取消
显示结果 
搜索替代 
您的意思是: 
cancel
2549
查看次数
0
有帮助
4
回复

Jabber通过MRA注册到CUCM

zhangsx779542
Beginner
Beginner
本帖最后由 zhangsx779542 于 2019-7-25 18:37 编辑
最近部署Expressway,现在在jabber注册的时候碰到了问题:无法与服务器通讯
目前的环境是:内网域名:5thdrive.com,外网域名也是5thdrive.com,CA证书服务器是自建的,E&C的DNS使用的是内网DNS,已添加相应的记录,并且E&C上面的状态正常:
172157hsstzsnss4tiuw9j.png172157b9y40hlyue39b39u.png
通过nslookup解析也是正常的183700pxf3znpzx33n5quu.png
Jabber登陆是使用838@5thdrive.com登陆的,日志显示是
171603lijx7jw5c5p57d20.png
但是在Expressway-E的Diagnostic logging日志中没有看到838@5thdrive.com的相关信息
附件为E上面的日志
4 条回复4

ghostlee1
Beginner
Beginner
1、E的DNS地址填外网DNS服务器
2、外网去telnet E的公网IP 的5222,8443,5061端口通不通。
3、拿C跟E的log去思科的CSA网站上去分析下。
4、检查防火墙的端口放了没有。

完全感觉
Participant
Participant
内网DNS上没配置EXPE的反向记录

liyanazure
Beginner
Beginner
Single Sign-On
Problem You receive the error message, "SSO protocol error. Contact your administrator for further support." Possible Cause Your SSO administration site or IdP configuration contains errors.
Possible Cause SSO is not enabled.
Possible Cause Some or all of the required IdP attributes are not configured: firstname, lastname, email.
Possible Cause The NameID parameter of your SAML is not set to email.
Possible Cause The Active Directory Federation Services (ADFS) Token-Signing certificate has expired and should be updated.
Solution If one of the above conditions might be the cause:
• Verify that the required IdP attributes are configured.
• Verify that the following IdP attributes are set to the user email address: uid, SAML_SUBJECT
• Export a Primary Token-signing certificate from ADFS Server > ADFS Management Console > Service > Certificate and upload it to the CWMS SSO certificate.

zhangsx779542
Beginner
Beginner
完全感觉 发表于 2019-7-29 17:49
内网DNS上没配置EXPE的反向记录

反向记录我刚刚看了,也是有的
入门指南

使用上面的搜索栏输入关键字、短语或问题,搜索问题的答案。

我们希望您在这里的旅程尽可能顺利,因此这里有一些链接可以帮助您快速熟悉思科社区:





认可您的同行
快捷链接