Network Requirements for On-Premises Devices

Proximity in Networks

When Intelligent Proximity services are enabled on a room or desk device, an inaudible ultrasonic sound token is played through the room or desk device loudspeakers. Cisco Webex Teams on your mobile or computer records this token through its integrated microphone. The token contains information on how to connect to the room or desk device over the network.

Your computer or mobile device decodes the token and attempts to establish a secure connection to the room or desk device. To establish the connection, the computer or mobile device must be able to reach the IPv4 address of the room or desk device in the room on port 443 (HTTPS).

Network Considerations

  • Virtual Local Area Networks (VLAN)

    When virtual LANs are deployed for network isolation, a route needs to be configured for TCP/port 443. A computer in the data VLAN connects to the room or desk device on a video/voice VLAN.

  • Mobile Networks

    For a mobile data network (3G/4G/LTE), users can connect with a VPN connection to the enterprise network and route to the room or desk device IP from the VPN concentrator. The room or desk device has to be routable on IPv4.

  • Guest Networks

    You can grant access for guest networks. The room or desk device has to be routable on IPv4.

  • IPv6, Hostnames and Fully Qualified Domain Names (FQDN)

    The ultrasound token exchange doesn't support IPv6 addresses, hostnames, or FQDN´s. However, the computer or mobile device can have an IPv6 address as long as it can connect to the IPv4 addressable room or desk device.

  • Network Address Translated Networks

    If the room or desk device is configured behind a Network Address Translation (NAT), Webex Teams won't connect to the room or desk device. However, the computer or mobile device can connect to the room or desk device when the IPv4 address of the room or desk device is reachable from behind the client NAT.

Deployment for On-Premises Devices Connecting to Cisco Webex Cloud for Calls

When you use a Webex Teams app that is paired to an on-premises video device to make a call, that call is made using the video device and routed using the Cisco Webex Cloud. The video device must be able to call outside of your local network.

If your deployment already includes a firewall traversal solution such as Expressway or VCS and the URIs to *.webex.com and *.ciscospark.com can be dialed, then no further action should be needed to allow calling to work. If your deployment doesn't include a firewall traversal solution, then the following guide provides guidance on how to deploy it, Cisco Webex Meetings Enterprise Deployment Guide for Video Device-Enabled Meetings.

Requirements for On-Premises Devices

  • Each on-premises device requires Cisco Collaboration Endpoint (CE) software 9.0 or later.

  • To ensure the on-premises device can make calls using a URI, configure Cisco Unified Communications Manager and Cisco Expressway to route *.webex.com to the internet to route the call.

  • To configure your on-premises device you must set the following proximity settings in Cisco Unified Communications Manager. For more information, see the administration guides for your deployment of Cisco Unified Communications Manager.

    • Mode—Choose On.

    • Services

      • FromClients—Choose Enabled to allow users to share content wirelessly using the device.

      • CallControl—Choose Enabled to allow users to join meetings using the device.

    The following is the maximum number of simultaneous connections for different types of video systems.

    Video system

    Maximum number of connections

    Room Kit, Room 55, Room 55 Dual, Room 70, Room 70 G2

    30/7

    Codec Plus, Codec Pro

    30/7

    SX80

    10

    SX10, SX20

    7

    MX700, MX800

    10

    MX200 G2, MX300 G2

    7

    DX70, DX80

    3

    With Cisco Collaboration Endpoints (CE) software 9.4 and later, when you disable the proximity setting ToClients, the maximum number of simultaneous connections can be up to 30. If the setting is enabled, a maximum of seven users can connect to the same device from any app. After the maximum number of people have connected, somebody must disconnect before any new participants can connect and share their screen or control the video device.

There are differences in how the Webex Teams app connects to cloud-registered and on-premises devices. When connecting to an on-premises device, the content that is shared between Webex Teams and the room or desk device is always encrypted. However, we don’t enforce certificate verification when an HTTPS session is established with an on-premises device. Verifying certificates would prevent any guest devices working and would be complex to deploy and maintain.

Allow Users to Connect to On-Premises Devices

You can choose to allow your users to connect to your on-premises devices using the Webex Teams app.

1

From the customer view in https:/​/​admin.webex.com, go to Settings.

2

Scroll to Device Discovery and check Allow the Webex Teams app to connect to on-premises registered device.

  • Users can only connect to on-premises devices using ultrasound and their computer must be on the same Local Area Network (LAN) as the device.

  • When users connect to on-premises devices, they can share their screen in calls or meetings. However, they won't be able to share their computer audio or optimize video.