Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2695
Views
10
Helpful
9
Replies

Jabber MRA login issue (cannot communicate server)

min ko
Level 1
Level 1

‎10-26-2021 10:15 PM

Dear experts.

We have a new setup of CUCM,IMAP,CUC, Expressway C and E servers respectively. Jabber for andriod and desktop users are created on the CUCM and sync with the AD ldap server.

 

I can confirm that certficates have been exchanged properly between EXP C & E successfully and all services have been added has been added on the DNS externally and internally. However Jabber still failed to login via MRA. This works internally perfectly. However, while trying to login via MRA, i keep getting different errors from " unable to communicate with server, failed to start a new session". Could I know how to fix this error.

 

Thanks and best rgds,

Min Ko

9 Replies 9

Nithin Eluvathingal
VIP
VIP

‎10-26-2021 11:04 PM

Does internal Jabber Login  Working ?

 

I would suggest to collect logs from both E and C While recreating the ISSUE and analyse the logs  using CSA tool. it gives you more informations about your  issue. 

 

https://cway.cisco.com/csa/

 

 

 



Response Signature


min ko
Level 1
Level 1
In response to Nithin Eluvathingal

‎10-27-2021 09:37 PM

Dear Nithin,

 

Yes Sir, Jabber internal is working. Thanks for your advice. I have not found any error in exp C and E as per CSA tool. please could you help me to figure out as below exp Core and Edge logs?

 

let me explain our scenarios.
we have 2 domain example ( domain A and domain b) both domain can login to jabber (internal).

We have srv_ records for these two domain in our internal and external DNS. these SRV are working.
Presence domain is domain A with directory url mode. we configured Voice service domain for domain B in jabber-config XML file . CUCM and IMP server host name FQDN are with domain A. (cucmpub@domain A)

But we configure these two domain (expc@domain A , expc@domain B) in Exp-C. we configured Expressway E with domain B (expe@domain b). If we can communicate with jabber@domain b.It is OK. When we jabber login step is OK but  we are facing with "not communicate to internal server." Could you please suggest me to do someting Sir? I always happy to hear from you. Thank you so much Sir.

 

there is no CUCM and IMP clusters in our environment.

 

Your Sincerely,

Min Ko

EXP C and E logs.zip
0 Helpful

Nithin Eluvathingal
VIP
VIP
In response to min ko

‎10-27-2021 10:10 PM

Analyzing your log , i can see below certificate Error.

 

11111.PNG

 

 

What you mean by domain A and Domain B, is this a scenario which use multiple domains inside an organizations.

Or a site which use one domain for  inside and a different domain outside, for example internal domain domain.local and public domain domain.com.

 

 

 



Response Signature


0 Helpful

min ko
Level 1
Level 1
In response to Nithin Eluvathingal

‎10-27-2021 10:40 PM

Dear Sir,

 

Thanks for your quick reply.

 

we have two multiple domain domain A and domain B. customer do not want to use with old domain A and they would like to use with new domain b only both internal and external via MRA. So UC infra severs like cucm,imp,uccx,cuc fqdn names are still with old domain A. we added to two FQDN domain name a and b in exp C.

 

In Expressway E , we generate SAN names with (new) domain B in public DNS and sign with exp E. we are facing with cannot connect to the server in jabber. So what would you suggest me to do . the root cause is certificate ssl error?

 

Thank you so much for your answer. I am awaiting for your response.

 

Your sincerely,

Min Ko

 

0 Helpful

Nithin Eluvathingal
VIP
VIP
In response to min ko

‎10-29-2021 07:42 PM

If customer don't want to use Domain A, Why dot you bring  all your UC infrastructure in Domain B. 

Collect jabber problem report. 

 

single domain:-

  • client email address is xyz.com.
  • UC applications domain is xyz.com.
  • expressway and E& C in xyz.com. 

 

multi domain:-

  • client email xyz.com. 
  • UC application domain is xyz.local
  • expressway C domain is xyz.local
  • expressway E domain is xyz.com

single domain is pretty easy as all your applications will be in  xyz.com. 

 

  • keep all servers in xyz.com
  • internal A record UC.xyz.com
  • internal SRV for UDS xyz.com
  • public A record Edge xyz.com
  • public SRV Edge xyz.com

 

 

Multi domain you need to play with DNS.

 

  • UC applications and Expressway C in xyz.local
  • expressway E in xyz.com
  • internal SRV for UDS xyz.local
  • internal DNS will have xyz.com subzone
  • xyz.com subzone contain  A record expresswayE Ponting to expressway E's internal Nic IP.
  • public A record Edge xyz.com points to your Public IP.
  • public SRV Edge xyz.com

 

Open required ports on  Firewall. 



Response Signature


0 Helpful

min ko
Level 1
Level 1
In response to Nithin Eluvathingal

‎11-01-2021 09:41 PM

Dear Nithin,

 

Read and noted with thanks. let me know that do you mean uc application domain - Presence domain? If I was wrong, correct me please. Now there is a little bit issue in Public DNS CSR generate process at our customer side. I will get back to you when we fixed our problem as per your suggestion and Many thanks for your kind and help Sir.

 

Your Sincerely,

Min Ko 

0 Helpful

Vinod.s
Level 3
Level 3
In response to min ko

‎10-29-2021 07:40 AM

Hi,

Its new setup or its working before?

For internal login which domain you are using and for mra which domain ?

Please check your external domain lookup on CSA tool srv tester and let me know result.

 

Try login on mra and generate jabber problem report and share here ...

0 Helpful

min ko
Level 1
Level 1
In response to Vinod.s

‎11-01-2021 09:57 PM

Dear James,

 

let me explain our scenarios,

 

we have two multiple domain such as domain A and domain B. At this moment, customer do not want to use with old domain A and they would like to use with new domain b only both internal and external via MRA. So UC infra severs like CUCM,IMP,UCCX,CUC, FQDN names are still with old domain A. we added to two FQDN domain name a and b in exp C.

 

In Expressway E , we generate SAN names with (new) domain B in public DNS and sign with exp E. we are facing with cannot connect to the server in jabber. Now is working both internal and external with old domain (domain A) but we want to use with both these two domain for jabber. Could you please help to check expressway C and E logs as following. Thank you so much for your help.

 

Your Sincerely,

Min Ko.

EXP C and E logs.zip
0 Helpful

Vinod.s
Level 3
Level 3
In response to min ko

‎11-03-2021 12:05 AM

Hi Min,

 

Refer this doc .. https://www.cisco.com/c/en/us/support/docs/unified-communications/expressway-series/117811-configure-vcs-00.html

 

you can use multi domain for MRA login without any issue .

 

Exp-C will use domain A 

Exp-E you have to configure with domain B and you have valid DNS server for Exp E who will resolve your domain B to domain A ...

 

If your internal DNS server will not able to resolve domain B to Domain A (speak to your AD/server team) then you have to install new DNS server in DMZ for expressway .

 

Thanks .

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents