Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1673
Views
0
Helpful
5
Replies

Jabber outside login issue

eng_ali_83
Level 1
Level 1

‎07-10-2018 06:05 PM - edited ‎03-17-2019 07:39 PM

Hi,

Recently we have finished deploying Expressway-C and E (MRA) version 8.10 as well as CUCM 11.5 , everything working well from inside our organization , we can successfully login from Jabber for windows (version 12) and successfully calling each other , we are using it just as Softphone for audio calls only.
When we try to login using Jabber from outside the organization we can not login , each time we got error message saying Username or Password is not correct.
The same user that can login from inside the organization can not login from outside for the same reason(username and password).
Any suggestion please
Thanks a lot

Preview file
31 KB
0 Helpful
5 Replies 5

Dennis Mink
VIP Alumni
VIP Alumni

‎07-11-2018 05:00 AM - edited ‎07-11-2018 05:13 AM

are your srv records correctly pointing to the public IP of the VCSe- public IP address? can you share

 

_cisco-phone-http              (SRV),[10][10][8443]        uk-cucm-01.company-internal.net

_cisco-uds                           (SRV),[10][10][8443]        uk-cucm-01.company-internal.net

_cuplogin                            (SRV),[10][10][8443]        uk-cups-01.company-internal.net

_sip                                      (SRV),[10][10][5060]        uk-cucm-01.company-internal.net

_sips                                    (SRV),[10][10][5061]        uk-cucm-01.company-internal.net

 

and also can you check the logs to see if the authentication requests hit vcs e and c

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

eng_ali_83
Level 1
Level 1
In response to Dennis Mink

‎07-11-2018 03:56 PM

Thank you for your reply , all of these SRV records that you post is for internal DNS , we only use Jabber and MRA for voice call , we dont use CUCM IM & Presence , so I only used _cisco-uds_tcp.example.com and it resolved correctly to our CUCM pub server :
DNS request timed out.
timeout was 2 seconds.
_cisco-uds._tcp.example.com SRV service location:
priority = 0
weight = 0
port = 8443
svr hostname = cm-pub.example.com
cm-pub.example.com internet address = 10.100.100.180
0 Helpful

R0g22
Cisco Employee
Cisco Employee

‎07-11-2018 07:44 AM

Public DNS should only have collab-edge TLS SRV record which would resolve to the Ewy-E public address. Your UDS or cup-login SRV should not be present on the public DNS.
Have you ensured this ?
What is the authentication that you are using for MRA ? User creds, OAuth etc ? I am talking about MRA access control.

0 Helpful

eng_ali_83
Level 1
Level 1
In response to R0g22

‎07-11-2018 02:26 PM

 
0 Helpful

eng_ali_83
Level 1
Level 1
In response to R0g22

‎07-11-2018 04:07 PM

Thanks Nipun for your reply , yes I am 100% sure that only collab-edge is resolvable from External DNS , no other SRV can be resolved from there.
I am using OAuth , we have LDAP connection between CUCM and Microsoft Active directory , is that what you meant?
There is one update just got it today that I can login externally (from the internet connection) after 4 attempts of entering my username and password , I know it seem weird but I have tried it from more than three devices , Jabber keep saying your username or password is not correct until I enter my username and password for the fourth time after that I can login , still Jabber phone service is not working so I can not make any call also nothing registered to CUCM.
We have 4 CUCM 11.5 , one Pub and three sub no CUC nor IM&presence
0 Helpful
Customers Also Viewed These Support Documents