Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
561
Views
0
Helpful
2
Replies

Jabber w/o VPN - Expressway E and C - Dual NIC on E Server - Multi-domains

Go to solution
mysecure2017
Level 1
Level 1

‎06-25-2018 04:11 PM - edited ‎03-17-2019 07:37 PM

I have a very interesting question regarding Jabber w/o VPN and Expressway Servers v8.10. CUCM 11.5v

My Jabber w/o VPN is not working.

I have an Expressway E with dual NIC. NIC1 = To Inside and NIC2 = To Outside. I have E with Internal/Public Certs. SRV Checker Tool confirmed SRV entries to this Server.

I have an Expressway C on my inside network.

 

I was told by TAC the problem is my Expressway E Server system hostname is configured with servername.companyname.net and that I should change it to servername.companyname.com, so that my jabber clients can resolve correctly as it transits through CUCM, Expressways and etc. 

 

However, I was told by my consultant who recently built my Expressways, that TAC is incorrect. The consultant currently has other clients with the same build as mine and it works fine with .net as the host name. 

 

My expressway system hostname (.net) is not resolvable from the Outside, but it is resolvable from the Inside. Jabber users from Outside will enter their email address as username@companyname.com, not .net. 

Who is correct, TAC or consultant?

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mysecure2017
Level 1
Level 1
In response to Jaime Valencia

‎07-03-2018 07:58 AM

I resolved my issue. 

Bottom line..... the system host domain name must be the same as your external NIC. Originally, External NIC = .com and Internal NIC = .net. I change them to External NIC = .com and Internal NIC = .com. After making this change, Jabber started to work. Make sure your public certs has alternative names for the system host domain name.  

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Jaime Valencia
Cisco Employee
Cisco Employee

‎06-25-2018 04:34 PM

The only server that MRA endpoints will communicate with is EXP-E, any internal servers, including EXP-C are not reached out by MRA endpoints directly. As long as EXP-C can communicates with CUCM, IM&P, CUC, etc for the UC services, and EXP-E for the UC traversal zone, that's all that's needed and there are no rules that I'm aware of regarding naming of internal servers that need to be .com or otherwise it won't work.

MRA doesn't work depending on the FQDN of EXP-C, but on the domains you configured and enabled for MRA (as well as the rest of the MRA config)

HTH

java

if this helps, please rate
0 Helpful

Go to solution
mysecure2017
Level 1
Level 1
In response to Jaime Valencia

‎07-03-2018 07:58 AM

I resolved my issue. 

Bottom line..... the system host domain name must be the same as your external NIC. Originally, External NIC = .com and Internal NIC = .net. I change them to External NIC = .com and Internal NIC = .com. After making this change, Jabber started to work. Make sure your public certs has alternative names for the system host domain name.  

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents