Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2792
Views
0
Helpful
8
Replies

Disaster Recovery System - CUCM 8.6.1

Go to solution
markah
Level 1
Level 1

‎10-13-2011 12:40 PM - edited ‎03-16-2019 07:29 AM

Hi,

I'm having trouble taking a backup of my CUCM cluster, I've tried using FreeSSHd and Titan FTP but I keep getting the following error message:

     Unable to contact server. Master or Local Agent could be down

I've tried restarting the services and also rebooted the servers but I'm still having the same issue.

Regards,

Mark

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎10-14-2011 06:03 AM

Hi Mark,

It could be this bug;

CSCtq70900 - Tomcat and/or IPSEC Key store corruption causes DRF backup failures

Description

Symptom:
Unable to backup one or more nodes in a cluster
Conditions:
Corruption of tomcat or ipsec keystores
Workaround:
Special root-based commands to re-generate the certificates either on Pub or Sub(s)
(ie tomcat certs have to be generated on a per-Sub basis and
ipsec certs have to be generated on the Pub)

Details

1st Found-in:                          (1)

8.6(1.10000.40)

Status:

Fixed

Last Modified:

Oct 02,2011

Fixed-in:                          (10)

9.0(0.96000.16), 8.6(2.10000.30), 8.6(1.98000.80)

8.6(1.98000.36), 8.6(1.96000.16), 8.6(1.96000.157)

8.6(1.95180.3), 8.6(1.95050.1), 8.6(1.95020.80)

8.6(1.95020.1)

Product:

Cisco Unified Communications Manager (CallManager)

Platform:

Dependent

Severity:

2 - severe

Customer Reported:                          (3)

Cheers!

Rob

View solution in original post

0 Helpful
8 Replies 8

Go to solution
markah
Level 1
Level 1

‎10-13-2011 12:55 PM

Sorry, I should add that this message is only reported against the subscriber, the publisher backs up fine.

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎10-14-2011 06:03 AM

Hi Mark,

It could be this bug;

CSCtq70900 - Tomcat and/or IPSEC Key store corruption causes DRF backup failures

Description

Symptom:
Unable to backup one or more nodes in a cluster
Conditions:
Corruption of tomcat or ipsec keystores
Workaround:
Special root-based commands to re-generate the certificates either on Pub or Sub(s)
(ie tomcat certs have to be generated on a per-Sub basis and
ipsec certs have to be generated on the Pub)

Details

1st Found-in:                          (1)

8.6(1.10000.40)

Status:

Fixed

Last Modified:

Oct 02,2011

Fixed-in:                          (10)

9.0(0.96000.16), 8.6(2.10000.30), 8.6(1.98000.80)

8.6(1.98000.36), 8.6(1.96000.16), 8.6(1.96000.157)

8.6(1.95180.3), 8.6(1.95050.1), 8.6(1.95020.80)

8.6(1.95020.1)

Product:

Cisco Unified Communications Manager (CallManager)

Platform:

Dependent

Severity:

2 - severe

Customer Reported:                          (3)

Cheers!

Rob

0 Helpful

Go to solution
markah
Level 1
Level 1
In response to Rob Huffman

‎10-14-2011 03:09 PM

Thanks for you help Rob,

I'll investigate next week and see if I can make any progress with this .

I'm not sure whether to raise a TAC case or try upgrading, although I don't think version 8.6(2a) is listed as fixing the issue.

Regards,

Mark

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎10-15-2011 10:49 AM

Hi Mark,

I really think that opening a TAC case would be your best bet here

If this bug is what you are hitting then they can load up a proper "fixed-in"

version for special download for you.

Cheers!

Rob

0 Helpful

Go to solution
markah
Level 1
Level 1
In response to Rob Huffman

‎10-18-2011 05:55 AM

Thanks Rob,

I've just got to wait until we have the support contract in place before I raise the TAC case.

I'll let you know the outcome.

Regards,

Mark

0 Helpful

Go to solution
markah
Level 1
Level 1
In response to markah

‎11-17-2011 04:55 PM

Finally raised a case with Cisco TAC on this issue, they advised me on how to regenerate some of the ipsec certifcates on the servers but that didn't fix the problem.

I then noticed that the 'ipsec-trust' certificate on the Subscriber server disappeared and reappeared every couple of minutes.

TAC now want to investigate to see if the CSCtq70900 bug is causing the issue and require root access to the servers.

I'll update as soon as I have more info.

Regards,

Mark

0 Helpful

Go to solution
markah
Level 1
Level 1
In response to markah

‎11-21-2011 08:27 AM

Rob,

You were correct about the bug causing the issues:

CSCtq70900 - Tomcat and/or IPSEC Key store corruption causes DRF backup failures

TAC have connected to the subsciber and resolved the issue (repaired the ipsec-trust keystore).

Thanks for your help on this

Mark.

0 Helpful

Go to solution
satish rawat
Level 1
Level 1
In response to markah

‎09-29-2013 12:40 PM

Hi Guys, Looks like i am hitting this bug.. I tried to repair the ipsec trust certs and now have serial no's matching on all three nodes in the cluster but no change..continue to get get the message the local or Master DRF agent is down. Just curious to know if i upgrade the server to version where it is fixed in 8.6 will it fix the issue or i still need TAC to login with root and do the magic

0 Helpful
Customers Also Viewed These Support Documents