Home > Articles > Webex Calling Options

Webex Calling Options

Chapter Description

In this sample chapter from CCNP and CCIE Collaboration Core CLCOR 350-801 Official Cert Guide, 2nd Edition, you will learn PSTN options for Webex Calling, routers supporting local gateway, and deployment scenarios for the local gateway. This chapter covers the following objective from the Cisco Collaboration Core Technologies v1.1 (CLCOR 350-801) exam: 3.4 Describe cloud calling hybrid local gateway.

Routers Supporting Local Gateway

Webex Local Gateway can be hosted on a variety of Cisco IOS-XE routers and a select group of third-party routers. This topic will cover the platforms, capacities, and software versions required to support Local Gateway functionality on Cisco routes and third-party routers. This chapter will also cover the differences between the registration-based Local Gateway and certificate-based Local Gateway settings.

Cisco Routers

The 1100 and 4000 series of IOS-XE devices are the entry point for Local Gateways and the oldest devices supported to function as Local Gateways. These are the same devices that function today as branch gateways in an on-premises-based VoIP system. This allows the rapid conversion from on-premises to cloud-based or a hybrid calling model without requiring router upgrades.

The smallest supported router for Local Gateway is the ISR 1100 series. These small devices are capable of handling 500 calls with up to five calls per second (CPS). The routers are available with different amounts of memory, WAN, and Ethernet interfaces to suit the needs of small sites. Since telephone ports are not supported with the ISR 1100 series, these routers could only be used as a Cisco UBE using SIP trunks. The ISR 1100 series products went end of sale (EOS) on May 9, 2023 and have an end of support date of May 31, 2028.

The 4000 series of Integrated Services Routers are able to handle the demands of most branch office needs. A wide range of interface choice for WAN, Ethernet, and Telephony allow the user to customize the router to suit their needs. The router can be used as a Cisco UBE for full SIP-based communications but also as a Time Division Multiplexing (TDM) gateway using older circuits such as T1/E1 PRI. The product line supports 500 calls with four CPS on the smallest ISR 4321, up to 10,000 calls and 55 CPS on the largest ISR 4461. This product line eases the process of finding a router with the right mix of interfaces and performance needed for the branch site in your organization. The ISR 4300/4400 line is set to go end of sale (EOS) on November 7, 2023. The product will be supported for several more years, but the latest IOS XE release will be either 17.9 or 17.12, depending on the software train you are utilizing. Table 24-2 identifies all the 1100 and 4000 series routers that support Local Gateway.


Table 24-2 Local Gateway Support on 1100 and 4000 Series Routers


Cisco UBE SIP-SIP Audio Session (Flow-thru) RTP G.711-RTP G.711

Sustainable CPS IOS-XE 16.1.2+


500 (IOS-XE 16.2+)


















10,000 (IOS-XE 17.2.1r+)


The replacements for the ISR 1000 and 4000 routers are the Catalyst 8000 Edge Platforms. The Cisco Catalyst 8300 Series Edge Platforms are best-of-breed, 5G-ready, cloud edge platforms designed for accelerated services, multi-layer security, cloud-native agility, and edge intelligence to accelerate your journey to cloud. The C8000 line is broken into two series similar to the 4000 series lineup. The smaller 8200 series provides multi-core processors, up to 32GB of DRAM, up to four Ethernet ports (two support SFP), and one Network Interface Module, which can support various WAN and Telephony interfaces.

The C8300 products contain multicore processors, expandable memory, and up to six Ethernet ports. Two of those ports can support Small Form Factor Pluggable adapters to allow copper or fiber connections. The Edge Platforms also come with dual power supplies for greater redundancy. Numerous WAN and Telephony interface cards allow you to tailor the product to the site’s voice and data services, which require support at a branch site.

When the C8000 line is used as a Local Gateway, its performance is upgraded from the ISR 4000 series it replaces. Call throughput ranges from 1500 (middle of the pack for ISR 4000) on the small end to 10,000 on the higher end. Sustainable CPS rates of nine on the C8200L to 55 on the C8300-2N2S-4T2X meet the needs of most branch locations. Table 24-3 identifies all the 1100 and 4000 series routers that support Local Gateway.


Table 24-3 Local Gateway Support on Catalyst 8000 Edge Routers


Cisco UBE SIP-SIP Audio Session (Flow-thru) RTP G.711-RTP G.711

Sustainable CPS IOS-XE 16.1.2+

C8200L-1N-4T (4GB)

1500 (IOS_XE 17.5.1+)


C8200L-1N-4T (8GB)

2500 (IOS_XE 17.4.1a+)


C8300L-1N1S-6T (8GB)

7000 (IOS-XE 17.3.2)


C8300L-1N2S-6T (8GB)

7500 (IOS-XE 17.3.2)


C8300L-1N1S-4T2X (8GB)

8000 (IOS-XE 17.3.2)


C8300L-1N2S-4T2X (8GB)

10,000 (IOS-XE 17.3.2)


A third option for Local Gateways is either the CSR1000v or the C8000v. Both products are virtual machines that can run in a variety of virtual environments. The Cloud Services Router 1000v is a virtual IOS-XE router that can run in VMware ESXi, Citrix XenServer, Microsoft Hyper-V, SuSE KVM, or Red Hat KVM virtual environments. The CSR1000v can also be deployed in Microsoft Azure, Amazon EC2, and Google Cloud Platform. The CSR1000v can support up to IOS-XE version 17.3 software. After that version, the branding and licensing was changed to reflect the new product name of Catalyst 8000v.

The Catalyst 8000v is a continuation of the CSR1000v. The C8000v is a software-based virtual router that combines the functionalities of Cisco Cloud Services Router (Cisco CSR1000V) and Cisco Integrated Services Virtual Router (Cisco ISRv) into a single image that is intended for deployment in cloud and virtual data centers. It is supported in ESXi, KVM, NFVIS hypervisors. Further, you can deploy this router on public cloud providers such as Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and Alibaba Cloud.

