The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This module describes how to configure your settings.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||||||||||||||
Step 2 | (Optional)To change the
Language setting, select
Turn On
Maintenance Mode.
You do not have to turn on maintenance mode when modifying the other settings on the Company Info page. Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. | ||||||||||||||||||||||||
Step 3 | Select Settings. If you are viewing one of the other settings pages, you can also select Company Information under the Settings section. | ||||||||||||||||||||||||
Step 4 | Complete the
fields on the page and select
Save.
| ||||||||||||||||||||||||
Step 5 | (Optional)If you changed the language,
select
Turn Off
Maintenance Mode and
Continue to confirm.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. |
Prepare the following before configuring your branding settings:
Create a transparent 120x32 PNG or GIF file.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | For the Company Logo field, select Browse and choose the transparent 120x32 PNG or GIF file. |
Step 4 | Select
Save.
Your previous company logo is replaced by your blank PNG or GIF file. Confirm that the original logo has been removed. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||
Step 2 | Select . | ||||||||
Step 3 | In the Join
meeting settings section, select your options.
| ||||||||
Step 4 | Select the maximum
participants per meeting by dragging the slider:
This setting is limited by the system size configured during deployment. See Confirming the Size of Your System for more information. | ||||||||
Step 5 | In the
Participant
privileges section, select your options.
Chat, Polling, Document review and presentation, and Sharing and Remote Control are selected by default. The selected participant privileges appear in the users' controls. | ||||||||
Step 6 | Select
Record to record and store meetings on the storage
server.
Recording is disabled by default. You must configure a storage server to enable recording. See Adding a Storage Server for more information. | ||||||||
Step 7 | Select File transfer to allow users to share files during a meeting. | ||||||||
Step 8 | Select Save. |
Cisco WebEx Meetings Server enables different meeting security features depending on the following factors:
User type: host, alternate host, user (signed in), and guest.
Meeting has a password or no password.
Password is hidden or visible in the meeting invitation.
Password is hidden or visible in the email meeting invitation.
Behavior displayed on the meeting join page (see the following tables).
User Type | Password Displayed in Email Invitation and Reminder | Meeting Detail Page |
---|---|---|
Host | Yes | Yes |
Alternate host | Yes | Yes |
Invitee | No | No |
Forwarded invitee | No | No |
User Type | Password Displayed in Email Invitation and Reminder | Meeting Detail Page |
---|---|---|
Host | Yes | Yes |
Alternate host | Yes | Yes |
Invitee | Yes | Yes |
Forwarded invitee | Yes | Yes |
Join Before Host feature is on or off:
Join Teleconference before Host feature is on or off:
First participant can Present feature is on or off:
The first time you configure your audio settings, you are guided through the process by a wizard that helps you set your CUCM SIP configuration and call-in access numbers. After you have completed the wizard and configured your initial audio settings, you can configure all other audio settings.
You must enable teleconferencing and configure CUCM before you proceed with your audio configuration. You must configure CUCM on two systems if you plan to provide teleconferencing high availability. Refer to the Planning Guide for more information. To proceed you must obtain the following information:
A list of call-in access numbers that your participants use to call into meetings.
The CUCM IP address.
Note | This feature is not available in Russia or Turkey. |
The first time you configure your audio settings, a wizard guides you through the installation procedure. You must configure Cisco Unified Communications Manager (CUCM) as part of this process.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. | ||
Step 3 | Select
.
The Audio page appears and included the Current Audio Features. | ||
Step 4 | Select
Next.
The SIP Configuration page appears. This page displays the SIP configuration parameters you need to configure for CUCM, including the IP address and port number for each server type. | ||
Step 5 | Select
Next.
The Enable Teleconference: CUCM Setting page appears, displaying your current settings. | ||
Step 6 | Select
Edit to change your settings.
The CUCM (Cisco Unified Communications Manager) dialog box appears. | ||
Step 7 | Complete the
fields in the
CUCM
(Cisco Unified Communications Manager) dialog box as follows:
Your new or updated CUCM settings appear on the Enable Teleconference: CUCM Setting page. | ||
Step 8 | Select
Next.
The Enable Teleconference: Access Number Setting page appears. | ||
Step 9 | Select
Edit.
The Call-in Access Numbers dialog box appears. | ||
Step 10 | Select
Add to add a call-in access number.
A line is added in the dialog box for the phone label and number. Each time you select Add, an additional line appears in the dialog box. | ||
Step 11 | Enter the
Phone
Label and
Phone
Number for each access number that you add and select
Continue after you have finished adding numbers.
Make sure you only add numbers that you have configured in CUCM. The numbers you add appear in email invitations and your Cisco WebEx Meetings client. Example:Enter "Headquarters" for the Phone Label and 888-555-1212 for the Phone Number. The access numbers you entered are added to your system and you are returned to the Enable Teleconference: Access Number Setting page. The page now indicates how many access numbers have been configured. | ||
Step 12 | Select
Save.
The wizard informs you that you have successfully configured your teleconferencing features. | ||
Step 13 | (Optional) Enter a display name in the Display Name dialog box. | ||
Step 14 | (Optional) Enter a
valid caller ID in the
Caller
ID dialog box.
The caller ID is limited to numerical characters and dash (-) and has a maximum length of 32 characters. | ||
Step 15 | (Optional)Configure your
WebEx Call Me setting (Default: Press 1 to connect to meeting). Select this option
to bypass the requirement to press
1 to connect
to a meeting.
| ||
Step 16 | (Optional)Select your Telephone entry and exit tone. | ||
Step 17 | (Optional) If IPv6 is supported and configured on your system, set your IPv6 Teleconferencing setting to On or Off. (Default: Off. A setting of Off indicates that IPv4 is the setting.) | ||
Step 18 | Select the System Audio Language users hear when they dial in to the audio portion of a WebEx meeting or when they use the Call Me service. | ||
Step 19 | Select Save. | ||
Step 20 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
If you are configuring your audio settings for the first time, see Configuring Your Audio Settings for the First Time.
Note | Turning on Maintenance Mode is not required to configure or change the Blast Dial, Call-in Service Languages, Display Name, or Caller ID audio settings. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. | ||||||||||||
Step 3 | Select . | ||||||||||||
Step 4 | Select
Global
Settings.
Configure your audio feature settings.
For audio configuration, there are global settings and each data center has local settings. Global settings are applied to all data centers. Local settings apply to individual data centers.
| ||||||||||||
Step 5 | Configure Blast Dial as described in About WebEx Blast Dial. | ||||||||||||
Step 6 | In the Edit
Teleconference Settings section, select the
Edit link under CUCM (Cisco Unified Communications
Manager) to change your settings.
In an MDC system, each data center must be connected to a Cisco Unified Call Manager (CUCM). Multiple data center can share one CUCM or they each can be associated with a CUCM. The configurations of CUCM in an MDC system is the same as it would be if was a Single-data Center (SDC) system.
