Cisco WebEx share

Bold and ProudThe New Cisco WebEx share is targeted towards making any room into a conference room, sometimes you may have a conference room but not enabled for Video Conferencing, thereby enhancing the conference experience. This product is a low cost option to convert the TV in that room into a high quality  collaboration experience whereby one can enable wireless content sharing without the need to connect any dongles to enable it to work. It allows you to book a room, display the calendar on screen and join the meeting with the WebEx Teams Application. The WebEx Teams Application will show you the room in proximity that you are able to connect to. This easily simplifies and enhances the meeting join experience by simply launching the WebEx Teams application and connecting to a device:

If it has identified a device it will show up as such:

The WebEx share is a nice and compact device designed to transform any TV into a WebEx device. This makes use of the great cisco innovations we are used to in a traditional video endpoint packed in a dongle. Turning on the HDTV display is triggered by;

  1. A person simply entering the room
  2. A WebEx client app pairing with the room device
  3. Calendar event scheduled 15 mins before the meeting
  4. Making noise in the room

The device supports HDMI with a 1080p resolution and 30fps.

You can connect using it in three ways;

  1. Wi-Fi this is the default option – on powering up with no wired connection it will initiate AP mode, while in this mode it the connection will be secured via WPA2 with a numeric password – once the connection is established AP Mode is disabled. The Dongle supports 802.11ac, an IEEE standard with speeds reportedly reaching 1.3 Gbps,
  2. PoE – Yes Power over Ethernet, this will plug into any PoE enabled switches
  3. Wired – Non-PoE

It has Enterprise grade security for wireless by supporting the EAP Protocol suite including PEAP, FAST and TLS. It Supports wired 802.1x port based Authentication & Proxy Support. The EAP/TLS and 802.1x can have local or customer CA signed certificates.

How to provision:

  1. Login to WebEx Control Hub
  2. Setup a new ‘place’
  3. Enable calendar service and associate a calendar mailbox to the ‘place’
  4. Generate activation code and enter on WebEx Share activation screen

As with any cloud registered webex device, WebEx chare will recognise and greet you upon entrance to the conference room as long (as you have the WebEx Teams App running). This technology is identical to WebEx room kits or the WebEx board.

When a room is reserved you can see the Room Name (top left), Current Time, any current and upcoming  meetings:-

Comparison to Competition
There are a number of players in this space, namely Polycom, Crestron, Barco and some others. While they all have Local Wireless sharing in common Enterprise management is offered by some but Meetings and calendar integration is not offered by any except Cisco WebEx Share. The Price it will be released at is incredibly competitive and especially considering the technology it is packed it will be worth it.

This Device will be available Q4 CY 2018 across North America, Australia and Europe, limited orderability is available before that.

Advertisements

Error connecting to a S4B and CMS Dual Homed Call

When attempting to Join a Microsoft Skype meeting the call from a Cisco Endpoint fails, a point to point however does not, looking at the logs it suggests that it cannot find the conference “meet.alictrify.com/joe.microsoft/2h2g6c6r” not found

2018-06-19 12:53:27.669 Info 2000 log messages cleared by “admin”
2018-06-19 12:53:34.558 Info call 16: incoming encrypted SIP call from “sip:dx80@alictrify.com” to local URI “sip:meet.alictrify.com/joe.microsoft/2h2g6c6r@alictrify.com”
2018-06-19 12:53:34.625 Info lync conference resolution: C3p query error
2018-06-19 12:53:34.626 Info lync conference resolution: conference “meet.alictrify.com/joe.microsoft/2h2g6c6r” not found
2018-06-19 12:53:34.626 Info forwarding call to ‘sip:meet.alictrify.com/joe.microsoft/2h2g6c6r@alictrify.com’ to ‘meet.alictrify.com/joe.microsoft/2h2g6c6r@alictrify.com’
2018-06-19 12:53:34.629 Info call 17: outgoing SIP call to “meet.alictrify.com/joe.microsoft/2h2g6c6r@alictrify.com” (Lync)
2018-06-19 12:53:34.652 Info call 17: ending; remote SIP teardown with reason 18 (not found) – not connected after 0:00
2018-06-19 12:53:34.653 Info call 16: ending; local teardown – not connected after 0:00

Since we are attempting to join a Lync Meeting and not a gateway call which would be converted to MS-SIP, CMS needs to convert the user portion of the URI into an HTTPS target and try to find an Office365 meeting hosted at that URL. This is achieved by setting the SimpleJoin to be enabled and set to Yes.

Once configured, the resolution will work and this will now show up as:

2018-06-19 13:23:24.749 Info lync simplejoin resolution: successfully completed
2018-06-19 13:23:24.754 Info call 34: outgoing SIP call to “joe.microsoft@alictrify.com;gruu;opaque=app:conf:focus:id:2h2g6c6r” (Lync focus)
2018-06-19 13:23:24.758 Info call 33: setting up UDT RTP session for DTLS (combined media and control)
2018-06-19 13:23:24.785 Info conference “Lync conference meet.alictrify.com/joe.microsoft/2h2g6c6r”: unencrypted call legs now present
2018-06-19 13:23:24.790 Info call 34: SIP call ringing
2018-06-19 13:23:24.826 Info call 35: outgoing SIP call to “joe.microsoft@alictrify.com;gruu;opaque=app:conf:focus:id:2h2g6c6r” (Lync conference subscription)
2018-06-19 13:23:24.861 Info call 36: outgoing SIP call to “Joe.Microsoft@alictrify.com;gruu;opaque=app:conf:audio-video:id:2H2G6C6R” (Lync)
2018-06-19 13:23:24.862 Info call 37: outgoing SIP call to “Joe.Microsoft@alictrify.com;gruu;opaque=app:conf:chat:id:2H2G6C6R” (Lync IM)

This shows that the Lync Focus which is responsible for enforcing the Conference Control Policy,  Lync Conference Subscription, Audio / Video, Lync IM setup completes successfully for Skype Meeting ID 2h2g6c6r

in CMS you can also see the same channels setup in the active calls:-

OBTP not updating

When attempting to setup a Skype for Business meeting from a client inviting a Cisco DX80 endpoint it was not updating,

having a look at the logs it seems like a Credentials error :

2018-06-19 13:34:19,401 [MeetingSynchronizerThread] INFO – Forcing update for endpoint dx80@alictrify.com.
2018-06-19 13:34:19,401 [MeetingSynchronizerThread] INFO – Sending out OBTP information to endpoint dx80@alictrify.com for meeting ‘dx80@alictrify.com’.
2018-06-19 13:34:19,401 [MeetingSynchronizerThread] INFO – Updating endpoint dx80@alictrify.com with OBTP information; attempt 1
2018-06-19 13:34:23,682 [OBTPThread] INFO – Failed to connect to endpoint on ‘192.168.0.11’, now trying with a different protocol.
2018-06-19 13:34:24,526 [MeetingSynchronizerThread] INFO – Failed to connect to endpoint on ‘192.168.0.11’, now trying with a different protocol.
2018-06-19 13:34:28,510 [OBTPThread] ERROR – ConnectToSystem
System.Exception: The remote server returned an error: (401) Unauthorized.
2018-06-19 13:34:29,354 [MeetingSynchronizerThread] ERROR – ConnectToSystem
System.Exception: The remote server returned an error: (401) Unauthorized.
2018-06-19 13:34:29,526 [OBTPThread] INFO – Updating endpoint dx80@alictrify.com with OBTP information; attempt 2

this is corrected by navigating in SynergyJoin application to Video Systems and adding password to the endpoint in question.

SynergySky: updating calendar with OBTP

In the SynergySky Join Version 2.5 there is a preview feature that allows the calendar invite to be updated after the meeting invite has been sent out, for this to work additional permissions need to b configured in Exchange which allows the meeting organiser to update the meeting after the invite has been sent out otherwise the organiser will receive the following error:

Scenario:
User books meeting inviting Microsoft S4B Client and Cisco Video Endpoint (DX80). Calendar does not get updated as permissions not set in Exchange. Exchange Version used: 2016

The following power shell permissions applied to the Exchange will give users the right permissions needed to perform this action

This will give exchange service account ‘Editor’ access to be able to update the calendar appointment with dial in information:

Add-MailboxFolderPermission -Identity joe.microsoft@alictrify.com:\Calendar -User administrator@alictrify.com -AccessRights Editor

The service account also needs an AD user object permission: ‘sendas’ for each user to send a updated invite to all recipients –

Add-ADPermission “Joe Microsoft” -User alictrify\administrator -Extendedrights “Send As”

< this was previously implicitly included in the Exchange server “Full Mailbox Access” permission or added in Exchange Online as part of the Add-RecipientPermission

Now when you send a invite you will not receive a failure email but rather a update in the calendar as follows:

When the time for the meeting comes you will see OBTP appear on screen:

CUCM HW conference failing despite being registered

When Video Endpoint attempts to ‘adhoc’ a third endpoint into a conference they loose Video. Having a look at the HW resources they were definitely configured and also showing registered to CUCM. Upon investigating the logs there seems to be a authentication issue when the resource is invoked.

<methodResponse>
<fault>
<value><struct>
<member>
<name>faultString</name>
<value><string>Authentication failure</string></value>
</member>
<member>
<name>faultCode</name>
<value><int>14</int></value>
</member>
</struct></value>
</fault>
</methodResponse>
00751162.000 |12:35:43.071 |SdlSig |HttpHandlerRes |restart0 |SipMcuControl(1,100,36,2) |HttpHandler(1,100,39,2) |1,100,39,2.583^*^* |[R:N-H:0,N:0,L:0,V:0,Z:0,D:0] CI=100 Branch= 0 Pkid= Type=0 ResponseCode=0
00751162.001 |12:35:43.071 |AppInfo |SipMcuControl::checkForSuccess- 14
00751162.002 |12:35:43.071 |AppInfo |SipMcuControl::checkForSuccess- Authentication failure
00751162.003 |12:35:43.071 |AppInfo |SipMcuControl::restart0_HttpHandlerRes- found Query transaction for Id 100

This is odd. The Media resource is registered to the CUCM so one can be forgiven for assuming there is no issue with the conference resource. I entered the wrong credentials completely to be sure and reset the CFB and it still registered. Entered the right credentials, made a call and it was successful,

Looks like a bug on CUCM 11.5.1.

Cisco CMS remote error

when TLS encryption was enabled on a trunk from Cisco CMS, all of a sudden calls in from Lync/SkypeforBusiness started failing, here is the output from CMS:-

call 48: recognised as Lync
call 48: incoming encrypted SIP call from “sip:julie.microsoft@XYZ.com” to local URI “sip:1004@vc.XYZ.com” (Lync)
forwarding call to ‘sip:1004@vc.XYZ.com’ to ‘1004@vc.XYZ.com’
call 49: outgoing SIP call to “1004@vc.XYZ.com”
call 49: setting up UDT RTP session for DTLS (combined media and control)
call 49: ending; remote SIP teardown with reason 14 (remote error) – not connected after 0:00
call 48: ending; local teardown – not connected after 0:00

this does not give us much information to work from, so you need to dig deeper. You can either pull logs from CMS via logs > detailed tracing and download via SFTP or get CallManager RTMT logs downloaded to see what the problem is

SIP/2.0 401 Unauthorized
Via: SIP/2.0/TLS 192.168.0.180:5061;branch=z9hG4bK5d3181dbb905b9058
From: “Julie Microsoft” <sip:julie.microsoft@XYZ.com>;tag=e876910435d
To: <sip:dx80@vc.XYZ.com>;tag=2106778089
Date: Thu, 02 Nov 2017 12:49:31 GMT
Call-ID: e62d36f7-5d84-47a1-8ba4-1f3f3433g6a2
CSeq: 183141193 INVITE
Allow-Events: presence
Server: Cisco-CUCM11.5
WWW-Authenticate: Digest realm=”XYZCluster”, nonce=”L1CKj9PJ6qreX9PRZUMm”, algorithm=MD5
Content-Length: 0

401 Unauthorized, well that tells you it is not authenticated to make that call. The SIP Trunk Security profile which had Enable Digest Authentication ticked was not meant to be there.

 

Error when Adding CMS License

When uploading the the Cisco Meeting server License to the platform as you get it from Cisco you get the following error:simple solution to this is to rename the license file to cms.lic and you are now able to upload to the file to CMS without any errors

you can check the license in CMS with the following command

acano> license
Feature: callbridge status: Activated expiry: 2017-May-18 (89 days remain)
Feature: turn status: Activated expiry: 2017-May-18 (89 days remain)
Feature: webbridge status: Activated expiry: 2017-May-18 (89 days remain)
Feature: branding status: Activated expiry: 2017-May-18 (89 days remain)
Feature: recording status: Activated expiry: 2017-May-18 (89 days remain)
Feature: personal status: Activated expiry: 2017-May-18 (89 days remain)
Feature: shared status: Activated expiry: 2017-May-18 (89 days remain)