Configuration Guide for Cisco Unified MeetingPlace Web Conferencing Release 5.4
Configuring External Access to Cisco Unified MeetingPlace Web Conferencing
Downloads: This chapterpdf (PDF - 240.0KB) The complete bookPDF (PDF - 4.38MB) | Feedback

Configuring External Access to Cisco Unified MeetingPlace Web Conferencing

Table Of Contents

Configuring External Access to Cisco Unified MeetingPlace Web Conferencing

About Firewalls

Firewall Basics

Port Access Requirements with a Firewall

About Segmented Meeting Access

About the SMA-1S Configuration

About the SMA-2S Configuration

About the SMA-2S Configuration with SSL and Segmented DNS

How to Configure the SMA-1S Deployment

How to Configure IIS

How to Configure Secure Sockets Layer

Task List for Configuring SSL

Optional Tasks for Configuring SMA-1S

How to Configure the SMA-2S Deployment


Configuring External Access to Cisco Unified MeetingPlace Web Conferencing


Though you can provide external access to Cisco Unified MeetingPlace web conferences by simply opening ports in your firewall, we do not recommend this option because it lacks security. Alternately, Cisco Unified MeetingPlace Web Conferencing supports two segmented meeting access configurations that allow you to provide external access to your users while maintaining network security.

See the following sections:

About Firewalls

About Segmented Meeting Access

How to Configure the SMA-1S Deployment

How to Configure IIS

How to Configure Secure Sockets Layer

Optional Tasks for Configuring SMA-1S

How to Configure the SMA-2S Deployment

About Firewalls

Firewall Basics

A firewall is a security device set up to protect a local area network (LAN) from unwanted Internet access. However, you can provide limited access by opening specific TCP ports to allow inbound access to public servers while leaving other portions of the network protected. For example, when a user on the Internet connects to a company home page, the user must pass through TCP port 80 of the company firewall to access the web server, as shown in Figure 5-1.

Therefore, if you do nothing else, you can allow external access to Cisco Unified MeetingPlace web conferences by opening ports on your network.

Figure 5-1 Typical Firewall Setup

1

Cisco Unified MeetingPlace web server inside the private corporate network.

2

End user system outside the private corporate network.


Port Access Requirements with a Firewall

As long as port 80 is open inbound on your firewall, external users who are using the meeting console are able to participate in a Cisco Unified MeetingPlace web conference. However, port 80 requires "tunneling," and results in slower web conferencing. Therefore, for an optimal web conferencing experience, we strongly recommend that you also open TCP port 1627 inbound when using the meeting console.

If an external user wants to host a web conference by using a T.120 application like NetMeeting, you must also open TCP port 1503 inbound so that the T.120 application can connect to the web server.

Figure 5-2 shows the specific ports you need to open so that the meeting console and T.120 applications can connect to the web server through a firewall. If external attendees are also located behind a firewall, they must open the same ports outbound on their end.

Figure 5-2 Port Access Requirements with a Firewall

1

Cisco Unified MeetingPlace Audio Server system.

2

Cisco Unified MeetingPlace web server.


About Segmented Meeting Access

While external participation is possible by controlling port access through a firewall, we highly recommend that you consider a segmented meeting access (SMA) configuration instead. SMA configurations isolate some meetings on the private corporate network while exposing others, designated as external, to the Internet. Users designate their meetings as internal or external during the scheduling process by setting the Allow External Web Participants parameter on the New Meeting scheduling page.

Typically, a Cisco MCS is placed in the demilitarized zone, or DMZ, a network segment created between the private corporate network and the Internet to host meetings for external access.

Cisco Unified MeetingPlace Web Conferencing supports two SMA configurations, which you can choose from during the Web Conferencing installation. For more information, see the applicable Installation and Upgrade Guide for Cisco Unified MeetingPlace Web Conferencing, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.

Regardless of which configuration you choose, we highly recommend that you configure external web servers to use Secure Sockets Layer (SSL). This provides optimum security and resolves proxy server issues that can prevent users from joining a web conference. For SSL configuration instructions, see the "How to Configure Secure Sockets Layer" section.