The CUCM (Cisco Unified Communications Manager) dialog box appears. Complete the fields and select Continue. | ||||||||||||
Step 7 | Select
Edit in Call-In Access Numbers section to add,
change, or delete your access numbers.
| ||||||||||||
Step 8 | Select
Edit in the Call-in Service Languages section to
add, change, or delete languages available for users calling in to the audio
portion of a meeting.
| ||||||||||||
Step 9 | Use the
Transport drop-down menu to select the transport
type for your system and port number for each server. (Default: TCP)
If you select TLS as your transport type, you must import a valid, secure conferencing certificate for each of your CUCM servers, export the SSL certificate, upload it into CUCM, and configure your system fully qualified domain name (FQDN) as the SIP domain name on each CUCM server. See Importing Secure Teleconferencing Certificates for more information about importing your certificates, and "Configuring Cisco Unified Communications Manager (CUCM)" in the Planning Guide for more information about managing call control on CUCM. Make sure the port number matches the setting in CUCM. | ||||||||||||
Step 10 | Enter a display
name in the
Display
Name dialog box.
This is the name displayed on a meeting participant's IP phone when using the Call Me service or calling into Cisco WebEx Meeting Server (CWMS). | ||||||||||||
Step 11 | Enter a valid
caller ID in the
Caller
ID dialog box.
The caller ID is limited to numerical characters and dashes (-), and has a maximum length of 32 characters. | ||||||||||||
Step 12 | Configure your
WebEx Call Me setting (Default: Press 1 to connect to meeting). Optionally select
this option to bypass the requirement to press
1 to connect
to a meeting.
We do not recommend that you select this option unless your phone system is incapable of sending a 1 digit. | ||||||||||||
Step 13 | Select your Telephone entry and exit tone. | ||||||||||||
Step 14 | If IPv6 is supported and configured on your system, set your IPv6 Teleconferencing setting to On or Off. (Default: Off indicates that IPv4 is the setting.) | ||||||||||||
Step 15 | Select the
System
Audio Language users hear when they dial in to the audio portion of
a Cisco WebEx meeting or when they use the Call Me service.
This setting appears as the default language for the Call-in Service Languages. | ||||||||||||
Step 16 | Select Save. | ||||||||||||
Step 17 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. |
Step 3 | Select . |
Step 4 | Select
Edit CUCM (Cisco Unified Communications
Manager) to change the settings.
|
Step 5 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
Cisco WebEx Blast Dial lets users identified as meeting hosts, call a phone number and enter a host PIN (if required) to instantly start the audio portion of a meeting. At the same time, the system automatically places calls to a list of participants defined for that Blast Dial group. Within minutes, the host can begin discussing an urgent matter or provide detailed instructions for handling an important issue with the people who have approval authority or are trained for emergency situations. In addition to starting the audio portion of the meeting, the host can access an automatically generated email to start the online portion of the meeting to share images, video, or electronic information with the meeting participants.
When the system calls a person on a participants list, that person answers the call and enters a participant PIN (if required) to join the audio portion of the meeting. Once the audio portion of the meeting is in progress, a host presses *# to hear the names of the people who have joined the meeting or looks at the Participants list in the online portion of the meeting. Any participant can choose not to answer the call or remove themselves from a Blast Dial group. An administrator can delete a person from a Blast Dial group at any time.
Each Blast Dial group can have the maximum number of participants supported by each size CWMS system (see the "System Capacity Matrix" section in the Cisco WebEx Meetings Server Planning Guide and System Requirements for details). An administrator configures the Blast Dial group and its participants, but relies on the meeting host to provide the group settings and the information for the Participants list. An administrator can add participants to a Blast Dial group by entering them manually on the Blast Dial page, or by importing a ParticipantsTemplate file completed by a host.
Use the link provided to download a Group Template to send to the person who will host meetings for a Blast Dial group.
Step 1 | Sign in to the Administration site. |
Step 2 | Select . |
Step 3 | Select the GroupTemplate link to download the template a host uses to provide the general settings, such as group name and host PIN, for the new Blast Dial group. |
Step 4 | Email the Group Template to the host of the Blast Dial group. Ask the host to complete the template and return it to you. |
If you have the information to create a new group, go to Adding a Blast Dial Group.
To import participants, delete the instructions and rows with example text in the Participants template file and go to Importing a Participants List.
To manually add participants for a group, go to Adding Blast Dial Participants.
For each Blast Dial group, specify a group name, a route pattern, and a call-in number. Both the route pattern and the call-in number must be defined in CUCM and copied into the Blast Dial page. To provide a level of security for the meetings, configure a host PIN and a participant PIN. For each group, select the Host check box for at least one of the internal participants to make that user a host. There must be at least one host for each Blast Dial group. You can designate several internal participants as hosts for a Blast Dial group and all hosts can start the audio portion of a Blast Dial meeting. However, a meeting host requires a license to start the online portion of a Blast Dial meeting.
When the Blast Dial group is configured, the system sends an email to the host with the host PIN and Call-in number. All participants receive an email with the participant PIN and Call-in number. A host calls the Call-in number and enters a host PIN to start a meeting. Participants answer the Blast Dial call (or call the call-in number if they miss the call) and enter a participant PIN (if required). Unlike other types of Cisco WebEx meetings that automatically end after 24 hours, a Blast Dial meeting continues until the last person ends his or her call or leaves the online portion of the meeting. When there is only one person in the meeting, a warning message appears every 15 minutes, "You are the only participant in this meeting. The meeting will automatically end in:". The clock decrements from 2 to 0 minutes. The user can select Continue to extend the meeting.
Note | When a host starts the online portion of a Blast Dial meeting, DTMF tones are disabled. |
Configure a route pattern and corresponding call-in number in the Cisco Unified Communications Manager for every Blast Dial group. Each Blast Dial group requires its own dedicated call-in number. See "Call Routing Setup" in the Cisco Unified Communications Manager Administration Guide for details about route patterns.
Download the Group Template file and send it to the host of the Blast Dial group. The host should complete the template and return it. Use the information in the template to create the Blast Dial group.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||
Step 2 | Select . | ||||
Step 3 | In the Blast Dial section, select Add Group. | ||||
Step 4 | Enter a Group Name. | ||||
Step 5 | Type a
Route
Pattern.
One route pattern must be configured in Cisco Unified Communications Manager for each Blast Dial group. | ||||
Step 6 | Type the
Call-in Number associated with the route pattern
configured for this Blast Dial group.
Each Blast Dial group needs a dedicated call-in number. A host dials the call-in number to initiate a Blast Dial meeting.
| ||||
Step 7 | (Optional)Type an
alphanumeric password in the
Meeting Password field.
If
configured, participants enter this password to join the online portion of a
Blast Dial meeting.
| ||||
Step 8 | Choose one of
the
Host
PIN options:
| ||||
Step 9 | Choose one of
the
Participant PIN options:
| ||||
Step 10 | Select the
number of
Call
Attempts the system should make to call a participant.
The system calls each participant the number of times selected for Call Attempts. If a user lists four phone numbers on their My Accounts page (for internal users) or an administrator enters four phone numbers in the CSV file imported into the system, the system dials the first number the number of times selected for Call Attempts, then calls the second number the number of times selected for Call Attempts, and so on. After the system dials each phone number the number of times selected for Call Attempts, the system stops calling the participant. If Unlimited is selected for this field, the system continues to call the participants until they answer the call or until the Blast Dial meeting ends. | ||||
Step 11 | Select the Add Participants link in the Internal List section. | ||||
Step 12 | In the Internal List, enter an email address for at least one host and select + to add each person to the Participants list. | ||||
Step 13 | Select the Host check box to designate the internal user as a meeting host. | ||||
Step 14 | (Optional)Select the Add Participants link in the External List section. | ||||
Step 15 | (Optional)For external users, enter a name, email address, and a phone number, and then select Add to add the person to the Participants list. See Adding Blast Dial Participants for details about external users. | ||||
Step 16 | Select Save to save your changes. The Blast Dial group is added to the system. |
To import a list of participants, export a CSV file with pre-configured column headings. See Exporting a Participants List and Importing a Participants List for details.
To create a small blast dial list or to add a few new people to an existing list, see Adding Blast Dial Participants.
To delete a blast dial group, see Deleting a Blast Dial Group.
You can change the blast dial group settings, including the participants list.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | In the Blast Dial section, select a Group Name link. |
Step 4 | Make changes to the editable fields. Fields marked with an asterisk are required. |
Step 5 | To make changes to an entry in the participants list, select X to delete an entry, and then add the entry again with the updated data. |
Step 6 | Select Update to save the changes. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | In the Blast Dial section, select X next to the group you want to delete. |
Step 4 | Select
OK to confirm.
The Blast Dial group and related participants lists are deleted from the system. |
After you configure the settings for a Blast Dial group, create the internal and external Participants list. The system calls the members of the internal and external participants lists when a host initiates a WebEx Blast Dial meeting, dialing the members of the internal list first followed by the members of the external list.
Internal participants have a company email address. An administrator enters only an email address for internal users, and the system locates users names and phone numbers on their My Account pages. The system calls internal participant's phone numbers listed on the My Account page in consecutive order, meaning if a user enters an office number the system dials that number, but if a user enters a mobile number but no office number the system dials the mobile number first. See "Updating Your Account Information" in the Cisco WebEx Meetings Server User Guide for details.
External participants can participate in WebEx Blast Dial meetings as guests, but they do not have company email addresses. An administrator enters a name, email address, and a phone number on the Blast Dial dialog for external participants. The system dials the phone numbers in consecutive order.
There are two ways to add participants:
Enter a participant's information in the fields provided in the Internal List or External List sections.
Ask the person who will host the Blast Dial meetings to select the Participants Template link on the My Account page to download a template file. The host should enter the participants' information and send the complete template to the administrator to import into the system.
Export a participants list CSV file, enter the required information, and import the updated CSV file.
Note | External participants cannot host a WebEx Blast Dial meeting. |
The system checks all participant entries and automatically moves entries between participants lists if an internal user's email address is entered in the external participants list or the system cannot locate the email address for an entry in the internal participants list in the database. If an internal participant entry is moved to the external list, enter a user name and phone number to make the entry valid.
Contact the person who will host the Blast Dial meetings and ask the host to select the Participants Template link on the My Account page to download a template file. The host should enter the participants' information and send the complete template to an administrator. See "Downloading the Group and Participants Templates" section in the Cisco WebEx Meetings Server User Guide Release 2.5.
Step 1 | Sign in to the Administration site. | ||
Step 2 | Select . | ||
Step 3 | In the Blast Dial section, select a Group Name link. | ||
Step 4 | You can export the existing Participants list, modify the CSV
file, and import the file to add or change participant's information.
| ||
Step 5 | To import participants: | ||
Step 6 | To add
individual entries in the provided fields:
The newly added participants appear in the Internal List or External List. | ||
Step 7 | (Optional)Select the
Host check box to designate a person as a host.
| ||
Step 8 | Select Save to save the blast dial group settings and the newly added entries in the participants list. A person designated as a host receives an email notification which includes the host PIN, participant PIN, meeting password (if configured), and blast dial call-in number. All other participants receive an email notification which includes the participant PIN and meeting password (if configured). |
To modify an entry in a participants list, see Editing Blast Dial Group Settings.
To import a participants list, see Importing a Participants List.
To export a participants list, see Exporting a Participants List.
Before you create a participants list, select Export List to export a blank CSV file with the proper column headings. Otherwise, the system exports all participant information for this Blast Dial group. The exported list that contains both internal and external participants contains: NAME, EMAIL, PHONENUMBER1, PHONENUMBER2, PHONENUMBER3, PHONENUMBER4, and ISHOST.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||
Step 2 | Select . | ||
Step 3 | Select a Group Name in the Blast Dial section. | ||
Step 4 | Select Export List in the Participants section. The participant data is exported as a CSV file. | ||
Step 5 | On the export dialog, select to open the file with a specific application or save the file and download it. | ||
Step 6 | Access the
exported CSV file and add, change, or delete participant data.
For external participants, the system requires a name, email address, and one phone number. For internal participants, the system requires only a user's company email address. At least one internal user must be assigned a host role.
|
Prepare a comma-delimited or tab-delimited (CSV) file containing the participant information. You can export the current participant list values to a CSV file, modify the file, and import it to add or change participant information.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | Select a Group Name in the Blast Dial section. |
Step 4 | Select Tab or Comma to indicate the type of CSV file you are importing. |
Step 5 | Select Browse and then select the CSV file to be imported. |
Step 6 | Select
Import.
The file is imported to the system. |
Step 7 | Select Update to save the participant information. The imported participants' information is saved to the database. |
Scroll through the participants lists to view the participants' information and verify that the values were imported correctly.
Go to Exporting a Participants List to export a participants list.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select Settings > Video. |
Step 3 | Select
360p,
180p or
Off and then select
Save.
Refer to the "About Meeting Recordings" section of the CWMS Planning Guide for approximate storage requirements. |
If your system is configured to permit more than one call-in access number, the system assumes that the first number is a toll-free access number and attempts this number first. The application does not connect if this number is not reachable from the mobile network. Make sure that this number is accessible from the mobile network.
When using an iOS mobile device and the data center certificates are not from a well-known certificate authority, it is necessary to import both data center SSL certificates into the iOS mobile device. Otherwise, iOS mobile device displays an error when trying to launch a meeting.
We recommend that Android mobile device users import both data center certificates before attempting to launch a meeting. After importing certificates into the Android device, the device shall trust the WebEx sites and does not show a warning message when starting a meeting from this site.
Note | Android is supported in Cisco WebEx Meetings Server 2.0 and higher. Both the iOS and Android WebEx applications are enabled by default. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select Settings > Mobile. |
Step 3 | Configure your mobile settings
by selecting which mobile platforms your system supports and then select
Save.
Default: iOS WebEx application and Android WebEx applications. The iOS and Android WebEx applications work the same as the Cisco WebEx desktop application; from an internal intranet or external Internet. |
For Cisco WebEx Meetings Server Release 2.0 and later, see Exporting a SSL Certificate for Mobile Devices for information about exporting certificates to email to your mobile device users.
Differentiated Services (DiffServ) code point (DSCP) settings determine the QoS for the audio and video media signaling, as defined in RFC 2475. Cisco recommends that you retain the default value. The other values are available for the rare instances when the network requires a different DSCP setting. For more information, see the "Network Infrastructure" chapter of the Cisco Unified Communications Solution Reference Network Design (SRND) that applies to your version of Cisco Unified Communications Manager at http://www.cisco.com/en/us/products/sw/voicesw/ps556/products_implementation_design_guides_list.html.
Following are the default values:
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select Settings > Quality of Service. |
Step 3 | Select QoS marking settings using the appropriate drop-down menus and then select Save. |
Traffic | QoS Marking |
---|---|
SIP Audio—media—CWMS to Endpoint | Yes |
SIP Audio—signalling—CWMS to Endpoint | Yes |
PC Audio—media—CWMS to Client | No |
PC Audio—signalling—CWMS to Client | No |
PC Audio—media—Client to CWMS | No |
PC Audio—signalling—Client to CWMS | No |
PC Video—media—CWMS to Client | No |
PC Video—signalling—CWMS to Client | No |
PC Video—media—Client to CWMS | No |
PC Video—signalling—Client to CWMS | No |
Traffic | QoS Marking |
---|---|
SIP Audio—media—CWMS to Endpoint | Yes |
SIP Audio—signalling—CWMS to Endpoint | Yes |
PC Audio—media—CWMS to Client | Yes |
PC Audio—signalling—CWMS to Client | Yes |
PC Audio—media—Client to CWMS | No |
PC Audio—signalling—Client to CWMS | No |
PC Video—media—CWMS to Client | Yes |
PC Video—signalling—CWMS to Client | Yes |
PC Video—media—Client to CWMS | No |
PC Video—signalling—Client to CWMS | No |
You can configure password settings for the following:
General Passwords—Controls password expiration periods and enables you to force users to change their passwords either immediately or at a specified interval.
User Passwords—Enables you to configure password strength for user accounts including mixed case, length, character types and usage, dynamic web page text controls, and setting up a list of unacceptable passwords.
Meeting Passwords—Enables you to enforce password usage for meetings and to configure password strength for meetings including mixed case, length, character types and usage, dynamic web page text controls, and setting up a list of unacceptable passwords.
Note | If SSO is enabled on your system, the settings on the General Password and User Password pages and the password change controls on the Edit User page no longer apply to host accounts. |
All password settings on this page are optional and can be toggled on (checked) or off (unchecked).
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select Settings > Password Management > General Password. |
Step 3 | (Optional)Select
Deactivate
host account after [number] day(s) of inactivity and enter the
number of days in the text field. (Default: Unchecked
(disabled) and set for 90 days.)
If you enable the default setting, a user is deactivated if he or she has not hosted or scheduled a meeting for 90 consecutive days. This feature only applies to host accounts. You cannot deactivate an administrator account by using this feature. To deactivate an administrator account, see Activating or Deactivating Users and Administrators from the Users Page. |
Step 4 | (Optional)Select Force all users to change password every number day(s) and enter the number of days in the text field. (Default: Unchecked) |
Step 5 | (Optional)Select Force all users to change password on next login. (Default: Unchecked) |
Step 6 | (Optional)Select
Enable
user account locking. (Default: Unchecked)
To prevent unauthorized access to a system, the system automatically locks an administrator account after failed sign-in attempts. (In this case, the user is an administrator; host accounts are not locked.) Email is sent to all administrators, including the administrator with the locked account, with unlock instructions. After one hour, the system automatically unlocks the account. Administrators can unlock another administrator's locked account (see Unlocking an Administrator Account). Additional parameters display: |
Step 7 | Select Save. |
These settings apply to both the administrator and the end users when the system uses default authentication. These settings apply only to the administrator when the system uses Lightweight Directory Access Protocol (LDAP) authentication or Single Sign-on (SSO) authentication; end user passwords are managed by an AD server or an IdP server.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||||||||||||
Step 2 | Select . | ||||||||||||||||||||||
Step 3 | Change your user
password settings by configuring the fields on the page.
| ||||||||||||||||||||||
Step 4 | Select Save. |
Use this feature to configure meeting password parameters. The table describes when users must enter a password to attend a meeting.
Password Configured | Password Excluded from Email Invitation | Meeting Creator Signed In | Host Signed In | Invitee Signed In | Guest Signed In | Guest Not Signed In |
---|---|---|---|---|---|---|
No | n/a | Password not required. | Password not required. | Password not required. | Password not required. | Password not required. |
Yes | Yes | Password not required. | Password not required. | Password not required. | Password required. | Password required. |
Yes | No | Password not required. | Password not required. | Password not required. | Password required. Password is pre-filled. | Password required. Password is pre-filled. |
Step 1 | Sign in to the Administration site. | ||||||||||||||||||||||
Step 2 | Select . | ||||||||||||||||||||||
Step 3 | Change your
meeting password settings by configuring the fields on the page.
| ||||||||||||||||||||||
Step 4 | Select Save. |
You can configure your email settings and templates. Your email templates have default settings that you can optionally change.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||
Step 2 | Select
Settings >
Email.
The Variables page opens. | ||
Step 3 | Enter your
From
Name, your
From Email
Address, your
Reply-To email address, and then select
Save.
You can enter a person's name in the From Name on the Variables page, but meeting invitations will reflect the host's email address. | ||
Step 4 | Select
Templates. See
About Email Templates for descriptions of each template
type.
The Templates page appears. Select the Common or Meetings tab. Common is the default. | ||
Step 5 | To configure email templates, select the desired template link on the Common and Meetings tab. | ||
Step 6 | Make changes (if
any) to the email template you selected and select
Save.
Example:Select the Account Reactivated template link on the Common tab. Make changes to the fields in the Account Reactivated dialog box and select Save. The default From Name, From Email Address, and Reply-To values are taken from the settings you configure on the Variables page.
|
Use the email templates to communicate important events to users. Each email template has variables that you must configure. See the table below for descriptions of the variables in each template.
