cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Walkthrough Wednesdays
575
Views
0
Helpful
5
Replies
Ahmed habib
Participant

jabber can't login mra

Hello, Did anyone face this before ?

I have strange problem that user was able to login MRA and internal fine. but when I changed the public IP address and adjust record , jabber not able to connect to IM&P serer while logging external.

and after reset jabber clients even the user can't login internal or external and in some trials he can login well

I collected logs many times and in one test shows that error (Jabber is not able to perform XMPP Message exchange due to issues on Server like service not running or connectivity failure., 2019-09-30 07:58:23,979 INFO [0x0000000107016bc0] [s/adapters/imp/components/Login.cpp(129)] [IMPServices] [OnLoginError] - OnLoginError: LERR_JABBER_UNREACHABLE <13>:)

I involved TAC and didn't notice any error in IM&P or expressway and recommend to revise network team as EXP-E gets TCP RST,ACK from the Jabber IP right after establishing the connection at port 5222 and 8443

5 REPLIES 5
Vaijanath Sonvane
VIP Engager

Hi,

If you configured new public IP Address on Expressway-E server, then make sure you have updated new Public IP Address at following locations:

  1. Forward and Reverse DNS A record for Expressway-E with Public IP Address on Internal DNS Server.
  2. Forward and Reverse DNS A record for Expressway-E with Public IP Address on Public DNS Server.
  3. _collab-edge SRV Record for Expressway-E FQDN on Public DNS Server.
  4. Unified Communications Traversal Zone on Expressway-C. Verify that this zone is reachable to or resolving to new public IP Address of Expressway-E.
  5. Firewall rules with new Public IP Address

You can use Collaboration Solutions Analyzer tools for verify your MRA configuration:

https://cway.cisco.com/csa/

 

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

@Vaijanath Sonvane  Thanks for your reply

I think this point is wrong

  • Forward and Reverse DNS A record for Expressway-E with  (Public) IP Address on Internal DNS Server.

I checked the rest and all is correct

 

Hi,

It depends on how you are defining the peer addresses under Unified Communications Traversal Zone in Expressway-C. If you are using IP Address then you don't need to create DNS A-record for Expressway-E on internal DNS server. But if you are using FQDN of Expressway-E, then to create DNS A-record for Expressway-E on internal DNS server as Expressway-C must resolve the public IP Address of Expressway-E.

 

Have you tried using collaboration tools to find out any issues?

 

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.

@Vaijanath SonvaneNo, I should do A record for internal IP of EXP E not public IP

A record of public IP should be done on public dns

Hi,

If you are using Dual NIC Static NAT Deployment then yes, you don't need it. I was referring that configuration to 3-Port Firewall DMZ Using Single Expressway-E LAN Interface. 

 

 

Please rate helpful posts and if applicable mark "Accept as a Solution".
Thanks, Vaijanath S.
Content for Community-Ad

Spotlight Awards 2021