Jabber通过MRA注册到CUCM

zhangsx779542 · ‎07-25-2019

本帖最后由 zhangsx779542 于 2019-7-25 18:37 编辑
最近部署Expressway，现在在jabber注册的时候碰到了问题：无法与服务器通讯
目前的环境是：内网域名：5thdrive.com，外网域名也是5thdrive.com，CA证书服务器是自建的，E&C的DNS使用的是内网DNS，已添加相应的记录，并且E&C上面的状态正常：

通过nslookup解析也是正常的

Jabber登陆是使用838@5thdrive.com登陆的，日志显示是

但是在Expressway-E的Diagnostic logging日志中没有看到838@5thdrive.com的相关信息
附件为E上面的日志

ghostlee1 · ‎07-25-2019

1、E的DNS地址填外网DNS服务器
2、外网去telnet E的公网IP 的5222,8443,5061端口通不通。
3、拿C跟E的log去思科的CSA网站上去分析下。
4、检查防火墙的端口放了没有。

完全感觉 · ‎07-29-2019

内网DNS上没配置EXPE的反向记录

liyanazure · ‎07-29-2019

Single Sign-On
Problem You receive the error message, "SSO protocol error. Contact your administrator for further support." Possible Cause Your SSO administration site or IdP configuration contains errors.
Possible Cause SSO is not enabled.
Possible Cause Some or all of the required IdP attributes are not configured: firstname, lastname, email.
Possible Cause The NameID parameter of your SAML is not set to email.
Possible Cause The Active Directory Federation Services (ADFS) Token-Signing certificate has expired and should be updated.
Solution If one of the above conditions might be the cause:
• Verify that the required IdP attributes are configured.
• Verify that the following IdP attributes are set to the user email address: uid, SAML_SUBJECT
• Export a Primary Token-signing certificate from ADFS Server > ADFS Management Console > Service > Certificate and upload it to the CWMS SSO certificate.

zhangsx779542 · ‎07-29-2019

完全感觉发表于 2019-7-29 17:49
内网DNS上没配置EXPE的反向记录

反向记录我刚刚看了，也是有的