There are two types of email templates:
Common–Including lost password, host and invitee notifications, recording availability, and other general notices.
Meetings–Including meeting invitations, cancellations, updates, reminders, and information notices.
Title | Description | Variables |
---|---|---|
AD Activation |
Sent to a user after an AD account has been activated. |
|
AD-Sync Failed |
Sent to an administrator after a failed synchronization. |
|
AD-Sync Success |
Sent to an administrator after a successful synchronization. |
|
Account Reactivated |
Sent to a user after an administrator reactivates the user's account. |
|
Forgot Password–Password Changed |
Sent to a user after he has reset his password from the end-user site. |
|
Forgot Password–Reset Password |
Sent to a user after he has reset his password from the end-user site. This email asks the user to create a new password. |
|
PT Meeting Invitation—Invitee |
Sent to meeting invitees after a meeting is scheduled using Productivity Tools from a Personal Conference account. |
|
PT Meeting Invitation - Invitee |
Sent to meeting invitees after a meeting is scheduled using Productivity Tools. |
|
Recording Available for Host |
Sends the host a link to a meeting recording. |
|
SSO Activation Email |
Sent after Single Sign-On (SSO) is enabled. |
|
Send Email To All Users |
Sends an email to all users on the system. |
|
Setup Cisco WebEx—Mobile Device |
Informs users about the Cisco WebEx app for mobile devices and provides a download link for the app. |
|
Share Recording |
Sends selected meeting invitees a link to a meeting recording. |
|
Share Recording from MC |
Sends selected meeting invitees a link to a meeting recording. Participants selected by the host in Meeting Center after selecting Leave Meeting. |
|
Users—Password Changed |
Sends users an email when their password has been changed. |
|
Welcome Email |
Sent to a new administrator after his or her account is created. |
Title | Description | Variables |
---|---|---|
Blast Dial Meeting Invite for Host |
Sent to the host when a host dials a Blast Dial call-in number to start a meeting. |
|
Blast Dial Meeting Invite for Attendee |
Sent to participants when a host dials a Blast Dial call-in number to start a meeting. |
|
Blast Dial Meeting Group Deleted |
Sent to the members of the Blast Dial group when an administrator deletes the group. |
|
In-Progress Blast Dial Meeting Invite for Host |
Sent to other hosts when a host invites them to a meeting while the meeting is in progress. |
|
In-Progress Blast Dial Meeting Invite for Attendee |
Sent to users when a host invites them to a meeting while the meeting is in progress. |
|
Blast Dial Meeting Information Updated for Host |
Provides meeting information to a host when the meeting settings have been changed. |
|
Blast Dial Meeting Information Updated for Attendee |
Provides meeting information to participants when the meeting settings have been changed. |
|
In-Progress Meeting Invite for Attendee |
Sent to users when a host invites them to a meeting while the meeting is in progress. |
|
Instant Meeting Invite for Host | Sent to the host and invitees when the host selects Meet Now. | |
Meeting Canceled for Attendee | Informs a user that a scheduled meeting has been canceled. | |
Meeting Canceled for Host | Sent to the meeting host to confirm cancellation of a meeting. | |
Meeting Information Updated for Alternate Host |
Provides meeting information to the alternate host when the meeting settings have been changed. |
|
Meeting Information Updated for Attendee | Provides meeting information for a meeting invitee when the meeting settings have been changed. | |
Meeting Information Updated for Host | Provides meeting information to the host when the meeting settings have been changed. | |
Meeting Reminder for Alternate Host | Sends a meeting reminder to the meeting alternate host. | |
Meeting Reminder for Host | Sends a meeting reminder to the meeting host. | |
Meeting Rescheduled for Alternate Host | Sends updated meeting information to the alternate host. | |
Meeting Rescheduled for Attendee | Sends updated meeting information to invitees. | |
MeetingInfo for Alternate Host | Sends a meeting confirmation to the alternate host. | |
MeetingInfo for Attendee | Sends a meeting invitation to invitees. | |
MeetingInfo for Host | Sends a meeting confirmation to the host. | |
PCN Meeting Auto Reminder—Host | Sends an automatic meeting reminder to the meeting's host (Personal Conference accounts only). | |
PCN Meeting Invitation—Invitee | Sends a meeting invitation to invitees (Personal Conference accounts only). | |
PCN Meeting Manual Reminder—Host | Sends a manual meeting reminder to the meeting's host (PCN accounts only). | |
PCN Meeting Manual Reminder—Invitee | Sends a manual meeting reminder to invitees (Personal Conference accounts only). | |
PCN Meeting Notification—Host | Sends a meeting notification to the host (Personal Conference accounts only). | |
PCN Meeting Instant Invitation—Host | Sends an instant meeting notification to the host (Personal Conference accounts only). | |
PCN Meeting In Progress Invitation—Invitee | Sends an instant meeting notification to an invitee (Personal Conference accounts only). | |
PCN Meeting Schedule Change—Host | Sends a schedule change notification to the host (Personal Conference accounts only). | |
PCN Meeting Schedule Change—Invitee | Sends a schedule change notification to an invitee (Personal Conference accounts only). | |
PCN Meeting Rescheduled—Invitee | Sends a meeting rescheduled notification to an invitee (Personal Conference accounts only). | |
PCN Meeting Canceled—Host | Sends a meeting cancellation notification to a host (Personal Conference accounts only). | |
PCN Meeting Canceled—Invitee | Sends a meeting cancellation notification to an invitee (Personal accounts only). |
You can mass-deploy CWMS applications by using the tools available to you on the Administration site. The applications available for download include are:
WebEx Meetings Application—The core application for scheduling, attending, or hosting meetings.
Running the WebEx Meetings application on a virtualized operating system is not supported.
If a user does not have the WebEx Meetings application installed, the first time a user joins a meeting it is downloaded to the PC. This can be configured to be done on-demand or silently. The user has the option of using the Cisco WebEx Meetings application for the duration of the meeting and having it removed when the meeting is over or performing an installation of the application to speed up the process of starting or joining future meetings. This might fail because the user does not have administrator privileges.
WebEx Productivity Tools—Provides an interface between other applications, such as Microsoft™ Outlook®, allowing the management of meetings through those applications.
After an update or upgrade to a system, any old versions of WebEx Productivity Tools should be removed and the latest version installed.
WebEx Network Recording Player—Plays back the recordings of meetings. This can include any material displayed during the meeting.
In CWMS the .MSI installer for the applications is available from the Downloading Applications from the Administration Site for more information.
page. SeeWe recommend that you push the applications to user computers offline, before you inform those end-users that accounts have been created for them. This ensures that your users can start and join meetings and play network recordings the first time they sign in.
