Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7134
Views
15
Helpful
17
Replies

Jabber Expressway MRA connects to all but Softphone

Go to solution
kdotten36
Level 3
Level 3

‎02-04-2016 02:10 PM - edited ‎03-17-2019 05:45 AM

Looking for some assistance.  I have Expressway 8.7 in the recommended two-legged design except not using NAT since the outside interface is already publicly accessible.  I have a valid Cert on exp-e, and a privately created CA cert on exp-c using the Certificate Guide and OpenSSL.

Getting Failed to Establish SSL errors.  In the debugging logs I see "peer did not return a certificate".  I have my private CA and self-signed CM cert installed to the Enterprise Trust store on the laptop and the iPhone from which I'm connecting.

CUCM (9.1.2) has a tomcat cert also signed by the private CA, and the CallManager cert is self-signed.  The root private CA and self-signed CM certs are uploaded as Trusted CA on both expressways.  I've tested Jabber for iPhone and Jabber for Windows and both can successfully register externally with Exp-E, IMP, CUX, but not the softphone.  I have a SIP Trunk for outbound calls and the Security SIP Profile has a separate port configured and there are two traversal zones, one for UC and one for that purpose.  I also tried removing the Trunk's traversal zone and all references to it in case it was interfering and got the same results.

I'm attaching one of the Jabber Problem Reports and a Developer's log from expressway E.  The time of the registration failure is 16:30 on 2/4/16.

If more are needed I can run another.  Thanks for looking.

EDIT: Forgot to mention, I also tried adding a firewall rule to allow all traffic to and from the expressway temporarily and it still didn't work, so it shouldn't be a firewall oversight.

1 person had this problem
Labels:
Preview file
262 KB
jabber.zip
0 Helpful
17 Replies 17

Go to solution
Johnny Nkunda Kabundi
Level 1
Level 1
In response to kdotten36

‎09-13-2016 09:48 AM

Hi Team,

I have had the same exact issues and thanks to "kdotten36", I managed to update the Default Zone between the Expressway Core and Edge using the settings recommended above and everything started working now.

I now have IP Phones registering correctly via MRA as well as Cisco Jabber for Windows/iOS, etc.

Thanks again for the tips.

Johnny Cash.

Go to solution
Ayodeji Okanlawon
VIP Alumni
VIP Alumni

‎02-19-2016 12:09 PM

You are a legend! Thank you so much for sticking with this and updating the thread. I will be making the change too and monitor the behaviour. This has been absolutely frustrating for me. 

Please rate all useful posts
0 Helpful

Go to solution
shh5455
Level 3
Level 3
In response to Ayodeji Okanlawon

‎11-19-2018 02:16 PM

If anyone has this trouble in X8.11 check to see whether this setting is enabled.  It needs to be disabled.

 

 2018-11-19 16_14_05-Clipboard.png

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents