This is logs from Expressway

jose angel morales · ‎10-27-2015

I'm trying to set up MRA and state expressway in all sessions between Edge and CUCM core and are well displayed. but users can not find the server from internet

Jaime Valencia · ‎10-27-2015

Are you able to find the _collab-edge SRV for your servers??

If not, that's what you need to fix.

HTH

java

if this helps, please rate

jose angel morales · ‎10-27-2015

Yes the collab-edge SRV is found for E. server Exprfessway the problem is when entering user credentials, it displays an error in the application that "can not find server"

The SSH tunnel is already configured and the connection TLS also

Jaime Valencia · ‎10-27-2015

OK, and what does the logs on EXP-E and EXP-C show about this???

HTH

java

if this helps, please rate

jose angel morales · ‎10-27-2015

This is logs from Expressway C

2015-10-27T18:51:05-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Bytes per second: sent 41578.8, received 23611.8" UTCTime="2015-10-28 00:51:05"
2015-10-27T18:51:05-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Transferred: sent 4832, received 2744 bytes, in 0.1 seconds" UTCTime="2015-10-28 00:51:05"
2015-10-27T18:51:05-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Authenticated to expe.ad.icsicorp.com.mx ([187.217.209.50]:2222)." UTCTime="2015-10-28 00:51:05"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="RSA+cert host key for IP address '187.217.209.50' not in list of known hosts." UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Bytes per second: sent 46139.8, received 26201.9" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Transferred: sent 4832, received 2744 bytes, in 0.1 seconds" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Authenticated to expe.ad.icsicorp.com.mx ([187.217.209.50]:2222)." UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="RSA+cert host key for IP address '187.217.209.50' not in list of known hosts." UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Allocated port 31277 for remote forward to localhost:8443" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Allocated port 31144 for remote forward to localhost:8443" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:50:55-06:00	traffic_server[17189]: Event="Request Failed" Detail="Access denied" Reason="Host is not in allow list" Host="cucmbe6k" URL="cucm-uds/servers" UTCTime="2015-10-28 00:50:55,905"
2015-10-27T18:50:05-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Bytes per second: sent 51636.5, received 29323.4" UTCTime="2015-10-28 00:50:05"
2015-10-27T18:50:05-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Transferred: sent 4832, received 2744 bytes, in 0.1 seconds" UTCTime="2015-10-28 00:50:05"
2015-10-27T18:50:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="Authenticated to expe.ad.icsicorp.com.mx ([187.217.209.50]:2222)." UTCTime="2015-10-28 00:50:04"
2015-10-27T18:50:04-06:00	ssh: Event="sshd" Module="openssh" Level="INFO" Detail="RSA+cert host key for IP address '187.217.209.50' not in list of known hosts." UTCTime="2015-10-28 00:50:04"