The router can be deployed as a virtual machine in your virtual environment, and it can be created as a small, medium, or large virtual machine using increasing amounts of vCPU, memory, and other resources. The number of concurrent and sustained CPS also increases. If the C8000v is deployed in a cloud environment such as Microsoft Azure or Amazon AWS, the medium VM is deployed with 3000 concurrent calls and 20 CPS. Table 24-4 identifies the 1000v and 8000v virtual routers that support Local Gateway.


Table 24-4 Local Gateway Support on 1000v and 8000v Virtual Routers


Cisco UBE SIP-SIP Audio Session (Flow-thru) RTP G.711-RTP G.711

Sustainable CPS IOS-XE 16.1.2+

C8000v-S / C1000v – 1vcpu (4GB)



C8000v-M / C1000v – 2vcpu (4GB)



Azure / AWS C8000v-M / C1000v – 2vcpu (4GB)



C8000v-L / C1000v – 4vcpu (8GB)




Third-Party Routers

A relatively new addition to the supported Session Border Controller area are third-party Session Border Controllers (SBCs). The following products running Oracle SBC version 9.0 software are supported as a Local Gateway with Webex Calling:

  • AP 1100

  • AP3900

  • AP 4600

  • AP 6300

  • AP 6350

  • AP 3950 (Starting from SBC 9.0)

  • AP 4900 (Starting from SBC 9.0)

  • VME

  • Oracle SBC on Public Cloud

The following AudioCodes SBCs running software version 7.40A.250.440 or later are supported as Local Gateway with Webex Calling:

  • Mediant 500 Gateway and E-SBC

  • Mediant 800B/C Gateway and E-SBC

  • Mediant 1000B Gateway and E-SBC

  • Mediant 2600 E-SBC

  • Mediant 4000/B SBC

  • Mediant 9000, 9030, 9080 SBC

  • Mediant Software SBC (VE/SE/CE)

Finally, the Ribbon line of SBCs has also received approval to function as Local Gateways with Webex Calling. The following Ribbon SBCs running Ribbon Code version 10.1.0 or higher are supported as Local Gateways:

  • SBC 5000

  • SBC 7000

  • SBC SWe

Registration- and Certificate-Based Local Gateway

While it is true that an ISR 4461 can handle 10,000 concurrent calls, that capacity can be restricted to as low as 250 if the connection to the Webex cloud is not chosen correctly. To understand this issue, it is important to understand that there are two ways to connect to the Webex Calling system:

  • Registration-based Local Gateway

  • Certificate-based Local Gateway

In the registration-based Local Gateway connection, you create the connection in Control Hub and you are provided with the elements needed to allow your Local Gateway to create a TCP connection to the cloud. This is a one-way connection from the Local Gateway to the cloud. One of the big benefits of this connection type is that a technician with limited IOS skills can successfully deploy a Local Gateway behind a NAT/firewall without requiring changes to the NAT or firewall. The connection does not require CA signed certificates, which reduces complexity and cost. However, since the registration consists of a single TCP connection, the link has a lower capacity and is not as durable if there are network issues such as high latency and packet loss. This means that no matter what SBC platform you are using, you are limited to 250 concurrent calls per trunk built on that device. It is possible to build multiple trunks on a single Local Gateway. Careful configuration of outbound interfaces, SIP listening ports, dial-peers, and load balancing for the on-premises Cisco Unified Communications Manager can allow you to exceed the 250-call limit. Figure 24-2 illustrates the connection flow for Webex Calling using registration-based Local Gateway.


FIGURE 24.2 Registration-Based Local Gateway

The certificate-based method of connecting a Local Gateway fixes the capacity issue by using Mutual TLS as the connection type. This method also uses four bi-directional connections rather than a single one-way connection, as with the registration-based connection. This connection type requires CA signed certificates in the Local Gateway. The engineer also needs to add the Webex Calling trust bundle into the Local Gateway so that the SBC trusts the certificates of Webex Calling.

A connection is configured to endure four fully qualified domain names (FQDNs) or a DNS Service Record (SRV) that points to the Access SBCs of Webex Calling. If configured correctly, four bi-directional TLS connections will be created to carry traffic to and from the Local Gateway and Webex Calling. NAT/firewall traversal is possible with the certificate-based connection method using Session Traversal Using NAT (STUN). Figure 24-3 illustrates the connection flow for Webex Calling using certificate-based Local Gateway.

As you can see from these two descriptions, if you are looking for an easy installation and only have a capacity need below 250 concurrent calls over the public Internet, it is recommended that you use the registration-based connection method. If you require up to 2000 concurrent calls over the public Internet, the solution will be certificate-based. It is possible to reach up to 6500 concurrent calls with the certificate-based connection method, but this will require a dedicated Interconnect connection to Webex Edge Connect. If you wish to use any of the newly supported third-party SBCs, you will need to use the certificate-based connection method as well. Table 24-5 identifies sizing parameters for a Local Gateway based on registration type.


FIGURE 24.3 Certificate-Based Local Gateway


Table 24-5 Local Gateway Sizing Parameters Based on Registration Type

Sizing by Concurrent Calls per Local Gateway

Sizing by Number of Users Behind a Local Gateway

Trunk Type Preferred

Minimum Link Quality

~ 2000–6500







Over the Internet

Up to 250



Over the Internet

4. Deployment Scenarios for the Local Gateway | Next Section Previous Section

Cisco Press Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from Cisco Press and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about Cisco Press products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites; develop new products and services; conduct educational research; and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@ciscopress.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by Cisco Press. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.ciscopress.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020