Hi, - Page 2

Dean O'Meara · ‎01-17-2017

Hi,

I am setting up a lab which has the below

CUCM
IMP
Expressway-C
Expressway-E

I am able to login to Jabber internally fine and make calls but when trying to login externally I am getting a message from the client, "You cannot login outside corporate network. Contact your admin"

When I look at the Expressway-E the error I get when trying to login is

httpd[30621]: web: Event="Security Alert" Src-ip="82.132.237.193" Src-port="34946" Detail="Possible Cross Site Scripting (XSS) attempt detected." UTCTime="2017-01-17 15:41:33"

Has anyone else experienced this & know of a fix?

Thanks

bannouraw · ‎05-28-2017

Hi ,

Thanks for your response..What do.you mean by inside and outside domain is different??

As far as I.know both the domains are same... what should I check.In the public domain

Dean O'Meara · ‎01-25-2017

Hi,

Yes freshly used for MRA.

Only warnings I see are on the expressway-E when attempting to login

httpd[30621]: web: Event="Security Alert" Src-ip="82.132.237.193" Src-port="34946" Detail="Possible Cross Site Scripting (XSS) attempt detected." UTCTime="2017-01-17 15:41:33"

No warnings on Expressway-C can be seen

HeribertoVV · ‎01-25-2017

Hello Dean,

Did you find the solution? I have this problem too and I don't know what is happening. I've implemented Expressway MRA before and I haven't had this problem. I have x8.9 with dual-NIC enabled. Do you have this same deployment? Internal and external Domain names.

mrogerspt · ‎02-03-2017

We just started seeing this message as well. Everything worked up until about yesterday...

Has anyone been able to find a solution?

mrogerspt · ‎02-07-2017

This may not be accurate or help anyone else, but in our situation, "You cannot login outside corporate network" appeared to be caused by our external DNS provider not returning a result for the _collab-edge SRV record.

Once I fixed DNS everything was fine.

I cannot speak to the "Possible Cross Site Scripting attempt" though...

Found this tool in another thread, very useful! https://cway.cisco.com/tools/SrvRecord/

ahmad_tamneh · ‎02-18-2017

Hello ,

I have the same issue, everything was working fine before I start seeing the error message "You can not login outside your corporate network."

Any solution so far?

Steven Luton · ‎02-18-2017

Not sure if this is a solution, but I noticed our certificate on the e server wasn't a SAN cert. According to TAC, that is the kind of cert that is needed and the cert also needs the high level domain added as a SAN, or needs the collab-edge.<yourdomain> as a SAN. I added both to the CSR, had it signed, uploaded it, restarted the server and haven't received that error since.

ahmad_tamneh · ‎02-18-2017

Hi,

In my case there was something not normal in the DMZ switch or even the firewall , changing the physical connection between the expresswayE ( LAN2) and the firewall solved the issue.

thanks for contributions

bannouraw · ‎05-25-2017

Hi All,

I am also facing the same issue. When I login from the jabber from outside, it takes me to the Certificate page but after clicking on.Continue it replies :

Cannot communicate outside the corporate network.

All the configuration are verified they are fine.

Vcse is 8.9.2

I don't understand where is the problem.

Please help guys with a solutions

Thank you for your support I advance

MiB · ‎04-02-2024

May you have a look at "User Profile" "MRA Stettings"

Cisco Jabber - You cannot login outside corporate network