DMZ
Figure 1 – Deployment of Cisco Expressway for VPN-less Access |
So, of course, the trick is to provide firewall traversal, in such a way not to break the signalling payload. I have dedicated a post to NAT and firewall traversal and its intricacies around signalling, so for some back ground information, please check out that post
http://ciscoshizzle.blogspot.com.au/2014/01/sip-firewall-traversal-and-how-does-sip.html
Back to the actual solution, which contains the following components:
- An Expressway-E located outside the firewall on the public network or in the DMZ, which acts as the firewall traversal server.
- An Expressway-C or other traversal-enabled endpoint located in a private network, which acts as the firewall traversal client
In terms of ports that need to be opened, the following table is taken from the Cisco Expressway administration guide X8.1
and between Expressway C to CUCM:
a particularly good post, is one from Mike White:
http://ciscocollab.wordpress.com/2014/01/29/deploying-collaboration-edge/
So please check this out to get some more info on certs and DNS record to bolt it all togethe