About the SMA-1S Configuration


Note For system requirements, see the System Requirements for Cisco Unified MeetingPlace, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.


In a Segmented Meeting Access-1 Server (SMA-1S) configuration, a single web server is placed in a network segment, such as a demilitarized zone (DMZ), and two websites provide access to Cisco Unified MeetingPlace Web Conferencing. One of the sites is only accessible from behind the firewall. The other is accessible from inside or outside the firewall.

While internal users have access to the full-access Web Conferencing user interface, external users have limited access to an attend-only web page that only allows attendance to external meetings.

The benefits of this configuration are cost effectiveness, since you only require one web server, and a moderate level of security. However, this configuration is more complex to deploy than the Segmented Meeting Access-2 Servers (SMA-2S) configuration and involves setting up virtual websites. It also requires a segmented DNS for a single click-to-attend notification link. If you want to maintain a single click-to-attend link, more DNS work is required.

Figure 5-3 Segmented Meeting Access - 1 Server Configuration

1

Cisco Unified MeetingPlace Audio Server system.

2

Internal DNS server.

3

Cisco Unified MeetingPlace web server.

Note The web server must have two IP addresses.

4

Internal user.

Internal users enter internal meetings through the internal website.

Internal users entering an external meeting are redirected to their meeting from the internal website.

5

External user.

External users access external meetings through the external website.

External users do not have access to internal meetings.

 

 


About the SMA-2S Configuration


Note For system requirements, see the System Requirements for Cisco Unified MeetingPlace, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.


In the Segmented Meeting Access-2 Servers (SMA-2S) configuration, Cisco Unified MeetingPlace Web Conferencing is deployed on two separate web servers or two separate clusters of web servers. One is on the internal network, behind the firewall; the other is on another network segment, such as a DMZ. The internal server or cluster is only accessible from behind the firewall while the external server or cluster is accessible from inside or outside the firewall.

While internal users have access to the full-access Web Conferencing user interface, external users have access to an attend-only web page that only allows attendance to external meetings.

The SMA-2S configuration is the preferred and most secure deployment model if you want to provide external access to Cisco Unified MeetingPlace web conferences.


NoteWe highly recommend that you configure external web servers to use Secure Sockets Layer (SSL). This provides optimum security and resolves proxy server issues that can prevent users from joining a web conference. For SSL configuration instructions, see the "How to Configure Secure Sockets Layer" section.

If you are deploying your Cisco Unified MeetingPlace Web Conferencing system with SSL and a segmented DNS, make sure that the DNS name is different from the SSL certificate name on the external or internal web server.


Figure 5-4 Segmented Meeting Access-2 Server Configuration

1

Internal Cisco Unified MeetingPlace web server.

This web server sits inside the private corporate network.

2

External Cisco Unified MeetingPlace web server.

This web server sits in a network segment, such as a DMZ.

3

Internal user.

Internal users enter internal meetings through the internal web server.

Internal users enter external meetings through the external web server.

4

External user.

External users can enter external meetings only.

Users enter these meetings through the external web server.


About the SMA-2S Configuration with SSL and Segmented DNS

If your Cisco Unified MeetingPlace Web Conferencing system has SSL configured on the external web server and a segmented DNS, the segmented DNS name cannot be the same as the SSL certificate name on the external or internal machine. See the following example for configuration guidelines.

Example

You have a SMA-2S configuration where SSL is required for external users, but not required for internal users who are accessing the internal or external machine.

The segmented DNS name is meetingplace.company.com.

The SSL certificate name for the external machine is meetingplace1.

The hostname for the external machine from the internal machine is meetingplace1.

All URLs and click-to-attend links are in the form of http://meetingplace.company.com.

When users access http://meetingplace.company.com from the external network, the external machine will automatically redirect them to HTTPS plus whatever hostname is configured in the database—in this case, meetingplace1.


Note If you force SSL on all users, both internal and external users will be required to use SSL when they access the external web server.


How to Configure the SMA-1S Deployment

This section provides an overview of the SMA-1S configuration process.

Before You Begin

Read the following sections:

About Segmented Meeting Access

About the SMA-1S Configuration

Install Cisco Unified MeetingPlace Web Conferencing for a SMA-2S deployment. For instructions, see the Installation and Upgrade Guide for Cisco Unified MeetingPlace Web Conferencing, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.

Restrictions

In a SMA-1S deployment, you see only one server defined under the Web Server Admin page. All of the parameters on this configuration page control the behavior of both the external (DMZ) web site and the internal web site. This is a limitation of SMA-1S deployment in addition to its compromises on security relative to SMA-2S.

You cannot set up mixed http and https. For example, you cannot have the internal site use http and the external site use https.

You cannot set Allow Desktop Sharing independently. For example, you cannot allow desktop sharing for internal meetings while disabling desktop sharing for public meetings.

Parameters under Web Server Customization Values control the behavior of both the internal and external sites.

Task List: To Configure SMA-1S Deployment

Complete the following tasks, in the order specified.

1. Configure IIS. For instructions, see the "How to Configure IIS" section.

2. (Optional) If you have not already defined the web server, do so now. For instructions, see the Installation and Upgrade Guide for Cisco Unified MeetingPlace Web Conferencing, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.

3. (Optional) If you are configuring the SMA-1S internal site for Single Sign On, configure the internal web site to use NT Authentication. For instructions, see the "To Configure the SMA-1S Internal Site for Single Sign On-NT Authentication" section.

4. Configure the web server for Secure Sockets Layer (SSL) support. For instructions, see the "How to Configure Secure Sockets Layer" section.

5. Test your configuration. For instructions, see the "To Test Internal Meetings" section.

How to Configure IIS

To configure IIS, complete the following procedures in the order shown:

To Configure the Default Web Site

To Create the Internal Web Site

To Create the MPWEB Virtual Directory

To Configure the MPWEB Virtual Directory

To Configure the Extensions Virtual Directory

To Configure the Scripts Virtual Directory

To Configure the WebHelp Virtual Directory

To Configure the Public Virtual Directory

To Configure the Template Virtual Directory

To Configure the Default Web Site

The default Web site in IIS is automatically configured by the Cisco Unified MeetingPlace Web Conferencing installer as an external (DMZ) site. You do not need to change anything on this site other than the description and IP address.

Assign the server two IP addresses. You can assign either individual IP addresses to two NICs or two IP addresses to one NIC.


Step 1 Open the Default Web Site Properties window.

Step 2 In the Web Site Identification area Description field, enter information to reflect that this is the default site and a DMZ site. For example, you could enter Default DMZ site.

Step 3 From the IP Address drop-down list, assign an IP to this DMZ web site.

Step 4 Proceed to the "To Create the Internal Web Site" procedure.


To Create the Internal Web Site

Create a second web site to represent the internal web site.


Step 1 Open the Internet Information Services window.

Step 2 Right-click the server and choose New > Web Site.

Step 3 When prompted for the Web Site Description, enter MPWeb Internal Site.

Step 4 When prompted for the IP Address and Port Settings, enter the internal IP address.

Step 5 When prompted for the Web Site Home Directory, click Browse and navigate to the \inetpub\wwwroot folder.

By default, this folder is installed on the c: drive.

Step 6 When prompted for the Web Site Access Permissions, uncheck Run Scripts (Such as ASP).


Note Make sure that only Read access is checked.


Step 7 To complete the site creation wizard, click Next.

Step 8 Proceed to the "To Create the MPWEB Virtual Directory" procedure.


To Create the MPWEB Virtual Directory


Step 1 Right-click the new site that you created in the "To Create the Internal Web Site" procedure, and choose New > Virtual Directory.

Step 2 When prompted for the alias of this virtual directory, enter MPWEB.

Step 3 When prompted for the Web Site Content Directory, click Browse and navigate to the directory where the Cisco Unified MeetingPlace Web Conferencing application is installed.

By default, Web Conferencing is installed in c:\Program Files\Cisco Systems\MPWeb.

Step 4 When prompted for the Web Site Access Permissions, uncheck Run Scripts (Such as ASP).


Note Make sure that only Read access is checked.


Step 5 To complete the site creation wizard, click Next.

Step 6 Proceed to the "To Configure the MPWEB Virtual Directory" procedure.


To Configure the MPWEB Virtual Directory


Step 1 Right-click the newly created MPWeb virtual directory and choose Properties.

Step 2 Click the Documents tab.

Step 3 Click Add.

The Add Default Document window appears.

Step 4 Enter index.htm and click OK.

Step 5 To add both index.html and index.asp to the list, repeat Step 3 and Step 4.

Step 6 Click Apply, then click OK.

Step 7 Proceed to the "To Configure the Extensions Virtual Directory" procedure.


To Configure the Extensions Virtual Directory


Step 1 Expand the internal website MPWEB virtual directory so that all folders are visible.

Right-click the \Extensions folder and choose Properties.

Step 2 Click Create.

The Application Name field changes from grayed out to editable, and Extensions displays in the field.

Step 3 From the Execute Permissions field drop-down menu, choose Scripts and Executables.

Step 4 From the Application Protection field drop-down menu, choose Low (IIS Process).

Step 5 To accept the changes, click Apply, then click OK.

Step 6 Proceed to the "To Configure the Scripts Virtual Directory" procedure.


To Configure the Scripts Virtual Directory


Step 1 Right-click on the Scripts folder and choose Properties.

Step 2 Click Create.

The Application Name field changes from grayed out to editable, and Scripts displays in the field.

Step 3 From the Execute Permissions field drop-down menu, choose Scripts and Executables.

Step 4 From the Application Protection field drop-down menu, choose Low (IIS Process).

Step 5 To accept the changes, click Apply, then click OK.

Step 6 Proceed to the "To Configure the WebHelp Virtual Directory" procedure.


To Configure the WebHelp Virtual Directory


Step 1 Right-click the \Scripts\WebHelp subfolder and choose Properties.

Step 2 Click Create.

The Application Name field changes from grayed out to editable, and WebHelp displays in the field.

Step 3 From the Execute Permissions field drop-down menu, choose Scripts Only.

Step 4 From the Application Protection field drop-down menu, choose High (Isolated).

Step 5 To accept the changes, click Apply, then click OK.

Step 6 Proceed to the "To Configure the Public Virtual Directory" procedure.


To Configure the Public Virtual Directory


Step 1 Right-click the \Scripts\Public subfolder and choose Properties.

Step 2 Click Create.

The Application Name field changes from grayed out to editable, and Public displays in the field.

Step 3 From the Application Protection field drop-down menu, choose Low (IIS Process).

Step 4 To accept the changes, click Apply, then click OK.

Step 5 Proceed to the "To Configure the Template Virtual Directory" procedure.


To Configure the Template Virtual Directory


Step 1 Right-click the \Template folder and choose Properties.

Step 2 Uncheck Read.

Step 3 To accept the changes, click Apply, then click OK.

Step 4 Complete one of the following:

If you are not deploying Cisco Unified MeetingPlace for Cisco Unified IP Phone, proceed to the "To Remove Cisco Unified MeetingPlace for Cisco Unified IP Phone Integration Files" section.

If you are deploying Cisco Unified MeetingPlace for Cisco Unified IP Phone, proceed to the "Configuring the Web Server" section on page 2-29.


How to Configure Secure Sockets Layer

Secure Sockets Layer (SSL) secures information shared in a web conference by encrypting the data for travel across the network.

Task List for Configuring SSL

Before You Begin

Read the "About Segmented Meeting Access" section.

Restrictions

You must install Cisco Unified MeetingPlace Web Conferencing before you configure SSL.

If you are using SSL on an external web server, make sure that the hostname on the SSL certificate resolves to the external web server IP address.

If you are using SSL on a system with a segmented DNS, make sure that the hostname on the SSL certificate differs from the segmented DNS name.

Task List

1. Obtain a certificate from an authorized Certificate Authority. For instructions, see the "To Create a New Certificate File and Obtain a .cer File" procedure.

2. Apply the certificate to the Cisco Unified MeetingPlace Web Conferencing website. For instructions, see the "To Apply the SSL Certificate to the Cisco Unified MeetingPlace Web Conferencing Website" procedure.

3. Enable the Require SSL field on the Web Server administrative page. For instructions, see the "To Configure SSL From the Cisco Unified MeetingPlace Web Conferencing Administrative Page" procedure.

4. (Optional) Enable SSL security in IIS. For instructions, see the "To Enable SSL in IIS" procedure.

To Create a New Certificate File and Obtain a .cer File


Step 1 From the Cisco Unified MeetingPlace Web Conferencing server, open the Internet Services Manager.

Click Start > Programs > Administrative Tools > Internet Services Manager.

Step 2 Right-click Default Web Site and choose Properties.

The Default Web Site Properties window appears.

Step 3 Click the Directory Security tab and then Server Certificate.

The Web Server Certificate Wizard appears.

Step 4 Click Next.

Step 5 From the Server Certificate window, choose Create a New Certificate, then click Next.

Step 6 From the Delayed or Immediate Request window, choose Prepare the Request Now, But Send It Later, then click Next.

Step 7 Follow the prompts in the wizard to complete creating your certificate file.

Step 8 When you see the Certificate Request File Name window, accept the default to create a certificate file named certreq.txt.

Step 9 Click Next.

You have created a new certificate file.

Step 10 Send this file to your certificate provider in return for a .cer file.

Step 11 Proceed to the "To Apply the SSL Certificate to the Cisco Unified MeetingPlace Web Conferencing Website" procedure.


To Apply the SSL Certificate to the Cisco Unified MeetingPlace Web Conferencing Website

You must have received the .cer file from your certificate provider before beginning this procedure.


Step 1 Install the .cer file on the web server and note the install location below:

Location ________________________________________________

Step 2 Run the Web Server Certificate Wizard again.

Step 3 From the Pending Certificate Request window, choose Process the Pending Request and Install the Certificate, then click Next.

Step 4 When prompted, enter the location of your .cer file. This is the value you made note of in Step 1.

Your website is now set up with a certificate.

Step 5 Proceed to the "To Configure SSL From the Cisco Unified MeetingPlace Web Conferencing Administrative Page" procedure.


To Configure SSL From the Cisco Unified MeetingPlace Web Conferencing Administrative Page


Step 1 Sign in to Cisco Unified MeetingPlace Web Conferencing.

Step 2 From the Welcome page, click Admin, then click Web Server.

Step 3 From the "View" section of the page, click the name of the web server you want to configure.

Information about this server populates the "Edit" section of the page.

Step 4 For Require SSL, choose Yes or Either.

Choosing Either means that this web server can support both SSL and non-SSL connections. If you choose Either, you must not configure the website to require a secure channel (SSL).

Step 5 Click Submit.

Step 6 (Optional) Proceed to the "To Enable SSL in IIS" section.


To Enable SSL in IIS


Step 1 From the Cisco Unified MeetingPlace Web Conferencing server, open the Internet Services Manager.

Click Start > Programs > Administrative Tools > Internet Services Manager.

Step 2 From the left panel, right-click the website directory and choose Properties.

Step 3 From the Properties window, click the Directory Security tab.

Step 4 From the Secure Communications window, click Edit.

If Edit is disabled, you did not apply the SSL certificate to the website you are configuring. Return to the "To Apply the SSL Certificate to the Cisco Unified MeetingPlace Web Conferencing Website" procedure and apply the SSL certificate before proceeding to Step 5.

Step 5 Configure the Secure Communications window, then click OK.

To enable only HTTPS transmission, check Require Secure Channel (SSL).

To enable both HTTP and HTTPS transmissions, uncheck Require Secure Channel (SSL).

Step 6 Right-click the website directory again and choose Properties.

Step 7 From the Properties window, click the Web Site tab.

Step 8 For SSL Port, enter 443, which is the default port used for HTTPS requests.

Step 9 Click Apply, then OK to close the window.

Step 10 After making these changes, stop and restart the website you just configured.

a. Right-click the folder and choose Stop.

b. Right-click the folder again and choose Start.


Optional Tasks for Configuring SMA-1S

See the following procedures:

To Remove Cisco Unified MeetingPlace for Cisco Unified IP Phone Integration Files

To Configure the SMA-1S Internal Site for Single Sign On-NT Authentication

To Remove Cisco Unified MeetingPlace for Cisco Unified IP Phone Integration Files

For security reasons, we recommend that you remove all the IP phone files under the \Scripts\Public folder if you are not deploying Cisco Unified MeetingPlace for Cisco Unified IP Phone.


