CUCM 8.6 Corporate/Personal Directory "Host Not Found"

Roman Szolga · ‎10-26-2012

Hi all,

Could anyone help me with the following issue?

Users with 7961 phones receive a “Host not found” message after pressing the Corporate or Personal Directory menu item. For 7940, 7960 and 7962 it works fine.

Configuration: CUCM version 8.6.2.21900-5, 9 Nodes (1 Pub, 6 Subs, 2 TFTP). Firmware SCCP41.9-2-3S.

We tried the following to resolve the issue:

•- we’ve deleted the ITL file
•- performed a Factory reset
•- changed the “Services Provisioning ” from Internal to External/Both
•- we changed the “Secured Directory URL” in Enterprise parameters from https to http

None of those helped us. According the phone logs the issue appears when phone tries to set up a secure connection with the subscribers. We receive the following error message:

1521: NOT 15:21:29.728225 SECD: clpSetupSsl: Trying to connect to IPV4, IP: 10.128.127.10, Port : 2445
1522: NOT 15:21:29.735200 SECD: clpSetupSsl: TCP connect() waiting, <10.128.127.10> c:14 s:15 port: 2445
1523: NOT 15:21:29.736812 SECD: clpSetupSsl: TCP connected, <10.128.127.10> c:14 s:15
1524: WRN 15:21:29.739053 SECD: WARN:clpSetupSsl: failed to set TOS (96) on srvr sock, <10.128.127.10> c:14 s:15, errno 131
1525: NOT 15:21:29.740695 SECD: clpSetupSsl: start SSL/TLS handshake, <10.128.127.10> c:14 s:15
1526: ERR 15:21:29.745568 SECD: EROR:clpSetupSsl: syscall errno 32 in SSL, give up, <10.128.127.10>
1527: ERR 15:21:29.746954 SECD: EROR:clpSetupSsl: SSL/TLS handshake failed, <10.128.127.10> c:14 s:15
1528: ERR 15:21:29.748314 SECD: EROR:clpSetupSsl: SSL/TLS setup failed, <10.128.127.10> c:14 s:15
1529: ERR 15:21:29.749614 SECD: EROR:clpSndStatus: SSL CLNT ERR, srvr<10.128.127.10>
1530: ERR 15:21:29.763938 SECD: EROR:secErr_errStr: *** bad err table ***
1531: ERR 15:21:29.765667 SECD: EROR:secErr_errStr: ** SEC-ERR: code:2(N/A) subcode:32(Broken pipe)
1532: ERR 15:21:29.766974 SECD: EROR:clpSndStatus: ** SEC-ERR: desc <Broken pipe>
1533: NOT 15:21:29.768626 SECD: clpTvsInit: select returned the TVS proxy server socket, fd : 13
1534: ERR 15:21:29.770174 SECD: EROR:secSock_isConnected: ** failed to connect to target
1535: ERR 15:21:29.771572 SECD: EROR:secErr_errStr: *** bad err table ***
1536: ERR 15:21:29.772917 SECD: EROR:secErr_errStr: ** SEC-ERR: code:2(N/A) subcode:32(Broken pipe)
1537: ERR 15:21:29.774278 SECD: EROR:secSock_isConnected: ** SEC-ERR: desc <Broken pipe>
1538: ERR 15:21:29.775800 SECD: EROR:checkTvsSrvrConn: Failed to get TVS TLS session connected - setup failed
1539: NOT 15:21:29.777170 SECD: cleanupTvsSrvrSock: Clearing TVS proxy server socket, fd : 13

Does anyone know what the “broken pipe” means (code:2(N/A) subcode:32(Broken pipe)
)? I attached the logs from the phone.

Roman Szolga · ‎10-26-2012

UPDATE:

We performed the factory reset again and now we receive a different error:

2549: NOT 16:23:08.175874 SECD: clpSetupSsl: Trying to connect to IPV4, IP: 10.128.127.10, Port : 2445

2550: NOT 16:23:08.177366 SECD: clpSetupSsl: TCP connect() waiting, <10.128.127.10> c:14 s:15 port: 2445

2551: NOT 16:23:08.181784 SECD: clpSetupSsl: TCP connected, <10.128.127.10> c:14 s:15

2552: NOT 16:23:08.183024 SECD: clpSetupSsl: start SSL/TLS handshake, <10.128.127.10> c:14 s:15

2553: ERR 16:23:08.188600 SECD: EROR:clpSetupSsl: syscall errno 131 in SSL, give up, <10.128.127.10>

2554: ERR 16:23:08.189689 SECD: EROR:clpSetupSsl: SSL/TLS handshake failed, <10.128.127.10> c:14 s:15

2555: ERR 16:23:08.193811 SECD: EROR:clpSetupSsl: SSL/TLS setup failed, <10.128.127.10> c:14 s:15

2556: ERR 16:23:08.194872 SECD: EROR:clpSndStatus: SSL CLNT ERR, srvr<10.128.127.10>

2557: ERR 16:23:08.195889 SECD: EROR:secErr_errStr: *** bad err table ***

2558: ERR 16:23:08.196900 SECD: EROR:secErr_errStr: ** SEC-ERR: code:2(N/A) subcode:131(Connection reset by peer)

2559: ERR 16:23:08.197883 SECD: EROR:clpSndStatus: ** SEC-ERR: desc

2560: NOT 16:23:08.199175 SECD: clpTvsInit: select returned the TVS proxy server socket, fd : 13

2561: ERR 16:23:08.200449 SECD: EROR:secSock_isConnected: ** failed to connect to target

2562: ERR 16:23:08.201551 SECD: EROR:secErr_errStr: *** bad err table ***

2563: ERR 16:23:08.202560 SECD: EROR:secErr_errStr: ** SEC-ERR: code:2(N/A) subcode:131(Connection reset by peer)

2564: ERR 16:23:08.203552 SECD: EROR:secSock_isConnected: ** SEC-ERR: desc

2565: ERR 16:23:08.204524 SECD: EROR:checkTvsSrvrConn: Failed to get TVS TLS session connected - setup failed

Does anyone know in which cases the peer might terminate the connection?

chrysostomos1980 · ‎10-26-2012

Hi

Did you replace the hostname into enteprice parameters(phones url) with the ip address of Pub?

Please rate all useful posts Regards Chrysostomos ""The Most Successful People Are Those Who Are Good At Plan B""

Camélia · ‎11-18-2014

Hello;

are all your CUCM's reachable on their web interface?

k-baba · ‎03-17-2015

I tried several pattern written in several threads, but could not solve this issue.

As a result, changing "Host Name/IP address" of "Server Configuration" from hostname to IP address worked in my case.

Robert Thomas · ‎10-26-2012

You have an SSL handshake failure first.

I would just change the urla from https to http only and not use https.

If https is a must you can take a packet capture at the phone level so we can see the ssl handshake process

Sent from Cisco Technical Support iPhone App

moataz_mamdouh · ‎01-24-2014

I am also facing this problem , did all the above and nothing happen

1-deleting ITL

2-restarting TFTP and TVS

3-factory rest the phone

no one help , the issue is very starnge I have the coporate directory is working but only the personal directory is not working

armin.wagenfuehr · ‎02-06-2014

Make sure TCP Port 2445 is open on Firewall.

Works?

HTH, please rate all useful posts and right answers.