Installation and Administration Guide for Cisco Unified Mobility Advantage, Release 7.0 - Preparing to Install or Upgrade Cisco Unified Mobility Advantage [Cisco Unified Mobility Advantage]

Table Of Contents

Preparing to Install or Upgrade Cisco Unified Mobility Advantage

Order of Installation, Upgrade, and Configuration Tasks

Tasks with Long Lead Times

Cisco Unified Mobility Advantage in the Network

Obtaining IP Addresses and DNS Names from IT

Opening Firewall Ports

Your Network and Related Servers Must Be Functioning Properly

Preparing Information Required for Installation and Configuration

Preparing to Install or Upgrade Cisco Unified Mobility Advantage

Revised Date: April 17, 2009

Before you install Cisco Unified Mobility Advantage or upgrade from Release 3.x, perform the following preinstallation procedures and gather the required information. For upgrades from Release 7.0(1), you do not need to change or add to existing settings unless you are adding or changing functionality or enterprise servers.

•Order of Installation, Upgrade, and Configuration Tasks

•Tasks with Long Lead Times

•Cisco Unified Mobility Advantage in the Network

•Obtaining IP Addresses and DNS Names from IT

•Opening Firewall Ports

•Your Network and Related Servers Must Be Functioning Properly

•Preparing Information Required for Installation and Configuration

Order of Installation, Upgrade, and Configuration Tasks

For new installations of Cisco Unified Mobility Advantage Release 7.x:

Follow the order of the chapters in this book through the chapter on the Configuration Wizard, except where noted. For example, all procedures required to configure the Cisco Adaptive Security Appliance are near the beginning of the book, in Chapter 2, "Configuring the Cisco Adaptive Security Appliance (ASA) for Use With Cisco Unified Mobility Advantage." However, although you should start configuring the Cisco Adaptive Security Appliance before you install and configure Cisco Unified Mobility Advantage, you cannot complete the Cisco Adaptive Security Appliance setup until after you have installed, configured, and started Cisco Unified Mobility Advantage, and this fact is noted in the appropriate sections.

After you complete the Configuration Wizard, follow the remaining operations specified at the end of that chapter.

After you install and configure Release 7.0(1), upgrade to Release 7.0(2).

For upgrades from Cisco Unified Mobility Advantage Release 7.0(1) to Release 7.0(2):

Follow the instructions in Upgrading from Release 7.0(1) to Release 7.0(2), page 5-19.

For upgrades from Cisco Unified Mobility Advantage Release 3.x to Release 7.0(1):

Follow the instructions in Chapter 5, "Upgrading Cisco Unified Mobility Advantage." Links will take you to topics throughout the document as needed.

Related Topics

•Chapter 7, "Using the Configuration Wizard in Cisco Unified Mobility Advantage"

•Chapter 5, "Upgrading Cisco Unified Mobility Advantage"

Tasks with Long Lead Times

Some preinstallation requirements have relatively long lead times. We recommend starting the following processes early:

•Obtaining IP addresses

•Opening ports in firewalls.

•Obtaining a signed SSL certificate for the Cisco Adaptive Security Appliance.

Related Topics

•Obtaining IP Addresses and DNS Names from IT

•Opening Firewall Ports

•Required and Recommended Signed Certificates, page 9-2

Cisco Unified Mobility Advantage in the Network

The illustration below shows how Cisco Unified Mobility Advantage works in the network.

•Cisco Unified Mobility Advantage is deployed behind the enterprise firewall and serves as the integration point for all enterprise services.

•A Cisco Adaptive Security Appliance (ASA) serves as proxy server for communications between clients and server. Cisco Unified Mobile Communicator communicates with Cisco Unified Mobility Advantage through the Cisco Adaptive Security Appliance.

•Cisco Unified Communications Manager provides Cisco Unified Mobility features such as unified voice messaging, MobileConnect, and Dial via Office, as well as call log management.

•Cisco Unified Presence supplies availability status and some contact list management.

•Cisco Unity or Cisco Unity Connection provides visual Voicemail.

Your network must provide IP connectivity between:

•Cisco Unified Mobile Communicator and the Cisco Adaptive Security Appliance

•The Cisco Adaptive Security Appliance and Cisco Unified Mobility Advantage

•Cisco Unified Mobility Advantage and the Enterprise Services

If your Information Technology department requires information about data flows, see the Appendix.

Figure 1-1 Cisco Unified Mobility Advantage Architecture

Obtaining IP Addresses and DNS Names from IT

You must obtain the necessary IP addresses and DNS host names before you can configure the Cisco Adaptive Security Appliance and Cisco Unified Mobility Advantage.

Procedure

Step 1 Obtain the following IP addresses and DNS hostnames from your IT department:

Required IP Addresses and Host Names

Your Value

Externally-accessible IP address and its corresponding externally-visible DNS name.

This IP address or host name serves as the following:

•The Cisco Adaptive Security Appliance outside (external) interface

•The fully qualified domain name (FQDN) on the signed certificate that resides on the Cisco Adaptive Security Appliance. You will obtain this certificate when you configure the Cisco Adaptive Security Appliance.

•The world-routable IP address for the Cisco Unified Mobility Advantage server.

•The Proxy Host Name to which Cisco Unified Mobile Communicator clients will connect.

•The value you will enter into the Proxy Host Name field in Cisco Unified Mobility Advantage Admin Portal under System Management > Network Properties.

You will configure NAT rules to translate this IP address to the private IP address of the Cisco Unified Mobility Advantage server.

IP Address:

Host Name:

IP address that serves as both of the following:

•The Cisco Adaptive Security Appliance inside (internal) interface. This is the source address for Cisco Adaptive Security Appliance to connect to Cisco Unified Mobility Advantage.

•Shared IP address for consolidating client communications for passing to Cisco Unified Mobility Advantage.

IP Address:

Private IP address for the server on which Cisco Unified Mobility Advantage is installed.

DNS host name for this server.

IP Address:

Host Name

Step 2 Print this section and note the values in Your Value column of the table.

You will need this information for configuration.

Step 3 Verify that each DNS host name resolves to its associated IP address.

Related Topics

•About Cisco Adaptive Security Appliance Deployment Options, page 2-2

•How to Obtain and Install a Cisco Adaptive Security Appliance-to-Client Certificate, page 2-8

Opening Firewall Ports

The figure below illustrates the required communication paths through the corporate firewalls. Cisco Unified Mobility Advantage Release 7.x restricts the communication port ranges for security reasons. The required bidirectional ports must be open.

If you are upgrading from Release 3.1.2, port requirements are different in Release 7.x than in Release 3.1.2, so your communication ports (in the Admin Portal, in System Management > Network Properties) will be set during the upgrade to the default values indicated in the table in this section. You may need to have your IT department open new ports in the firewalls.

Procedure

Step 1 Ask your IT security administrator to open the following bidirectional ports in the specified ranges:

Firewall

Purpose

Port

Range

Default

Your Value

Outer firewall

The Cisco Adaptive Security Appliance communicates with the Cisco Unified Mobile Communicator client using these ports.

Proxy Client Connection Port (TCP)

—

—

Proxy Client Download Port (HTTP)

—

—

Inner firewall

Cisco Unified Mobility Advantage communicates with the Cisco Adaptive Security Appliance using these ports.

Client Connection Port (TCP)

5400-5500

5443

Client Download Port (HTTP)

9000-9100

9080

Step 2 Print this section and note the opened port numbers that you receive from IT in the Your Value column of the table.

You will need this information for configuration.

Related Topics

•Configuring Server Setup Network Configuration, page 7-21.

Your Network and Related Servers Must Be Functioning Properly

Before you install or upgrade Cisco Unified Mobility Advantage, the environment into which you will deploy it must be configured and working correctly. Configure switches and routers and verify that the other enterprise servers are reachable from the network location where Cisco Unified Mobility Advantage is installed. Cisco Unified Communications Manager should be able to route calls, and voicemail and presence must be functioning properly before you add Cisco Unified Mobility Advantage to the network.

Cisco Unified Mobility Advantage cannot operate, and troubleshooting will be far more difficult, if the underlying network and dependencies are not functioning properly.

Preparing Information Required for Installation and Configuration

Gather and record information required for installation and configuration.

Before You Begin

•Print the following sections of this book so that you can complete the tables with required values for your deployment:

–Obtaining IP Addresses and DNS Names from IT

–Opening Firewall Ports

–Chapter 6, "Installing Cisco Unified Mobility Advantage"

–(For new installations) Information in Chapter 7, "Using the Configuration Wizard in Cisco Unified Mobility Advantage" for the enterprise servers you will deploy.

–(For upgrades from Release 3.x) Information in Appendix A, "Page References: Enterprise Adapter Settings in Cisco Unified Mobility Advantage" for the enterprise servers you will deploy.

•Review the guidelines for the application dialing rules and directory lookup settings you will need to configure:

–Application Dialing Rules, page 3-6

–Recommended Directory Lookup Settings, page 3-7

Procedure

Step 1 Learn your IT information security requirements, if any, for connections between servers inside the firewall:

•Can connections be TCP (nonsecure)? Or must they be TLS or SSL (secure)?

•If connections must be secure, what certificates must Cisco Unified Mobility Advantage provide?

Step 2 Gather the required information based on the tables in the sections you printed.

Step 3 Note your values in the tables so that you can refer to them as you install and configure Cisco Unified Mobility Advantage.

Step 4 Work with your Cisco Unified Communications Manager administrator to determine the application dialing rules and directory lookup rules you will need to configure.

Related Topics

•Chapter 9, "Managing Server Security in Cisco Unified Mobility Advantage"