Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3435
Views
5
Helpful
15
Replies

jabber client inside network: you cannot access outside of your corporate network

Go to solution
jaheshkhan
Level 5
Level 5

‎11-13-2020 11:22 AM

Our client facing issue while login to jabber iphone client inside LAN network. The error message is as follows:
"you cannot access outside of your corporate network"

 

What could be the reason..

The issue is not for all users only for certain amount of users.

From the same iphone jabber client they cannot login with different account as well. They reset the client and tried. they uninstalled the jabber client and installed it back and then tried. but it all ended with same error message.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jaheshkhan
Level 5
Level 5

‎12-21-2020 03:35 AM

WE found jabber user in subscriber only facing this issue. 

Restarted IMP Publisher first then IMP Subscriber . Then we found HA in presence residency group ended in failover status. Clicked failover button for publisher and subscriber and both server ended up normal status.

 

then user is able to login to server without any issue

View solution in original post

0 Helpful
15 Replies 15

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎11-13-2020 01:33 PM

I'd start by reviewing a PRT and checking all the DNS/SRVs and necessary ports are working properly.

HTH

java

if this helps, please rate
0 Helpful

Go to solution
jaheshkhan
Level 5
Level 5
In response to Jaime Valencia

‎11-13-2020 04:16 PM

If that's so why it's not impacting all. It's happening only for some. That too for mobile client..

Cucm and imp versions are 11.5 SU8

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to jaheshkhan

‎11-13-2020 11:38 PM - edited ‎11-13-2020 11:41 PM

This is where the PRT from the affected clients is of interest. In this you likely can find the information for the cause of this.

Maybe not the magic bullet you look for as it would require you to do the work of digging through the log files in the PRT.



Response Signature


Go to solution
Nithin Eluvathingal
VIP
VIP
In response to jaheshkhan

‎11-14-2020 11:02 PM

check if the mobile users DNS is able to resolve the SRV record. change the DNS on mobile device and see if it resolve the issue. because I faced similar issue with one of our ISP in this region. changing the DNS to 8.8.8.8, they where able to login. 



Response Signature


0 Helpful

Go to solution
jaheshkhan
Level 5
Level 5
In response to Nithin Eluvathingal

‎11-15-2020 01:09 AM

But they told me they are facing this issue for internal network as well. that too same iPhone users...i already told them to get PRT.. waiting to get collected.

 

 

0 Helpful

Go to solution
Shalid Kurunnan Chalil
Spotlight
Spotlight
In response to jaheshkhan

‎11-20-2020 04:55 AM

Hi,

 

may be the WiFi doesnt resolving the internal DNS query and/or resolving the collab edge.

 

just a thought, could you please look at the MRA policy on the call manager and see if the affected users assigned to different policy than the working user.

User Profile on the end user page.

See the MRA policy on the User Management >> USer Settings >> User Profile

Mobile and Remote Access Policy

0 Helpful

Go to solution
jaheshkhan
Level 5
Level 5
In response to Shalid Kurunnan Chalil

‎11-20-2020 05:38 AM

Thanx .. but I already mentioned this problem happening internal lan. So how come mra come into picture. I think this is happening bcoz of some DNS issue it seems.. they are monitoring issue to happen again 

0 Helpful

Go to solution
Shalid Kurunnan Chalil
Spotlight
Spotlight
In response to jaheshkhan

‎11-20-2020 08:54 AM

OK. Understood.

I have seen in many customers their Wi-Fi setup are bit different than the internal LAN network. I believe the Iphone connected via Wi-Fi.

If the Jabber on iPhone unable to resolve the cisco uds srv record, and if it resolving collab edge and you have MRA policy to block the jabber access, then the error present on JAbber is "Sign in from your corporate network".

 

But again as others mentioned, Jabber PRT will tell it. if you can run the Jabber prt logs  on https://cway.cisco.com/csa. it gives you the DNS query result and possible reason for the error. 

 

Apologies if i misunderstood your issue.

 

Regards,

 

0 Helpful

Go to solution
jaheshkhan
Level 5
Level 5
In response to Jaime Valencia

‎11-24-2020 12:30 AM

how can we get logs if they are not even able to login to jabber??? 

0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to jaheshkhan

‎12-21-2020 03:53 AM

You don’t need to be able to login to create PRT from a Jabber client.



Response Signature


0 Helpful

Go to solution
jaheshkhan
Level 5
Level 5

‎12-21-2020 03:35 AM

WE found jabber user in subscriber only facing this issue. 

Restarted IMP Publisher first then IMP Subscriber . Then we found HA in presence residency group ended in failover status. Clicked failover button for publisher and subscriber and both server ended up normal status.

 

then user is able to login to server without any issue

0 Helpful

Go to solution
BalajiSivaraj49175
Spotlight
Spotlight

‎12-21-2020 06:34 AM

To enable MRA need to use the following procedure,

 

Capture41.JPG

0 Helpful

Go to solution
BalajiSivaraj49175
Spotlight
Spotlight

‎12-21-2020 06:36 AM

Jabber users, the MRA access policy that you configured must be associated to your Cisco Jabber users during the LDAP sync. For information on how to provision end users, see the End User Configuration.

0 Helpful
Customers Also Viewed These Support Documents