Step 1 Open Windows Explorer.

Step 2 Navigate to the application file location.

On the MCS server, Cisco Unified MeetingPlace Web Conferencing is installed by default in c:\Program Files\Cisco Systems\MPWeb.

Step 3 Open \Scripts\Public.

Step 4 Delete all 79****.asp files.


To Configure the SMA-1S Internal Site for Single Sign On-NT Authentication

You can configure the internal web site to use NT Authentication so that users who are already authenticated on the NT domain are automatically logged in to Cisco Unified MeetingPlace when they access the internal web site.

The same NT user names must exist as Cisco Unified MeetingPlace profile user IDs in the Cisco Unified MeetingPlace profile database.


Step 1 Configure Internet Information Services for Integrated Windows Authentication.

a. Click Start > Programs > Administrative Tools > Internet Services Manager.

b. Right-click the \Scripts folder of the internal web site and choose Properties.

c. Choose the Directory Security tab, then click Edit.

d. Uncheck Anonymous Access.

e. Check Integrated Windows Authentication.

f. Click OK, then click Apply.

Step 2 Configure the web server to use NT authentication.

a. Open a web browser and go to the home page of the internal Cisco Unified MeetingPlace Web Conferencing site.

b. Sign in by using a Cisco Unified MeetingPlace profile with System Manager privileges.

c. From the Welcome page, click Admin, then click Web Server.

d. From the "View" section of the page, click the name of the web server that you want to configure.

Information about this web server populates the "Edit" section of the page.

e. Set Trust Web Server Authentication to Yes.

f. From the Web Authentication section, set "Step 1: Directory" to Windows Integrated Authentication.

g. Choose a username conversion function: Lower Case automatically converts usernames to all lower case; Upper Case automatically converts usernames to all upper case.

h. Click Submit.


How to Configure the SMA-2S Deployment

This section provides an overview of the SMA-2S configuration process.

Before You Begin

Read the "About the SMA-2S Configuration" section.

When you install multiple web servers, make sure that you synchronize the Purge parameters. For more information, see the "About Data Storage on the Web Server" section on page 3-1.

Install Cisco Unified MeetingPlace Web Conferencing on your internal web server. For instructions, see the Installation and Upgrade Guide for Cisco Unified MeetingPlace Web Conferencing, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.

Copy GUIDS from your internal web server to your external web server. For instructions, see the Installation and Upgrade Guide for Cisco Unified MeetingPlace Web Conferencing, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.

Install Cisco Unified MeetingPlace Web Conferencing on your external web server. For instructions, see the Installation and Upgrade Guide for Cisco Unified MeetingPlace Web Conferencing, at http://www.cisco.com/en/US/products/sw/ps5664/ps5669/prod_installation_guides_list.html.

Task List for Configuring the SMA-2S Deployment

1. From the internal web server, configure external meeting redirection. For instructions, see the "To Configure Redirection of External Meetings" procedure.

2. (Optional) Configure your external web server for Secure Sockets Layer (SSL) support. For instructions, see the "How to Configure Secure Sockets Layer" procedure.

3. Test your configuration. For instructions, see the "To Test Internal Meetings" procedure, and the "To Test External Meetings" procedure.

To Configure Redirection of External Meetings

External meetings are held on an external web server so that users can access their meetings from the Internet. Rather than have all of your users log in to a particular external web server, configure automatic redirection of all external meetings from your internal web servers to a designated external web server.

You must have properly installed Cisco Unified MeetingPlace Web Conferencing on all of your internal and external web servers before beginning this procedure.


Step 1 From the internal web server, sign in to Cisco Unified MeetingPlace Web Conferencing.

Step 2 From the Welcome page, click Admin, then click Web Server.

Step 3 From a blank Web Server Name field, enter the name of a new web server to represent your designated external web server.

Step 4 For Hostname, enter the fully qualified domain name (FQDN) of your external web server, that is, hostname.domain.com. If your web server is not in a Domain Name Server (DNS), enter the IP address instead.

