cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1901
Views
0
Helpful
2
Replies

Secure conference does not work: Conferencing Oper State: ACTIVE_IN_PROGRESS - Cause Code: TCP_CONN_ERROR

jayage
Level 1
Level 1

Hi all

I configured a 2911 router for secure conferences, sccp admin state is up but i got TCP connection error. We are using CUCM v8.5.1.

When I telnet on port 2443 to our CUCM (through gi0/0 - phone vlan) it is able to establish the connection thus firewall/routing doesn't seem to be the prob.

sh sccp shows:

SCCP Admin State: UP

Gateway Local Interface: GigabitEthernet0/0

IPv4 Address: 10.36.38.254

Port Number: 2000

IP Precedence: 5

User Masked Codec list: None

Call Manager: 10.20.30.2, Port Number: 2000

Priority: N/A, Version: 7.0, Identifier: 1

Trustpoint: wacm02

Call Manager: 10.20.30.1, Port Number: 2000

Priority: N/A, Version: 7.0, Identifier: 2

Trustpoint: wacm01

Call Manager: 10.20.0.2, Port Number: 2000

Priority: N/A, Version: 7.0, Identifier: 3

Trustpoint: nhscm01

Call Manager: 10.20.30.3, Port Number: 2000

Priority: N/A, Version: 7.0, Identifier: 4

Trustpoint: nhscm02

Conferencing Oper State: ACTIVE_IN_PROGRESS - Cause Code: TCP_CONN_ERROR

Active Call Manager: NONE

TCP Link Status: NOT_CONNECTED, Profile Identifier: 10

Security

Signaling Security: ENCRYPTED TLS

Media Security: SRTP

...

Config of GW is the following:

...

!

voice-card 0

dsp services dspfarm

!

...

!

sccp local GigabitEthernet0/0

sccp ccm 10.20.0.3 identifier 4 version 7.0 trustpoint nhscm02

sccp ccm 10.20.0.2 identifier 3 version 7.0 trustpoint nhscm01

sccp ccm 10.20.30.1 identifier 2 version 7.0 trustpoint wacm01

sccp ccm 10.20.30.2 identifier 1 version 7.0 trustpoint wacm02

sccp

!

sccp ccm group 999

bind interface GigabitEthernet0/0

associate ccm 2 priority 1

associate ccm 1 priority 2

associate ccm 4 priority 3

associate ccm 3 priority 4

associate profile 10 register wienvoicegw01

registration retries 5

registration timeout 15

switchover method immediate

switchback method immediate

!

dspfarm profile 10 conference security

description ***DSP for Conference ***

trustpoint wienvoicegw01

codec g729br8

codec g729r8

codec g729abr8

codec g729ar8

codec g711alaw

codec g711ulaw

maximum sessions 4

associate application SCCP

!...

I created the trustpoints, imported via terminal the CUCM certificates / created a self-signed for the router.

Then I exported the router certifcate and uploaded it to our Publisher.

I configured enhanced conference bridge (encypted mode).

Everything else except conference calls are working - any idea?

Thanks and regards

2 Replies 2

jayage
Level 1
Level 1

I've been unable to fix it yet - still need help. Does nobody have an idea?

In most cases it seems to be a routing / firewall issue. I am quite sure that it isn't that kind of problem over here..

Hi Johass,

Not sure if you checked out this great link secure conferencing:

https://supportforums.cisco.com/docs/DOC-8197

It covers the registration troubleshooting as well. Let me know if it still fails and we can try and take a deeper dive into it.

HTH.

Regards,

Harmit.