jose angel morales · ‎10-27-2015

This is logs from Expressway E

2015-10-27T18:51:05-06:00	sshdpfwd[6630]: Received disconnect from 192.168.7.6: 11: disconnected by user
2015-10-27T18:51:05-06:00	sshdpfwd[6628]: Event="sshd" Module="openssh" Level="INFO" Detail="User child is on pid 6630" UTCTime="2015-10-28 00:51:05"
2015-10-27T18:51:05-06:00	sshdpfwd[6628]: Event="sshd" Module="openssh" Level="INFO" Detail="Accepted publickey for pfwd from 192.168.7.6 port 32604 ssh2: RSA+cert c7:18:cc:30:2d:67:fd:a6:4a:31:24:7d:9a:a4:2a:d7" UTCTime="2015-10-28 00:51:05"
2015-10-27T18:51:05-06:00	sshdpfwd[6628]: Event="sshd" Module="openssh" Level="INFO" Detail="Authorized by X509(rsa) : CN=ExpC.ad.icsicorp.com.mx,OU=UC,O=Corporativo ICSI,L=Coatzacoalcos,ST=Veracruz,C=Mx" UTCTime="2015-10-28 00:51:05"
2015-10-27T18:51:04-06:00	sshdpfwd[6628]: Event="sshd" Module="openssh" Level="INFO" Detail="Connection from 192.168.7.6 port 32604 on 192.168.1.131 port 2222" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd: Event="sshd" Module="openssh" Level="INFO" Detail="sshdpfwd run in non-FIPS mode" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd[6628]: Event="sshd" Module="openssh" Level="INFO" Detail="Set /proc/self/oom_score_adj to 0" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd[6623]: Received disconnect from 192.168.7.6: 11: disconnected by user
2015-10-27T18:51:04-06:00	sshdpfwd[6621]: Event="sshd" Module="openssh" Level="INFO" Detail="User child is on pid 6623" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd[6621]: Event="sshd" Module="openssh" Level="INFO" Detail="Accepted publickey for pfwd from 192.168.7.6 port 32602 ssh2: RSA+cert c7:18:cc:30:2d:67:fd:a6:4a:31:24:7d:9a:a4:2a:d7" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd[6621]: Event="sshd" Module="openssh" Level="INFO" Detail="Authorized by X509(rsa) : CN=ExpC.ad.icsicorp.com.mx,OU=UC,O=Corporativo ICSI,L=Coatzacoalcos,ST=Veracruz,C=Mx" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd[6621]: Event="sshd" Module="openssh" Level="INFO" Detail="Connection from 192.168.7.6 port 32602 on 192.168.1.131 port 2222" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd: Event="sshd" Module="openssh" Level="INFO" Detail="sshdpfwd run in non-FIPS mode" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:51:04-06:00	sshdpfwd[6621]: Event="sshd" Module="openssh" Level="INFO" Detail="Set /proc/self/oom_score_adj to 0" UTCTime="2015-10-28 00:51:04"
2015-10-27T18:50:59-06:00	traffic_server[1245]: Event="Sending HTTP error response" Status="404" Reason="Not Found" Dst-ip="187.214.59.254" Dst-port="59977" UTCTime="2015-10-28 00:50:59,209"
2015-10-27T18:50:33-06:00	traffic_server[1245]: Event="Sending HTTP error response" Status="403" Reason="Forbidden" Dst-ip="187.214.59.254" Dst-port="60622" UTCTime="2015-10-28 00:50:33,295"
2015-10-27T18:50:33-06:00	traffic_server[1245]: Event="oauthcb" Detail="SSO access denied" Reason="SSO Disabled" Src-ip="187.214.59.254" Src-port="60622" UTCTime="2015-10-28 00:50:33,295"
2015-10-27T18:50:12-06:00	traffic_server[1245]: Event="Sending HTTP error response" Status="403" Reason="Forbidden" Dst-ip="187.214.59.254" Dst-port="53244" UTCTime="2015-10-28 00:50:12,421"
2015-10-27T18:50:12-06:00	traffic_server[1245]: Event="oauthcb" Detail="SSO access denied" Reason="SSO Disabled" Src-ip="187.214.59.254" Src-port="53244" UTCTime="2015-10-28 00:50:12,420"
2015-10-27T18:50:05-06:00	sshdpfwd[6544]: Received disconnect from 192.168.7.6: 11: disconnected by user
2015-10-27T18:50:04-06:00	sshdpfwd[6542]: Event="sshd" Module="openssh" Level="INFO" Detail="User child is on pid 6544" UTCTime="2015-10-28 00:50:04"
2015-10-27T18:50:04-06:00	sshdpfwd[6542]: Event="sshd" Module="openssh" Level="INFO" Detail="Accepted publickey for pfwd from 192.168.7.6 port 32566 ssh2: RSA+cert c7:18:cc:30:2d:67:fd:a6:4a:31:24:7d:9a:a4:2a:d7" UTCTime="2015-10-28 00:50:04"
2015-10-27T18:50:04-06:00	sshdpfwd[6542]: Event="sshd" Module="openssh" Level="INFO" Detail="Authorized by X509(rsa) : CN=ExpC.ad.icsicorp.com.mx,OU=UC,O=Corporativo ICSI,L=Coatzacoalcos,ST=Veracruz,C=Mx" UTCTime="2015-10-28 00:50:04"
2015-10-27T18:50:04-06:00	sshdpfwd[6542]: Event="sshd" Module="openssh" Level="INFO" Detail="Connection from 192.168.7.6 port 32566 on 192.168.1.131 port 2222" UTCTime="2015-10-28 00:50:04"
2015-10-27T18:50:04-06:00	sshdpfwd: Event="sshd" Module="openssh" Level="INFO" Detail="sshdpfwd run in non-FIPS mode" UTCTime="2015-10-28 00:50:04"
2015-10-27T18:50:04-06:00	sshdpfwd[6542]: Event="sshd" Module="openssh" Level="INFO" Detail="Set /proc/self/oom_score_adj to 0" UTCTime="2015-10-28 00:50:04"

Sandro Nardi · ‎10-28-2015

Hi Jose.

is the domain of the user login includend in the "Domains" list of the Expressway C?

which SRV record have you configured on the internal DNS?

Regards

Sandro

jose angel morales · ‎10-28-2015

CUCM | IM&P <---> Expresway-C <---> Expressway-E <---> Jabber Client

CUCM: 192.168.7.3 --- CUCMBE6K.ad.icsicorp.com.mx
IM&P: 192.168.7.5 --- CUIMPBE6K.ad.icsicorp.com.mx
Expressway-C: 192.168.7.6 --- ExpC.ad.icsicorp.com.mx
Internal DNS: 192.168.5.1
Expressway-E: 192.168.1.131 --- ExpE.ad.icsicorp.com.mx
External-DNS: 192.168.5.3
External-DNS2: 8.8.8.8

In the Outside:
_collab-edge._tls.ad.icsicorp.com.mx is SRV resolved to ExpE.ad.icsicorp.com.mx 8443 -> OK!
ExpE.ad.icsicorp.com.mx is A resolved to 187.217.209.50 -> OK!

In the Inside:
_cisco-uds._tcp.ad.icsicorp.com.mx is SRV resolved to 192.168.7.3 -> OK!
_cuplogin._tcp.ad.icsicorp.com.mx is SRV resolved to 192.168.7.5 -> OK!
ExpC.ad.icsicorp.com.mx is A resolved to 192.168.7.6 -> OK!

Sandro Nardi · ‎10-29-2015

I have the same issue, resolved witha a packet capture on the expressway C

Maintenance -> Diagnostic -> Diagnostic logging

check - Take tcpdump while logging

during the MRA log in the EXP-C replicate the client request on the corporate networ.

here the additional record requested from the client during the registration

SRV	_cisco-phone-tftp._tcp.yourdomain	3600	IN	SRV	0 0 69 yourcucm
SRV	_cisco-phone-http._tcp.yourdomain	3600	IN	SRV	0 0 80 yourcucm
SRV	_xmpp-server._tcp.yourdomain	3600	IN	SRV	0 0 5269 yourpresence

Adding this record worked for me.

just to be sure chek the DNS resolution from the EXP-C prospective

Maintenance -> Tools -> network utility -> DNS lookup

Host "yourdomain"

Query type "all"

Check against the following DNS servers "all"

Regards Sandro

mneira099 · ‎01-07-2016

Hi Jose,

Did you get this issue solved?

I'm having the same issue...

Miguel Neira

Users can not log on from Internet with Mobile and remote access using Expressway