Mailing List Archive

Jabber MRA with Cisco Umbrella
Has anyone been able to get this to work?

Umbrella always finds the _collab-edge SRV record even when internally. I
imagine if we made the voice services domain a local domain we would have
the reverse issue of always seeing _cisco-uds even when external.

Any Umbrella features that could help here?

Thanks,
Brian Meade
Re: Jabber MRA with Cisco Umbrella [ In reply to ]
Which deployment model have you chosen? What features are you using on the endpoint?

I’m _pretty_ sure we’ve using Umbrella, but we’ve basically pointed our on-prem DNS servers to them. And that’s it. No endpoint configuration yet.

I’ve asked the team to make sure they do tests accordingly before any other configuration changes to ensure Jabber on/off-premise detection works.

It’s a shame the BUs can’t co-ordinate. I mentioned Jabber on/off-prem detection and I don’t think any of the Umbrella folks knew what I was talking about. If they did, they hid it pretty well.

Hmmm, maybe this is what that Solutions Support option is all about?

---
Lelio Fulgenzi, B.A. | Senior Analyst
Computing and Communications Services | University of Guelph
Room 037 Animal Science & Nutrition Bldg | 50 Stone Rd E | Guelph, ON | N1G 2W1
519-824-4120 Ext. 56354 | lelio@uoguelph.ca<mailto:lelio@uoguelph.ca>

www.uoguelph.ca/ccs<http://www.uoguelph.ca/ccs> | @UofGCCS on Instagram, Twitter and Facebook

[University of Guelph Cornerstone with Improve Life tagline]

From: cisco-voip <cisco-voip-bounces@puck.nether.net> On Behalf Of Brian Meade
Sent: Tuesday, September 24, 2019 2:37 PM
To: cisco-voip voyp list <cisco-voip@puck.nether.net>
Subject: [cisco-voip] Jabber MRA with Cisco Umbrella

Has anyone been able to get this to work?

Umbrella always finds the _collab-edge SRV record even when internally. I imagine if we made the voice services domain a local domain we would have the reverse issue of always seeing _cisco-uds even when external.

Any Umbrella features that could help here?

Thanks,
Brian Meade
Re: Jabber MRA with Cisco Umbrella [ In reply to ]
Have never used Umbrella for external clients, but I would be very surprised if it somehow magically exposed your “local” domains to external clients. Internal clients use the internal Umbrella virtual appliance to resolve names, and if the request is for a domain defined as “local”, the virtual appliance then uses the internal DNS server to resolve the name. External clients would not have access to the internal virtual appliance nor to the internal DNS server, so it should not be possible for external clients to get internal answers. IIRC the list of “local” domains is per “site” and external clients would not be in scope for the site.

Defining a local domain is probably what you want.

I could be wrong though - stopped using Umbrella after Cisco bought it and tried to more than quadruple the pricing on us.

-mn


From: cisco-voip <cisco-voip-bounces@puck.nether.net> On Behalf Of Brian Meade
Sent: September 24, 2019 12:37 PM
To: cisco-voip voyp list <cisco-voip@puck.nether.net>
Subject: [cisco-voip] Jabber MRA with Cisco Umbrella

Has anyone been able to get this to work?

Umbrella always finds the _collab-edge SRV record even when internally. I imagine if we made the voice services domain a local domain we would have the reverse issue of always seeing _cisco-uds even when external.

Any Umbrella features that could help here?

Thanks,
Brian Meade
Re: Jabber MRA with Cisco Umbrella [ In reply to ]
Issue would be a corporate PC with umbrella going off-site. If you add
your internal domains, it would get the _cisco-uds record always rather
then _collab-edge.

On Tue, Sep 24, 2019, 6:34 PM Norton, Mike <mikenorton@pwsd76.ab.ca> wrote:

> Have never used Umbrella for external clients, but I would be very
> surprised if it somehow magically exposed your “local” domains to external
> clients. Internal clients use the internal Umbrella virtual appliance to
> resolve names, and if the request is for a domain defined as “local”, the
> virtual appliance then uses the internal DNS server to resolve the name.
> External clients would not have access to the internal virtual appliance
> nor to the internal DNS server, so it should not be possible for external
> clients to get internal answers. IIRC the list of “local” domains is per
> “site” and external clients would not be in scope for the site.
>
> Defining a local domain is probably what you want.
>
> I could be wrong though - stopped using Umbrella after Cisco bought it and
> tried to more than quadruple the pricing on us.
>
> -mn
>
>
>
> *From:* cisco-voip <cisco-voip-bounces@puck.nether.net> *On Behalf Of *Brian
> Meade
> *Sent:* September 24, 2019 12:37 PM
> *To:* cisco-voip voyp list <cisco-voip@puck.nether.net>
> *Subject:* [cisco-voip] Jabber MRA with Cisco Umbrella
>
>
>
> Has anyone been able to get this to work?
>
>
>
> Umbrella always finds the _collab-edge SRV record even when internally. I
> imagine if we made the voice services domain a local domain we would have
> the reverse issue of always seeing _cisco-uds even when external.
>
>
>
> Any Umbrella features that could help here?
>
>
>
> Thanks,
>
> Brian Meade
>
Re: Jabber MRA with Cisco Umbrella [ In reply to ]
are you using an always connected VPN configuration? Like Mike said. in
our environment, our umbrella VM's point to the internal DNS servers.
Outside our corporation Umbrella uses the external DNS (hosted elsewhere).
I don't understand why you are getting the same response both
internally and externally.

Scott


On Tue, Sep 24, 2019 at 6:27 PM Brian Meade <bmeade90@vt.edu> wrote:

> Issue would be a corporate PC with umbrella going off-site. If you add
> your internal domains, it would get the _cisco-uds record always rather
> then _collab-edge.
>
> On Tue, Sep 24, 2019, 6:34 PM Norton, Mike <mikenorton@pwsd76.ab.ca>
> wrote:
>
>> Have never used Umbrella for external clients, but I would be very
>> surprised if it somehow magically exposed your “local” domains to external
>> clients. Internal clients use the internal Umbrella virtual appliance to
>> resolve names, and if the request is for a domain defined as “local”, the
>> virtual appliance then uses the internal DNS server to resolve the name.
>> External clients would not have access to the internal virtual appliance
>> nor to the internal DNS server, so it should not be possible for external
>> clients to get internal answers. IIRC the list of “local” domains is per
>> “site” and external clients would not be in scope for the site.
>>
>> Defining a local domain is probably what you want.
>>
>> I could be wrong though - stopped using Umbrella after Cisco bought it
>> and tried to more than quadruple the pricing on us.
>>
>> -mn
>>
>>
>>
>> *From:* cisco-voip <cisco-voip-bounces@puck.nether.net> *On Behalf Of *Brian
>> Meade
>> *Sent:* September 24, 2019 12:37 PM
>> *To:* cisco-voip voyp list <cisco-voip@puck.nether.net>
>> *Subject:* [cisco-voip] Jabber MRA with Cisco Umbrella
>>
>>
>>
>> Has anyone been able to get this to work?
>>
>>
>>
>> Umbrella always finds the _collab-edge SRV record even when internally.
>> I imagine if we made the voice services domain a local domain we would have
>> the reverse issue of always seeing _cisco-uds even when external.
>>
>>
>>
>> Any Umbrella features that could help here?
>>
>>
>>
>> Thanks,
>>
>> Brian Meade
>>
> _______________________________________________
> cisco-voip mailing list
> cisco-voip@puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-voip
>
Re: Jabber MRA with Cisco Umbrella [ In reply to ]
This is for the Umbrella client installed on all the PCs so it is always
using Umbrela DNS except for any domains specified as internal.

On Thu, Sep 26, 2019, 1:49 PM Scott Voll <svoll.voip@gmail.com> wrote:

> are you using an always connected VPN configuration? Like Mike said. in
> our environment, our umbrella VM's point to the internal DNS servers.
> Outside our corporation Umbrella uses the external DNS (hosted elsewhere).
> I don't understand why you are getting the same response both
> internally and externally.
>
> Scott
>
>
> On Tue, Sep 24, 2019 at 6:27 PM Brian Meade <bmeade90@vt.edu> wrote:
>
>> Issue would be a corporate PC with umbrella going off-site. If you add
>> your internal domains, it would get the _cisco-uds record always rather
>> then _collab-edge.
>>
>> On Tue, Sep 24, 2019, 6:34 PM Norton, Mike <mikenorton@pwsd76.ab.ca>
>> wrote:
>>
>>> Have never used Umbrella for external clients, but I would be very
>>> surprised if it somehow magically exposed your “local” domains to external
>>> clients. Internal clients use the internal Umbrella virtual appliance to
>>> resolve names, and if the request is for a domain defined as “local”, the
>>> virtual appliance then uses the internal DNS server to resolve the name.
>>> External clients would not have access to the internal virtual appliance
>>> nor to the internal DNS server, so it should not be possible for external
>>> clients to get internal answers. IIRC the list of “local” domains is per
>>> “site” and external clients would not be in scope for the site.
>>>
>>> Defining a local domain is probably what you want.
>>>
>>> I could be wrong though - stopped using Umbrella after Cisco bought it
>>> and tried to more than quadruple the pricing on us.
>>>
>>> -mn
>>>
>>>
>>>
>>> *From:* cisco-voip <cisco-voip-bounces@puck.nether.net> *On Behalf Of *Brian
>>> Meade
>>> *Sent:* September 24, 2019 12:37 PM
>>> *To:* cisco-voip voyp list <cisco-voip@puck.nether.net>
>>> *Subject:* [cisco-voip] Jabber MRA with Cisco Umbrella
>>>
>>>
>>>
>>> Has anyone been able to get this to work?
>>>
>>>
>>>
>>> Umbrella always finds the _collab-edge SRV record even when internally.
>>> I imagine if we made the voice services domain a local domain we would have
>>> the reverse issue of always seeing _cisco-uds even when external.
>>>
>>>
>>>
>>> Any Umbrella features that could help here?
>>>
>>>
>>>
>>> Thanks,
>>>
>>> Brian Meade
>>>
>> _______________________________________________
>> cisco-voip mailing list
>> cisco-voip@puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-voip
>>
>