11-21-2012 04:43 AM - edited 03-16-2019 02:19 PM
Hi all
I configured a 2911 router for secure conferences, sccp admin state is up but i got TCP connection error. We are using CUCM v8.5.1.
When I telnet on port 2443 to our CUCM (through gi0/0 - phone vlan) it is able to establish the connection thus firewall/routing doesn't seem to be the prob.
sh sccp shows:
SCCP Admin State: UP
Gateway Local Interface: GigabitEthernet0/0
IPv4 Address: 10.36.38.254
Port Number: 2000
IP Precedence: 5
User Masked Codec list: None
Call Manager: 10.20.30.2, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 1
Trustpoint: wacm02
Call Manager: 10.20.30.1, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 2
Trustpoint: wacm01
Call Manager: 10.20.0.2, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 3
Trustpoint: nhscm01
Call Manager: 10.20.30.3, Port Number: 2000
Priority: N/A, Version: 7.0, Identifier: 4
Trustpoint: nhscm02
Conferencing Oper State: ACTIVE_IN_PROGRESS - Cause Code: TCP_CONN_ERROR
Active Call Manager: NONE
TCP Link Status: NOT_CONNECTED, Profile Identifier: 10
Security
Signaling Security: ENCRYPTED TLS
Media Security: SRTP
...
Config of GW is the following:
...
!
voice-card 0
dsp services dspfarm
!
...
!
sccp local GigabitEthernet0/0
sccp ccm 10.20.0.3 identifier 4 version 7.0 trustpoint nhscm02
sccp ccm 10.20.0.2 identifier 3 version 7.0 trustpoint nhscm01
sccp ccm 10.20.30.1 identifier 2 version 7.0 trustpoint wacm01
sccp ccm 10.20.30.2 identifier 1 version 7.0 trustpoint wacm02
sccp
!
sccp ccm group 999
bind interface GigabitEthernet0/0
associate ccm 2 priority 1
associate ccm 1 priority 2
associate ccm 4 priority 3
associate ccm 3 priority 4
associate profile 10 register wienvoicegw01
registration retries 5
registration timeout 15
switchover method immediate
switchback method immediate
!
dspfarm profile 10 conference security
description ***DSP for Conference ***
trustpoint wienvoicegw01
codec g729br8
codec g729r8
codec g729abr8
codec g729ar8
codec g711alaw
codec g711ulaw
maximum sessions 4
associate application SCCP
!...
I created the trustpoints, imported via terminal the CUCM certificates / created a self-signed for the router.
Then I exported the router certifcate and uploaded it to our Publisher.
I configured enhanced conference bridge (encypted mode).
Everything else except conference calls are working - any idea?
Thanks and regards
11-22-2012 10:56 PM
I've been unable to fix it yet - still need help. Does nobody have an idea?
In most cases it seems to be a routing / firewall issue. I am quite sure that it isn't that kind of problem over here..
11-23-2012 05:41 AM
Hi Johass,
Not sure if you checked out this great link secure conferencing:
https://supportforums.cisco.com/docs/DOC-8197
It covers the registration troubleshooting as well. Let me know if it still fails and we can try and take a deeper dive into it.
HTH.
Regards,
Harmit.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: