Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
2469
Views
0
Helpful
2
Replies

Cisco Expressway Jabber MRA "cannot connect to cisco unified communication manager"

Go to solution
Daniov1
Level 1
Level 1

‎05-19-2018 01:52 AM - edited ‎03-18-2019 02:07 PM

 

Hello.

In my eviroment I have Expressway for MRA

Internet>>EXP-E>>EXP-C>>Cisco UC servers

All the users in the organization trying to connect to jabber by MRA.

After the user logged in to Jabber for mobile(I see in CUCM the device is in Register mode)

In the mobile the UCServices write "Cannot connect to Cisco Unified Communication Manager Server, Check your network setting".

The firewall isnt blocking ports.

The status in unified communication is active, The traversal zone is active and the cucm as well.

Inside my organization(Lan) the jabber is working well.

I have cheked the firewall,Configuration on EXP-C and EXP-E.
I have tried to collect logs from EXP-C while login capture and I saw there is a problem between EXP-C and CUCM in port range 350101 - 350353 ( their is no firewall between of them).

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Daniov1
Level 1
Level 1
In response to ositechintl

‎06-12-2018 03:34 AM

Hi

 

Yes I solved it.

Their was FW issue , Check that the FW get the SIP TLS 5061 from the Internet interface(Eth0 for example) and that the traffic going to the DMZ Interface(Eth1 for example).

In my issue the Traffic arrive to Eth0 but not arrive to Eth1 and i didn't see any drop.

TLS 5061 inspection must be disabled In Check Point Firewall (Some version of Checkpoint have BUG: Inspection can be configured on another rule of 5061 but anyway it’s influencing on all rules with 5061 port in FW).

 

Daniel.

 

View solution in original post

0 Helpful
2 Replies 2

Go to solution
ositechintl
Level 1
Level 1

‎06-12-2018 03:19 AM

Hi,

 

I too have the same problem.

 

Did it resolved? 

0 Helpful

Go to solution
Daniov1
Level 1
Level 1
In response to ositechintl

‎06-12-2018 03:34 AM

Hi

 

Yes I solved it.

Their was FW issue , Check that the FW get the SIP TLS 5061 from the Internet interface(Eth0 for example) and that the traffic going to the DMZ Interface(Eth1 for example).

In my issue the Traffic arrive to Eth0 but not arrive to Eth1 and i didn't see any drop.

TLS 5061 inspection must be disabled In Check Point Firewall (Some version of Checkpoint have BUG: Inspection can be configured on another rule of 5061 but anyway it’s influencing on all rules with 5061 port in FW).

 

Daniel.

 

0 Helpful
Customers Also Viewed These Support Documents
Top