Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
118
Views
0
Helpful
0
Replies

Cisco Jabber replacement server testing problems

Simon Edwards
Level 1
Level 1

‎06-09-2025 09:52 AM - edited ‎06-09-2025 10:02 AM

I have a Cisco CUCM HA Cluster (v14.0), and Cisco Expressway HA cluster, which users only connect to using MRA.  The Expressway set up is I have a primary and secondary C server, and a primary and secondary E server.  CUCM has publisher and 7 subscribers.  We also have 2 IM&P servers. 

When using Jabber, and SSO, this all works and has done for some time (I wasn't involved in the deployment of this.)

I'm now trying to replace the Expressway servers with new servers on a different VMware deployment, and with latest Expressway software (x15.2.2).  I have the new Expressway servers set up exactly the same as the existing servers, and I have configured (as far as I can tell) the SSO on the new servers by exporting the metadata from the Expressway cluster, I've given this to our ADFS folks, they have configured their end and have passed back a metadata file that I have imported in the Expressways. 

Now comes the complicated bit.  I want to test my new servers without shutting down the old servers first.  My methodology is that I have a local DNS server which is providing the SRV records to my local Jabber client, and which points me to the new Expressway servers. This allows all the existing Jabber users get their SRV records from the organisations main DNS, which point to the old servers, and so they continue connecting via the old Expressways, while I can connect via the new Expressways.

However, I'm hitting a problem.  When I try to log in to my Jabber account via my test setup, I receive our organisations SSO log in page ok, but on entering my id and password I then get a kind of HTML page which says "This website declined to show this webpage.   ..... blah blah...  This error (HTTP 403 Forbidden) means that this program was able to connect to the website, but it does not have permission to view the webpage".

I know my Jabber account is valid because I can connect Jabber via the old servers ok. So, is my testing  methodology valid?  Can I test the new servers like this, while the old servers are still in service?  If so, why am I hitting this error?  Wireshark tells me my local machine is talking to the new Expressway servers as I would expect, so that all looks good.  As far as I can tell, the new servers are all able to talk to each other ok (they are on a separate subnet to the old servers).

The HTML type error page flashes up 4 or 5 times and then I land back at the Jabber app saying "Cannot Open Page, Try again later".

Any clues as to why I'm getting this 403 response would be most welcome.  And any suggestions of how to test this and what to look for in log files is also welcome.

0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents