[cisco-voip] Cisco Network Registrar DNS and Mobile Remote Access

Lelio Fulgenzi lelio at uoguelph.ca
Wed Feb 3 15:42:48 EST 2016 

DNS views are a requirement for Jabber MRA. That being said, there is a "workaround". 

http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Borderless_Networks/Unified_Access/BYOD_Design_Guide/BYOD_CollabEdge.html#pgfId-1029370 

We're hoping this will work for us. We tested it out, and while it did work, we believe it had an adverse reaction which resulted in some DNS service interruptions. We're hoping to open a ticket with the TAC to understand the configuration a bit more clearly and what potential impact it might have on operations. 

If this doesn't work, we'll have no option but to implement DNS split view if we want MRA to work. 

That being said, there may be an option to enable split view DNS on a subzone rather than on a whole zone. That's my hope and plan B. 




--- 
Lelio Fulgenzi, B.A. 
Senior Analyst, Network Infrastructure 
Computing and Communications Services (CCS) 
University of Guelph 

519‐824‐4120 Ext 56354 
lelio at uoguelph.ca 
www.uoguelph.ca/ccs 
Room 037, Animal Science and Nutrition Building 
Guelph, Ontario, N1G 2W1 

----- Original Message -----

From: "Brian Meade" <bmeade90 at vt.edu> 
To: "James Conyers" <James.Conyers at du.edu> 
Cc: cisco-voip at puck.nether.net 
Sent: Wednesday, February 3, 2016 3:29:55 PM 
Subject: Re: [cisco-voip] Cisco Network Registrar DNS and Mobile Remote Access 

I think that's what the DNS Views are for- http://www.cisco.com/c/en/us/td/docs/net_mgmt/prime/network_registrar/8-2/user/guide/CPNR_8_2_User_Guide/UG_ZoneViews.html 

On Wed, Feb 3, 2016 at 3:00 PM, James Conyers < James.Conyers at du.edu > wrote: 





Hi, 

We are running into a problem with Cisco Mobile Remote Access where the DNS entries we created are being replicated on the inside and outside of our firewall. The users/devices attempt to connect to the correct services (_cisco-uds_tcp & _cuplogin._tcp) from outside of the firewall and because our DNS entries are replicated on both the inside and outside these lookups do not fail but the registration does eventually fail because these addresses are internal IP’s. The users/devices never get prompted to lookup the (_cisco-uds) through Expressway and thus are unable to register. 

Is there any way to configure an ACL/whitelist/blacklist entries for certain zone entries within Cisco Network Registrar which would enable outside users/devices to hit the Expressway as opposed to the internal IPs of the Call Manager/ CUPs server? 

Any ideas? 

Thanks, 

James 





James Conyers 

Telecommunications Engineer II 

303-871-7992 




_______________________________________________ 
cisco-voip mailing list 
cisco-voip at puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-voip 






_______________________________________________ 
cisco-voip mailing list 
cisco-voip at puck.nether.net 
https://puck.nether.net/mailman/listinfo/cisco-voip 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20160203/eab1773b/attachment.html>

More information about the cisco-voip mailing list