12-02-2014 01:16 PM - edited 03-17-2019 04:42 PM
We recently setup MRA and can successfully connect Jabber for Mac, Jabber for iPhones, and Jabber for windows (non corporate windows 7 machines). When we try connecting from our corporate image (Windows 7 with Direct Access (Always On)) the client gets the message "Cannot communicate with server". Our Microsoft Direct Access perfoms DNS lookups to our internal DNS servers but we have excluded the following lookups from Direct Access:
_cuplogin._tcp.example.com
_cisco-uds._tcp.example.com
Unfortunately we are still unable to get machines to connect over MRA. They work just fine inside our network. Any thoughts would be appreaciated.
We are running the following:
CUCM 9.1.2
CUPS 9.1.1
J4W 10.5.2
12-03-2014 08:30 AM
This community does not provide technical support and is not staffed with technical support experts. I recommend you post this and future technical support questions to the Cisco Support Community (https://supportforums.cisco.com/index.jspa) where our Cisco technical support experts provide assistance. Another option is to open a ticket with the Cisco Technical Assistance Center (www.cisco.com/go/support) to get expert debugging assistance.
Hope this helps.
Kelli Glass
Moderator for Cisco Customer Communities
06-30-2015 01:10 PM
ckaleth,
Did you ever get a resolution to this? We have the exact same problem (but running CUCM/IM&P 10.5 and Jabber 10.6).
From what i understand, and I was not involved on the Direct Access side, is that it worked but suddenly stopped. Looking at the PRT, I have a hunch that it could have stopped working when i deployed SSO for Jabber. I have not added SSO for the MRA peice yet and I am not sure that i will as the use case seems pretty limited
thanks
07-01-2015 06:24 PM
DNS was originally the issue but then we faced an internal routing issue where some clients would come through MRA but couldn't route to the CUPS server they were associated too. Our CUPs are across WANs. We haven't done SSO so I can't speak on that but would be interested to know how well that works and it is worth it in a windows environment that can use kerberos.
07-08-2016 05:26 AM
We have the exact same issue. I have the same exemptions, however I still get "Cannot communicate with the server"
Can you provide specifics on how you were able to resolve this?
Thanks!
03-28-2017 04:21 PM
Hello community,
We are having a very similar or identical problem: we are installing the Cisco Jabber solution without inconvenience in our infrastructure (LAN, WiFi, remote access via VPN, through the Firewall), but we can not run Jabber with DirectAccess.
The Jabber client automatically discovers the services in all cases (SRV records), the user is able to authenticate and use the messaging services. Even through DirectAccess, it manages to control its desktop phone (which is not really necessary if we consider that the user accesses the corporate network from his home with DirectAccess).
But the problem occurs when we want to take control of the softphone using DirectAccess. The connection is never established. By performing a packet capture in the Firewall, we do not observe SIP connection attempts, however in the Jabber log, there are records that indicate connection attempts using the IPv4 of the CUCM server instead of the FQDN (DirectAccess requires FQDN since it uses a tunnel IPv6).
All our configuration of CUCM, IM & P, etc., is made with FQDN.
Could anyone solve this problem?
Thank you.
03-28-2017 04:43 PM
This issue is also documented here
https://supportforums.cisco.com/discussion/11919316/jabber-windows-microsoft-direct-access
Other than blocking the UDS record no solution yet I have seen
Thanks
Srini
03-28-2017 06:07 PM
Thanks Srini!
03-28-2017 07:03 PM
Its not supported and too my knowledge never will be. You need Expressway C&E (i.e MRA) or Anyconnect.
03-28-2017 07:16 PM
Thanks ckaleth.
At this point we have opened a TAC case (after several days of testing), but everything tells us that there is some incompatibility between Jabber and DirectAccess. Thanks again.
03-29-2017 01:30 AM
Hi
Even S4B doesnt support Direct Access according to some articles like this one https://www.experts-exchange.com/questions/28955202/Skype-for-Business-2015-Screen-Sharing-won%27t-work-over-DirectAcces…
Back to Jabber, Direct Access is not supported, I know of one customer who played with the routing tables in Direct
Access to try to get Jabber traffic to go outside of the Direct Access tunnel and use Expressway to bring the traffic in. So tried to create an exception rule. I can not confirm if that worked or not for all workloads.
Rgs
ashish
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide