Starting version 2.7, Umbrella Virtual Appliances can now receive GSuite user-IP mappings from each Umbrella Chromebook Client over HTTPS. For this functionality to work correctly, the Umbrella Virtual Appliance(VA) must be running version 2.7 or later, the Umbrella Chromebook Clients(UCC) must be running version 1.3.3 or higher. At least one of the configured VA needs to be configured as the DNS server of the Chromebook with UCC running.
Use plain (HTTP) VA communication.
To use the plain (HTTP) communication between Cisco VA and UCC, you must add the “vaInfo” with the IP addresses of each VA in the configuration file. Please refer to the example below for the sample configuration.
Example 1: Use plain (HTTP) VA communication.
Use secure (https) VA communication.
To encrypt the communication between Cisco VA and UCC, firstly please refer to the link below for information on enabling encrypted communication on VA.
And then create Unique FQDN names for each VA in the network and add them to the configuration file, as shown in the example below.
Example 2: Use secure (https) VA communication.
Lastly please make sure the certificate of each VA configured in the above UCC configuration file is pushed to all Chromebook running UCC via the G-Suite admin console.
1. The new version UCC is back-compatible supporting the "vaIPs" in the configuration file which will use plain VA communication. No need to change the configuration file if HTTP communication is preferred.
2. All VA FQDNs in the above configuration file need to be resolved to the same IP in the internal DNS server configured for the VA.
3. All parameters in the configuration file are case sensitive.