Where users have administrator privileges, you can enable users to download the applications from the end-user Downloads page and install the applications themselves. No additional administrator action is required.
For sites that have deployed Cisco WebEx Meetings Server Release 1.5 MR3 (build 1.5.1.386) or earlier and use cloud-based WebEx Meeting Services, uninstall the Meetings application for both WebEx Meetings Server and WebEx Meeting Services, and then re-install the WebEx Meetings application in the correct folders on user PCs. Otherwise, users cannot join meetings hosted by cloud-based WebEx users. See "Users with PCs Without Administrator Privileges Cannot Join Meetings Hosted by Cloud-based WebEx Users" in the Cisco WebEx Meeting Server Troubleshooting Guide for more details.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||
Step 2 | Select Settings > Downloads. | ||||
Step 3 | Select the
Auto
update WebEx Productivity Tools check box to configure periodic
automatic updates. (Default: checked.)
| ||||
Step 4 | Select your
download method:
If you select Permit users to download WebEx desktop applications, you can select Save to finish your download configuration. No further action is necessary. If you select Manually push WebEx Meetings and Productivity Tools to user’s desktop, the WebEx Meetings Application, Productivity Tools, and WebEx Network Recording Player sections appear on the page. Proceed to the next step. | ||||
Step 5 | For each
application that you want to download and install, select
Download and select
Save to save a ZIP file to your system that contains
installers for the corresponding application.
Each ZIP file contains application installers for all supported languages and platforms. | ||||
Step 6 | Select Save to save your download settings. |
Certificates ensure secure communication between the components of your system. When your system is deployed, it is configured with a self-signed certificate. While a self-signed certificate can last for up to five years, we recommend that you configure certificates that are validated by a certificate authority. A certificate authority ensures that communication between your virtual machines is authenticated. A system can have multiple virtual machines. Only one certificate is required for a data center. Except for the IRP virtual machine, the system certificate includes the fully-qualified domain names (FQDNs) for all other virtual machines, site URLs, and administration URLs.
The following certificate types are supported:
SSL—Required on all systems. (See Importing SSO IdP Certificates.)
SSO IdP—For SSO with identity provider (IdP) certificates.
Secure teleconferencing—Required for TLS teleconferencing. You can configure up to two secure teleconferencing certificates, one for each CUCM system that you choose to configure.
SMTP—Required if your email server is TLS-enabled.
This product supports the following SSL certificates:
You cannot update your certificates or Certificate Signing Request (CSR), but you can generate a certificate or a CSR at any time. If you add virtual machines to your system or change any of your existing virtual machines, you must generate new certificates for each virtual machine on your system.
A data center is joined to the system.
Your system size has been expanded, resulting in the deployment of new virtual machines. The FQDNs of these new virtual machines are not present in your original SSL certificate.
A high-availability system has been added, resulting in the deployment of new virtual machines. The FQDNs of these new virtual machines are not present in your original SSL certificate.
The Cisco WebEx site URL has changed. This URL is not present in your original SSL certificate.
The Administration site URL has changed. This URL is not present in your original SSL certificate.
The FQDN of the administration virtual machine has changed. This FQDN is not present in your original SSL certificate.
Your current SSL certificate has expired.
If your SSL certificate becomes invalid for any reason, your system will automatically generate new self-signed certificates and you are informed of this change by a global warning message at the top of the Administration site page indicating that SSL has become invalidated.
Your system must have a SSL certificate configured. This product supports the following types of SSL certificates:
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||||||||
Step 2 | Select . | ||||||||||||||||||
Step 3 | Complete the
fields on the
Generate
CSR (Certificate Signing Request) page.
| ||||||||||||||||||
Step 4 | Select
Generate
CSR.
The Download CSR dialog box appears. | ||||||||||||||||||
Step 5 | Select
Download.
You receive a ZIP file that contains the CSR and the associated private key. The CSR file is called csr.pem and the private key file is called csr_private_key.pem. | ||||||||||||||||||
Step 6 | Back up your
system by using VMware Data Recovery or VMware vSphere Data Protection. See
Creating a Backup by using VMware vCenter.
Backing up your system preserves the private key in the event that it is necessary to restore it. |
Cisco WebEx Meetings Server supports X.509 certificates with PEM and DER encoding, and PKCS12 archives.
Users might have problems joining meetings if their system uses a self-signed certificate. To avoid this, configure the client side to use self-signed certificates.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. |
Step 3 | Select
.
If you already have a certificate installed, the system warns you that importing a new certificate will overwrite it. |
Step 4 | Select Continue. |
Step 5 | Select
Browse and choose your certificate.
You must choose an X.509-compliant certificate or certificate chain. Valid types include: You can import a certificate chain using a PKCS#12 file or a single file of PEM blocks. If you use a PEM file, it must be formatted as follows:
All the certificates must be uploaded together in one file; you cannot upload one certificate and then add the intermediate certificates later. You can upload the intermediate certificates to prevent certificate warnings if you are using a certificate authority that uses intermediate certificates and the intermediate certificates are not distributed in their clients. If the certificates come with a certificate chain, you must combine an intermediate certificate and an end-user certificate into one file. The sequence is that the intermediate certificate is first, and the end user certificate is next. The two certificates are back to back; there is no space between them. PKCS#12 files must have a .p12 extension. They should only contain the certificates and private key (optional). |
Step 6 | Select
Upload.
The system determines if the certificate is valid. A certificate might be invalid for the following reasons:
|
Step 7 | (Optional)Enter the
Passphrase.
A passphrase is required to decrypt PKCS12 archives or an encrypted private key (if the uploaded PEM files contain the private key). |
Step 8 | Select
Continue.
Your system imports your SSL certificate and displays it in a scrollable certificate file dialog box. |
Step 9 | Select Done. |
Step 10 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
Download the Secure Socket Layer (SSL) certificate:
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select An option to open or save the certificate appears. . |
Step 3 | Save the
certificate file.
This provides just the Cisco WebEx Meeting Server CWMS end entity certificate. If you uploaded additional, intermediate certificates, they are not included. |
Verify that administrators and end users are able to sign in to the administration or common web pages without seeing any site not trusted warnings.
Apple iPhones or iPads running Apple iOS 5.0 or later have a built-in, trusted root certificate. If your company uses a self-signed certificate or if the root certificate installed on your Cisco WebEx Meetings Server is not on the Apple Trusted Certificate Authority list, you must export a SSL certificate and email it to your users to install on their mobile devices before they can join a WebEx meeting.
Exporting a SSL certificate is required only if you are using a self-signed certificate. If you are using a trusted Certificate Authority-signed certificate, exporting a SSL certificate is not required.
Verify that the trusted root certificate pre-installed on a user's Apple iPhone or iPad is on the Apple Trusted Certificate Authority list. See http://support.apple.com/kb/ht5012 for details.
