cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4161
Views
1
Helpful
10
Replies

Jabber4W using MRA with Microsoft Direct Access

CHRIS KALETH
Level 5
Level 5

We recently setup MRA and can successfully connect Jabber for Mac, Jabber for iPhones, and Jabber for windows (non corporate windows 7 machines).  When we try connecting from our corporate image (Windows 7 with Direct Access (Always On)) the client gets the message "Cannot communicate with server".  Our Microsoft Direct Access perfoms DNS lookups to our internal DNS servers but we have excluded the following lookups from Direct Access:

_cuplogin._tcp.example.com

_cisco-uds._tcp.example.com

Unfortunately we are still unable to get machines to connect over MRA.  They work just fine inside our network.  Any thoughts would be appreaciated.

We are running the following:

CUCM 9.1.2

CUPS 9.1.1

J4W 10.5.2

10 Replies 10

keglass
Level 7
Level 7

This community does not provide technical support and is not staffed with technical support experts. I recommend you post this and future technical support questions to the Cisco Support Community (https://supportforums.cisco.com/index.jspa) where our Cisco technical support experts provide assistance. Another option is to open a ticket with the Cisco Technical Assistance Center (www.cisco.com/go/support) to get expert debugging assistance.


Hope this helps.

Kelli Glass

Moderator for Cisco Customer Communities

ybpants
Level 5
Level 5

ckaleth,

Did you ever get a resolution to this?  We have the exact same problem (but running CUCM/IM&P 10.5 and Jabber 10.6).

From what i understand, and I was not involved on the Direct Access side, is that it worked but suddenly stopped.  Looking at the PRT,  I have a hunch that it could have stopped working when i deployed SSO for Jabber.  I have not added SSO for the MRA peice yet and I am not sure that i will as the use case seems pretty limited

thanks

DNS was originally the issue but then we faced an internal routing issue where some clients would come through MRA but couldn't route to the CUPS server they were associated too. Our CUPs are across WANs.  We haven't done SSO so I can't speak on that but would be interested to know how well that works and it is worth it in a windows environment that can use kerberos.

mkoncurat
Level 1
Level 1

We have the exact same issue.  I have the same exemptions, however I still get "Cannot communicate with the server"

Can you provide specifics on how you were able to resolve this?

Thanks!

Hello community,

We are having a very similar or identical problem: we are installing the Cisco Jabber solution without inconvenience in our infrastructure (LAN, WiFi, remote access via VPN, through the Firewall), but we can not run Jabber with DirectAccess.

The Jabber client automatically discovers the services in all cases (SRV records), the user is able to authenticate and use the messaging services. Even through DirectAccess, it manages to control its desktop phone (which is not really necessary if we consider that the user accesses the corporate network from his home with DirectAccess).

But the problem occurs when we want to take control of the softphone using DirectAccess. The connection is never established. By performing a packet capture in the Firewall, we do not observe SIP connection attempts, however in the Jabber log, there are records that indicate connection attempts using the IPv4 of the CUCM server instead of the FQDN (DirectAccess requires FQDN since it uses a tunnel IPv6).

All our configuration of CUCM, IM & P, etc., is made with FQDN.

Could anyone solve this problem?

Thank you.

This issue is also documented here

https://supportforums.cisco.com/discussion/11919316/jabber-windows-microsoft-direct-access

Other than blocking the UDS record no solution yet I have seen

Thanks

Srini

Thanks Srini!

Its not supported and too my knowledge never will be.  You need Expressway C&E (i.e MRA) or Anyconnect.

Thanks ckaleth.

At this point we have opened a TAC case (after several days of testing), but everything tells us that there is some incompatibility between Jabber and DirectAccess. Thanks again.

Hi

Even S4B doesnt support Direct Access according to some articles like this one https://www.experts-exchange.com/questions/28955202/Skype-for-Business-2015-Screen-Sharing-won%27t-work-over-DirectAcces…

Back to Jabber, Direct Access is not supported, I know of one customer who played with the routing tables in Direct

Access to try to get Jabber traffic to go outside of the Direct Access tunnel and use Expressway to bring the traffic in.  So tried to create an exception rule.  I can not confirm if that worked or not for all workloads.

Rgs

ashish



Response Signature