08-08-2014 02:13 PM - edited 03-17-2019 04:23 PM
I'm able to connect calls but I get no audio or video in either direction. According to the install guide "Cisco Jabber Guest media does not go through the traversal link between Cisco Expressway-E and Cisco Expressway-C" and "Inbound firewall rules are required to allow media to flow from the Cisco Expressway-E to Cisco Expressway-C."
Does this mean that I need to open up my firewall to that large range of ports to allow the RTP traffic from the Expressway Edge to get to the Expressway C? Is it not possible to create a travesal zone for the jabber guest media to use? Thanks, Mike
Solved! Go to Solution.
08-29-2014 08:20 AM
Hmm, the fact that the media is getting to your C20 would imply the call is setup properly. I've actually deployed a similar configuration in our lab and it's working properly.
What do you mean by "numbers are odd"? Are there other phone models you can call to see if it's limited to this model? We don't have a C20 handy in my configuration, but I regularly call EX60 and 90s.
-mike
08-29-2014 08:43 AM
Sorry, I thought I had included a screen shot of the call stats. See below. In the Call section that are not receive stats, but under audio and video there are, although they are weird. Video resolution of 2x8? And it will fluctuate during the call. I did also try to a TP server and had the same results. I'll try a couple of other endpoints.
08-29-2014 08:44 AM
Oh, it seems my screenshots are being stripped out of the post for some reason. I'll attach a couple later.
08-21-2014 09:53 AM
Mike, I have opened up all ports in my firewall to the Expressway Core, but I still get no video either way. I did a packet capture on the Core and Edge. The Edge show the sending of lots of UDP packets to the private IP address of the Core, while the Core shows no receipt of UDP packets from the Edge.
Any idea what is going on? Thanks, Mike
08-27-2014 08:41 AM
Hi,
sorry for delay, I was away for a few days. Are you still having a problem? The media should flow like so
JG client->TURN encapsulated media->Edge->Core->phone
Should the Edge be able to reach the private IP:port that you're seeing from your sniffer trace? Are you doing PAT or NAT between Edge and Core?
-mike
08-27-2014 08:55 AM
No problem. Edge sits on the internet, single NIC no NAT. Core has a 1to1 NAT to a public IP. Firewall has all ports opened inbound between Edge and Core. For some reason the sniffer trace shows the Edge sending packets to the private IP of the Core.
I may have bigger issues though. If I try to make a Jabber Guest call from my internal network, I experience the same no video symptoms, plus the Jabber Guest client is sending the traffic to the Edge, while the phone is sending traffic to the core. I would expect that the two internal devices would exchange media directly since they are both internal. Is that not the case?
08-27-2014 11:41 AM
JG client will always send the media to the Edge. As part of the call buildup, the JG client receives the Core's IP address (the one the JG server is communicating with) and tells the Edge to relay media there. It sounds like your Edge server cannot communicate with that IP since it's private?
With NAT/PAT between the Edge and Core, we ask that customers use the dual NIC Edge configuration. If you can't do that, you could try pointing the JG server at the Edge for call control (SIP). Doing this would allow use of the traversal zone for the media. While that isn't officially supported, I think it should work.
This requires 5061 open in both directions for the SIP traffic and the JG server would need the Edge cert.
-mike
08-27-2014 12:39 PM
Hmmm... is that bit about using Dual NIC on the edge when there is a NAT/PAT between Edge and Core in the deployment guide?
08-28-2014 07:26 AM
No it isn't, but it should be! Will work to get that updated. Thanks.
08-28-2014 07:33 AM
Thanks Mike. Did you see my note about one way video?
09-01-2016 04:12 PM
Hello guys,
a customer have same deployment as described here:
Edge X8.7.3 with single NIC and public IP (no NAT to outside)
Core X8.7.3 is inside, with a zone as Media Encryption as Best Effort (to force the media flow through the Core)
Jabber Guest 10.6 is inside, pointing to Core
Reading this post, I realized that cannot be a NAT between Core/JabberGuest and Edge and that is the case. Doing tcpdumps I was able to confirm that the Core send UDPs to Edge and this UDP arrives at the Edge with NATed IP.
Is there a workaround to this scenario? or this customer need to implement Dual NIC?
PS: The B2B calls are working fine and the FW btw Core and Edge have all ports open.
Thanks in advance
09-01-2016 07:43 PM
Hi Elter,
Only the Cisco Expressway-E with dual NIC deployment supports NAT/PAT between the Cisco Expressway-E and the Cisco Expressway-C.So customer need to implement Dual NIC.
Workaround(not officially supported):
Regards
Yu
08-18-2014 10:54 AM
OK, thanks for the confirmation.
04-03-2015 06:04 AM
Has anyone found an solution for this issue? I have a new install (10.5.3.115) and running into the exact same issue. Any and all info is appreciated!
04-03-2015 07:32 AM
Depends on what the issue is you are referring to :) I got this working, but I had to change the network configuration of my Edge. Are you using dual or single NIC on your Edge?
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide