Much thanks and deep appreciation to Justin O’Sullivan, Cisco dood extraordinaire. (http://www.syferstrategies.com/blog)
Background
Microsoft Skype for Business and Cisco Jabber are, by far, the two most popular IM/P applications for the general business community. Yes, there are some fringe applications that offer some really good features, and they work well, but for the mainstream business community, it really boils down to either Microsoft SfB or Cisco Jabber.
This is empirically proved by my blog tracking. Since its’ original posting in May of 2013, my #2 most viewed article, month after month, has been http://tsoorad.blogspot.com/2013/05/connecting-lync-2013-and-cisco-jabber.html.
Seeing as how both applications have had several years to mature and evolve, I thought this would be a good time to revisit the entire scenario of connecting the two most popular suites so your business can connect to another to streamline process and communication.
To achieve this lofty goal, I leveraged my SfB lab, which is currently running SfB update to the June 2016 Cumulative Update. I also leveraged one of my awesome Cisco-centric co-workers, Justin O’Sullivan. Justin runs a full Cisco lab in the course of his job, and he graciously agreed to burn up his off hours helping create the SfB <-> Jabber federation.
Initial Environment Layout
As stated, my lab is SfB, running a full edge on three IP’s. All SfB components are updated to 6.0.9319.259. (and yes, I know that not all components update to that version, but they are all 6.0.9319, and Microsoft does not update components that have no need to update).
Justin’s Cisco lab is an alphanumeric soup of Expressway C/E Version: 8.8.0, Cisco IM & Presence Version: 10.5.2.22900-2, Cisco UCM Version: 10.5.2.12901-1, & Cisco Jabber Version: 11.7.1. Whew!
As in the previous Lync-Jabber article, the SfB side is extremely simple, but we’ll step through all the necessary configurations and considerations (with pictures so that Amanda sitting in the back of the class will understand), and then we’ll do the same with the Jabber side.
Skype for Business XMPP setup.
First, make sure that XMPP is enabled in your environment. At the site level and at the Edge Pool level:
Personally, I always light up every possible configuration on initial install, so I don’t have to go back and do it again later. You can just turn things off later, but if you waited until now, you will need to publish the topology when you get done with this step, and then either run step 2 of the deployment wizard on the appropriate servers, or bootstrap the appropriate servers so that the necessary bits are turned on to make this work.
Next, you need to head off for your Control Panel. I suppose you could also do this next piece from PowerShell, but I like GUI when I can GUI.
Inside CSCP (yes, still called that) go to your Federation and External Access tab on the left, and check your External Access Policy. Make sure the “Enable communications with XMPP federated users is checked.
Now go to the XMPP Federated Partners and setup a partner as shown.
Get yourself an admin PowerShell window open on your server and do get-csxmppallowedpartner so you can double-check your work (read your spelling).
You might also want to have your dialbackpassphrase set. Just set it to something easy-peasy. If I am not too mistaken, I set this example to “xmppdialback” – if you need a primer on just what this part does, see this.
Now, go to your external DNS provider, and get yourself a squeaky clean SRV record:
_xmpp-server._tcp.domain.com or in my case, _xmpp-server._tcp.tsoorad.net. Port 5269. In DNS parlance, you want to submit, if you need to, _xmpp-server._tcp.domain.com 0 0 300 5269 sip.domain.com, where the numbers mean 0 weight, 0 priority, TTL 300, port 5269, and a target of sip.domain.com. An NSLOOKUP from the world should reveal something that looks a lot like this:
Set your firewall to allow port 5269 inbound and outbound from your Edge server (or servers). At this point, I can expect things to work from the SfB side of life.
And now the fun (?) begins
As a preface, Justin worked through this one time, but it took a few server restarts before he could convince his system to operate as expected. Neither of us could figure that out but, what the heck, eh?
Reference Material Used:
Expressway C/E Version: 8.8.0
Cisco IM & Presence Version: 10.5.2.22900-2
Cisco UCM Version: 10.5.2.12901-1
Cisco Jabber Version: 11.7.1
JabberID = sAMAccountName@domain.com
In this example, we will be configuring external XMPP federation using the Cisco Expressway solution as opposed to the IM&P based XMPP federation option. When deploying external XMPP federation, you must choose one or the other and not both. Verify the service is correctly enabled on the selected option (Expressway) and disabled on the other (IM&P).
Service disabled on CUPS/IM&P
Follow the certificate requirements as per Cisco documentation.
Add the local domains to the Expressway-C server and verify XMPP Federation is set to “On”:
Navigate to Configuration > Domains
On the Expressway-E, further enable the XMPP federation settings as below:
Navigate to Configuration > Unified Communications > Configuration
Notes:
1. In our example, we are not using TLS as depicted above
2. If in use, the Dialback Secret must be the same on other Expressways in the domain
XMPP DNS Records
For foreign systems to resolve/authenticate your domain correctly, set up the below SRV record for XMPP services:
_xmpp-server._tcp.{domain} (priority) (weight) (port 5269) (Target Host)
(e.g. _xmpp-server._tcp.syferstrategies.com 0 0 5269 expe.syferstrategies.com)
Group Chat Records
For group chat node DNS resolution to work properly with federated domains, configure the below external SRV records:
_xmpp-server._tcp.{chatnode}.{domain} (priority) (weight) (port 5269) (Target Host)
(e.g. _xmpp-server._tcp.chatnode1.syferstrategies.com 0 0 5269 expe.syferstrategies.com)
Notes:
1. Alternatively, static routes can be used on the local Expressway if the remote system does not have these DNS records enabled
a. This can be added under Configuration > Unified Communications > Federated Static Routes
Checking XMPP Federation status
Navigate to Status > Unified Communications > XMPP Federation Connections
Jabber Experience
Add the external contact
Enter the IM address of the external contact
New federated contact seen below
![clip_image002[1]](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjjkpDAK5klFk4nDe4O5soKYpgZn1Uiq6EDuQlNLFtGeF51sTEjvctP1VdW_sPmnADxatA1uAuaHDhreWc3yZ1NMoxiQZ4PEfqNxbIHPYwI6HpIZnbD4_VHHAIBSVgWN2khTex6jFwarV4S/s1600-h/clip_image002%25255B1%25255D%25255B3%25255D.jpg "clip_image002[1]")
Back to SfB to see how that looks!
Summary
We have demonstrated a SfB XMPP configuration then the Cisco Expressway/Jabber configuration. Works great, less filling. Let the commo begin!
YMMV
No comments:
Post a Comment