Verify that users have an active, high-speed Internet connection for their mobile devices.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | Save the certificate file to your local hard drive. |
Step 4 | Attach the saved certificate file to an email and send it to each authorized user iOS email account. |
Step 5 | Users open the email on their mobile devices, save the file, and install the certificate file on their mobile devices: |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select
.
A dialog box appears asking you to save the CSR.zip file that contains the CSR and private key. |
Step 3 | Select a location on your system to save the file and select OK. |
Step 4 | Back up your private key file, csr-private-key.pem, in case you need it later. |
A self signed certificate is automatically generated after you deploy your system. We recommend that you install a certificate that is signed by a certificate authority. You can generate a new self-signed certificate at any time by using this feature.
Note | Users might have problems joining meetings if their system uses a self-signed certificate, unless the administrator on the client side has configured the system to use self-signed certificates. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||||||
Step 2 | Select . | ||||||||||||||||
Step 3 | Complete the
fields on the
General
Self Signed Certificate page.
| ||||||||||||||||
Step 4 | Select
Generate
Certificate and Private Key.
If you need to use the same SSL certificate after a major upgrade, you must upload the private key generated with the CSR that is used to get the certificate. The private key must be the first block in the certificate file. Your certificate file is generated and displayed. | ||||||||||||||||
Step 5 | Select Done. |
In the event that your certificate becomes invalid or you have performed a disaster recovery on your system, you can restore a SSL certificate by using this feature. Cisco WebEx Meetings Server supports X.509 certificates with PEM and DER encoding, and PKCS12 archives.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. |
Step 3 | Select
.
If you already have a certificate installed, the system warns you that importing a new certificate will overwrite it. |
Step 4 | Select Continue. |
Step 5 | Select
Browse and choose your certificate file.
You must choose an X.509-compliant certificate or certificate chain. Valid types include: You can import a certificate chain using a PKCS#12 file or a single file of PEM blocks. If use a PEM file, It must be formatted as follows:
All the certificates must be uploaded together in one file. You cannot upload one certificate and then add the intermediate certificates later. You might want to upload the intermediate certificates if you are using a certificate authority that uses intermediate certificates and the intermediate certificates are not distributed in their clients. Uploading them will prevent certificate warnings. PKCS#12 files must have a .p12 extension. They should only contain the certificates and private key (optional). |
Step 6 | Select
Upload.
After you select Upload, the system will determine if your certificate is valid. A certificate can be invalid for the following reasons:
If the certificate is valid, proceed to the next step. If the certificate is invalid, you cannot upload it. You must select a valid certificate before you can continue. |
Step 7 | (Optional)Enter a
Passphrase.
A passphrase is required to decrypt PKCS12 archives or an encrypted private key (if uploaded .pem files contain the private key). |
Step 8 | Select
Continue.
Your system imports your SSL certificate and displays it in a scrollable certificate file dialog box. |
Step 9 | Select Continue on the SSL Certificate page to complete the import. |
Step 10 | Select Done. |
Step 11 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
For service provider-initiated Single Sign-on (SSO) with a signed authentication request in a Multi-data Center (MDC) system, you must import the certificate from each data center into the Identity Provider (IdP). (Cisco WebEx Meeting Server can not use its private key to decrypt the assertion.)
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | Select Browse and choose your SSO IdP certificate. |
Step 4 | Select
Upload.
Your certificate file is displayed. |
Step 5 | Select Done to submit your certificate. |
Importing SMTP certificates from a local computer to the CWMS system.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | Select Browse and choose your SMTP certificate. |
Step 4 | Select
Upload.
Your certificate file is displayed. |
Step 5 | If your system is not in Maintenance Mode, select Continue to enter Maintenance Mode. |
Step 6 | Select Done to submit your certificate. |
Step 7 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
Step 8 | Select Continue. The system restarts. |
Secure teleconferencing certificates are only required if TLS conferencing is enabled. If TLS conferencing is not enabled, this option is not available.
Secure teleconferencing certificates are required for your CUCM servers when TLS is selected as the transport type in your audio settings. See About Configuring Your Audio Settings for more information.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. | ||
Step 3 | Select
Settings >
Security >
Certificates.
If secure teleconferencing certificates are required, an Import Certificate button is shown for each CUCM server that must be configured. | ||
Step 4 | Select Import Certificate for CUCM n. | ||
Step 5 | Enter a certificate name. | ||
Step 6 | Select
Browse and choose your certificate file.
| ||
Step 7 | Select
Upload.
After you select Upload, the system will determine if your certificate is valid. If the certificate is valid, proceed to the next step. If the certificate is invalid, you cannot upload it. You must select a valid certificate before you can continue. | ||
Step 8 | Select
Continue.
Your system imports your SSL certificate and displays it in a scrollable certificate file dialog box. You are notified that you have imported an SSL certificate. | ||
Step 9 | Select Done. | ||
Step 10 | Return to step 4 and repeat the process for the next CUCM server. | ||
Step 11 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||||
Step 2 | Select Settings > Security > User Sessions. | ||||||||||||||
Step 3 | Complete the
fields on the
User
Sessions page to set the web page expiration time.
| ||||||||||||||
Step 4 | Select Save. |
The CWMS system supports Single Sign-on (SSO) systems based on the industry standard Security Assertion Markup Language (SAML) 2.0 protocol.
SSO allows clients to use their on-premises SSO system to simplify the management of their CWMS system. With SSO, users securely sign into the system by using their corporate sign-in credentials. You can also configure SSO to create or manage user accounts on the fly when users attempt to sign in. User login credentials are not sent to Cisco, protecting corporate sign-in information.
Note | Enabling SSO overrides users login settings. Make sure you inform users before you enable SSO. Configuring SSO can be a complex operation and we strongly recommend that you contact your Cisco Channel Partner or Cisco Advanced Services before you continue. |
Note | After you have enabled SSO, user credentials are managed by the corporate authentication system. Certain password management features no longer apply to your users. See Configuring Passwords and Editing Users for more information. |
Configure a SSO IdP certificate to use this feature. See Importing SSO IdP Certificates for more information.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. | ||||||||||||||||||||||||||||||||||||||||||||||||
Step 2 | Select . | ||||||||||||||||||||||||||||||||||||||||||||||||
Step 3 | After you have generated public and private keys and an X.509 certificate as described in the pre-requisites, select Continue. | ||||||||||||||||||||||||||||||||||||||||||||||||
Step 4 | Select your
initiation method:
| ||||||||||||||||||||||||||||||||||||||||||||||||
Step 5 | Complete the
fields and select your options on the
SSO
Configuration page:
| ||||||||||||||||||||||||||||||||||||||||||||||||
Step 6 | Select
Enable
SSO.
The Review SSO Settings page appears. Review your settings and select Save. |
Disabling SSO disables a user's ability to sign in with their company credentials. Make sure you inform your users that you are disabling SSO and that they can still sign in with their Cisco WebEx credentials.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select Settings > Security > Federated SSO. |
Step 3 | Find the sentence, "If you would like to disable SSO please click here." Select the click here link. |
Step 4 | Select
Disable
SSO to confirm.
The Federated SSO page appears with a banner that confirms you have disabled SSO. |
Note | Your system supports Cisco WebEx SaaS releases WBS27 and higher, and Cisco WebEx Meetings 1.2. |
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | (Optional)Select Enable users to sign in to SaaS WebEx accounts from WebEx Productivity Tools. |
Step 4 | Select Save. |
Your virtual machine security features include the ability to update your encryption keys and enable or disable FIPS-compliant encryption.
Cisco WebEx Meetings Server uses internally generated encryption keys to secure all communications between the virtual machines on your system. Use this feature to update your encryption keys periodically.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. |
Step 3 | Select Settings > Security > Virtual Machines. |
Step 4 | Select Update Encryption Keys. |
Step 5 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
At a very high level, the FIPS 140 requirements apply to the following module characteristics:
Implementation of FIPS-approved algorithms
Specific management of the key life cycle
Approved generation of random numbers
Self-tests of cryptographic algorithms, image integrity, and random number generators (RNGs)
Cisco WebEx Meetings Server uses CiscoSSL 2.0 to achieve FIPS 140-2 Level 2 compliance.
Enabling FIPS might result in reduced compatibility with popular web-browsers and operating systems. Symptoms might include, but are not limited to, problems signing into the system, 404 errors, and starting and joining meetings.
Cisco recommends that you take the following actions:
Ensure that your Windows PCs are running at least Windows XP SP3 or above.
Update all Windows computers to Microsoft Internet Explorer 8 or above regardless of whether your users' desired web browser is Internet Explorer, Mozilla Firefox, or Google Chrome. Your users must provide Internet Explorer 8 on all computers because our FIPS-enabled clients (Cisco WebEx Meetings, Productivity Tools, and WebEx Recording Player) use FIPS-enabled system libraries that are only available on Internet Explorer 8 and above.
Configure Internet settings on all user computers to TLS encryption. On your PC desktop, select Control Panel > Internet Options > Advanced > Security > Use TLS 1.0 and Use TLS 1.2. We recommend selecting both options for maximum compatibility but you must at least select Use TLS 1.0.
If your users plan to host meetings for guests (for example, people who do not work for your company) you must inform your guest users to manually update their operating systems and browsers as described above before they join your meetings. If they do not perform the above steps, they might experience compatibility issues. We recommend that you include the above instructions in your meeting invitations. You can do this by editing the appropriate meeting invitations available on your Administration site at Settings > Email > Templates.
Use this feature to enable your Federal Information Processing Standard (FIPS) compliant encryption setting.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. |
Step 3 | Select Settings > Security > Virtual Machines. |
Step 4 | Select
Enable to enable FIPS compliant encryption and
Continue to confirm.
FIPS compliant encryption is configured on your system. |
Step 5 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
Use this feature to disable Federal Information Processing Standard (FIPS) compliant encryption on your system.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Turn on Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
Unless you are expanding a system, we recommend that you take a snapshot of each virtual machine. (See Taking a Snapshot by using VMware vCenter.) Turning on Maintenance Mode on all active data centers shuts down conferencing activity and prevents users from signing in to the WebEx site, scheduling meetings, joining meetings, or playing meeting recordings. If this data center is part of a Multi-data Center (MDC) system and another data center is active, in-progress meetings will fail over to the active data center. This might cause a brief interruption in active meetings. See About Maintenance Mode for information about which system tasks require Maintenance Mode to be turned on. |
Step 3 | Select Settings > Security > Virtual Machines. |
Step 4 | Select
Disable to disable FIPS compliant encryption and
Continue to confirm.
FIPS compliant encryption is disabled on your system. |
Step 5 | Turn off Maintenance Mode. See
Turning Maintenance Mode On or Off for Version 2.5 and Later.
When you turn off Maintenance Mode, the system determines if a restart (takes approximately 3 - 5 minutes) or a reboot (takes approximately 30 minutes) is required and displays the appropriate message. If this data center is part of a Multi-data Center (MDC) system, the administrator is re-directed to the global admin URL. The data center that the administrator sees is determined by the DNS resolution policy. If Key Regeneration is enabled, taking one data center out of Maintenance Mode automatically takes all data centers in the system out of Maintenance Mode. Meeting service for users on this data center is restored. |
For secure sites that require users to read a security message and accept an agreement before signing in to the site, upload a file that contains warning text.
To remove the sign-in warning message, go to Configuring a Security Sign-in Warning.
Create a text file (.txt) with the warning to be displayed before a user signs in to a WebEx Common site or an Administration site. The text file must use UTF-8 characters and encoding.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | Select Browse and the text file to be uploaded. |
Step 4 | Select
Upload.
The file is uploaded and immediately appears on all sign-in pages. |
If your site is required to store audit information about system changes, configure the Application Audit Log settings.
If a user is configured as an Auditor, the Application Audit Log option is visible and configurable only by the Auditor. If your system does not have a user with the Auditor role, the Application Audit Log option is visible and configurable by an Administrator, SSO Administrator, or LDAP Administrator.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select Settings > Security > Application Audit Log. |
Step 3 | Select Enable Audit Log to generate a log. |
Step 4 | To log
application audit information to a remote syslog server, enter the parameters
for the
Primary Remote Syslog Server.
The events in the Remote
Syslog Audit Event Level menu are organized in order of importance.
|
Step 5 | (Optional)To log application audit information to a secondary remote syslog server, enter the parameters for the Secondary Remote Syslog Server. |
Step 6 | (Optional)To delete old log files, select the date to purge prior log archives in Log Purging Settings and select Purge Log Archive. |
Step 7 | Set the
Minimum
percentage of free space on the log partition, by moving the slide
bar.
The parameter for the logging service makes sure the selected percentage of free space on the log partition is available. The default is 20 percent. When an Auditor accesses this window from the Auditor tab, the configuration for the Log Partition Alarm appears. |
Step 8 | Set the
Retain
log archives for no more than the selected number of days.
The default is 40 days. |
Step 9 | Select Save. |
See Viewing and Editing Alarms for details about setting alarm thresholds.
The Security Sign-in Warning displays the warning message on the Common WebEx site, Administration WebEx site, and CLI sign-in pages.
Step 1 | Sign in to the
Administration site.
In a Multi-data Center system, the DNS determines which data center Dashboard appears. All data centers can be managed from this Dashboard. |
Step 2 | Select . |
Step 3 | Browse in
message and select
Upload or select
Remove
Message.
Message is added to the system and will display on sign-in pages or the file is removed from the system and will not appear on sign-in pages. |