Solved: Hi Dennis Well my statement - Cisco Community

3278

Views

5

Helpful

7

Replies

Hey Guys.

I have a small issue I cant wrap my head around.

I have deployed a CUCM/IMP enviroment, with a MRA Expressway set.

This enviroment works as a hosted jabber solution, were domain is the same as the customers on-prem domain.

So in my data center i have deployed the servers, MRA is working fine- All Certs are working and public dns works.

At the customer site, the MRA is working, but only when you use a public DNS server as DNS.

When you use their internal DNS server the result is that the service are not located (collab-edge service not found).

The problem is; The internal DNS has the SRV for the collab edge correctly setup together with the A-record for the Expressway E

Wireshark however shows the issue when comparing the internal DNS and Googles DNS:

on Google:

SRV _cisco-uds._tcp.domain.com

Response: No such name

SRV _cuplogin._tcp.domain.com

Response: No such name

SRV _collab-edge._tls.domain.com

Response: vcse.domain.com

A vcse.domain.com

A xxx.xxx.xxx.xxx

And Voila!

On internal:

SRV _cisco-uds._tcp.domain.com

Response: CNAME web2.domain.com

SRV _cuplogin._tcp.domain.com

Response: CNAME web2.domain.com

SRV _cisco-uds._tcp.domain.com

Response: CNAME web2.domain.com

SRV _cuplogin._tcp.domain.com

Response: CNAME web2.domain.com

SRV _cisco-uds._tcp.domain.com

Response: CNAME web2.domain.com

SRV _cuplogin._tcp.domain.com

and this goes on.. the client never initiates the SRV _collab-edge._tls.domain.com lookup

Now im not experinced with DNS servers, but it seems a default reference to a web server is the response to the first two lookups, and because an answer is provided it loops.

Can anyone help me with what to do with this DNS server?

Thanks in advance.

/Magnus

1 Accepted Solution

Accepted Solutions

Hi again.

I can hereby confirm that the issue is resolved- there was a *.domain.com (wildcard) record. We deleted this and now all is working.

/Magnus

View solution in original post

7 Replies 7

Magnus,

One thing that is not clear to me is, why do you need an internal DNS server to be functional on your VCS-e? Because you indicated, your MRA is working fine, when using an external DNS

Please remember to rate useful posts, by clicking on the stars below.

Hi Dennis

Well my statement is actually that I don't... TO use VCS-e, but the company needs the internal DNS for other stuff..

I think btw, with a little help from a friend I've found the problem..

A DNS wildcard is proberbly in place, and is the reason the client gets a response on the cisco-uds and the cuplogin...

/Magnus

Hi again.

I can hereby confirm that the issue is resolved- there was a *.domain.com (wildcard) record. We deleted this and now all is working.

/Magnus

@Magnus Holsting Can you please illustrate how that was done?

I have users will connect MRA from internet and some users want to connect MRA from internal different network.

How can I just make this in DNS A records and add collabedge SRV records in internal dns

collabedge SRV is for public not internal.

internal will be UDS SRV.

have a look on below link.

https://www.cisco.com/c/en/us/td/docs/voice_ip_comm/jabber/12_7/cjab_b_planning-guide-cisco-jabber-127/cjab_b_planning-guide-cisco-jabber-127_chapter_0101.html

Response Signature

Normally, there is no need to have the _collab-edge SRV in your internal DNS as this is for MRA logins from the internet. But Jabber will nonetheless find the _cisco-uds SRV and connect straight to CUCM since it searches for it 1st and then the _collab-edge SRV secondly.

It could possibly be an issue with the switch from MRA to on-prem if the _collab-edge SRV is present in the internal DNS.

Response Signature

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Log in to Community