You must be able to resolve this hostname from the internal web server.

If you are using SSL, make sure that the hostname on the SSL certificate resolves to the external web server IP address.

If you are using SSL and a segmented DNS, make sure that the DNS name and the SSL certificate name differ.

Step 5 To add this web server to the database, click Submit.

This server now appears as part of your list of web servers on the bottom portion of the page.

Step 6 Return to the main Admin page and click Site.

The Site administrative page appears.

Step 7 Click the Site Name that represents your cluster of internal web servers.

There should only be one site indicated on this page unless you deployed WebConnect.

Site Name should have a default value equal to the NetBIO name of the first web server you installed in this cluster.

Step 8 For DMZ Web Server, choose the external web server you just added.

This configures the internal web servers in this cluster to point to this external web server in the case of external meetings.

Step 9 Click Submit.


Tip The external cluster does not require any additional SQL Server database configurations.


Step 10 Proceed to the "To Test Internal Meetings" procedure.


To Test Internal Meetings


Step 1 Open your web browser to an internal Cisco Unified MeetingPlace Web Conferencing website.

Step 2 Sign in by using a Cisco Unified MeetingPlace profile with System Manager privileges.

Step 3 Schedule a meeting with internal access and add two attachment files.

a. From the Welcome page, click Schedule Meeting.

b. Set your meeting details, including meeting date and time.

c. For access, uncheck Allow External Web Participants.

d. Click Attachments/Recordings and add two attachments: a document file and a Microsoft PowerPoint attachment, then click OK.

e. Click Schedule.

Step 4 Verify that you received a notification for the meeting you scheduled in Step 3.

Step 5 From inside the private corporate network, verify that the internal click-to-attend link in your notification works.

a. Click the click-to-attend link.

b. If you attended a meeting on this web server previously, you are directed to the meeting console.

c. If you have not attended a meeting on this web server previously, the full-access Cisco Unified MeetingPlace Web Conferencing user interface appears.

Step 6 From the Internet, verify that the internal click-to-attend link in your notification does not work.

Step 7 Verify that you can attend the meeting.

If you attended a meeting on this web server previously, click the click-to-attend link to go directly in to the meeting console.

If you have not attended a meeting on this web server previously, enter the meeting ID and click Attend Meeting from the Cisco Unified MeetingPlace Web Conferencing home page.

Step 8 Verify that you are logged in as your profile by verifying that your profile name appears in the meeting console.

Step 9 Continue with the "To Test External Meetings" procedure.


To Test External Meetings

You must have a Cisco Unified MeetingPlace profile with System Manager privileges to complete this procedure.


Step 1 Open your web browser to an internal Cisco Unified MeetingPlace Web Conferencing website.

Step 2 Sign in by using a Cisco Unified MeetingPlace profile with System Manager privileges.

Step 3 Schedule a meeting with external access, and add two attachment files by completing the following steps:

a. From the Welcome page, click Schedule Meeting.

b. Set your meeting details, including your meeting date and time.

c. For external access, check Allow External Web Participants.

d. Click Attachments/Recordings and add two attachments: a document file and a Microsoft PowerPoint attachment, then click OK.

e. Click Schedule.

Step 4 Verify that you received a notification for the meeting you scheduled in Step 3.

Step 5 Verify that the external click-to-attend link in your notification works.

a. Click the click-to-attend link.

b. If you attended a meeting on this web server previously, you are directed to the meeting console.

c. If you have not attended a meeting on this web server previously, the external attend-only Cisco Unified MeetingPlace Web Conferencing user interface appears.

Step 6 Verify that you can attend the meeting.

If you attended a meeting on this web server previously, click the click-to-attend link to go directly in to the meeting console.

If you have not attended a meeting on this web server previously, enter a meeting ID and click Attend Meeting.

Step 7 Verify that you are logged in as your profile by verifying that your profile name appears in the meeting console.

Step 8 Verify that you can access the attachments and slide show from the external web server.

a. From the meeting console, click the Attachments tab to verify that you can open an attachment.

b. From the meeting console, click the Slides tab to verify that you can see the slides.

c. Switch to Presentation mode to verify that the first slide appears in the web collaboration window.