Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1152
Views
0
Helpful
2
Replies

Problem with MRA registration with two domain deployment

goranpilat
Level 3
Level 3

‎02-22-2019 12:45 AM

Hi,

 

So I have deployment with abc.local and abc.com. Users will be joining with abc.local only, to make login proces transparent to them. So I put local config file in Jabber 11.7.2 (version which doesn't encode local config files, and still cares If I put jabber-config-user.xml on the right place) voiceServiceDomain=abc.com serviceDomain=abc.local.

I see it resolving colab_edge.abc.com, goes to EXPE, through UC traversal zone to EXPC, asks me for passoword.

On jabber I am getting that communication with  server is not possible. In EXPC event logs I see that my username is successfully authenticated, however I am also getting an error:

 

traffic_server[25371]: Event="Request Failed" Detail="Access denied" Reason="Request domain not in authorised deployment" Username="gpilat" AuthDeployment="1" ReqDomain="abc.com" ReqDeployment="0" Request="https://cisco-cucm3.abc.local:8443/cucm-uds/version" UTCTime="2019-02-21 15:43:30,922"

 

I followed Mobile and Remote Access Through Cisco
Expressway deployment guide, as well as :

 

https://www.cisco.com/c/en/us/support/docs/unified-communications/expressway-series/117811-configure-vcs-00.html

 

Why is EXPC going to CUCM with domain abc.com? when it is my outer domain and serves purely for resolving EXPE?

I put this domain in EXPC's server certificate, but it didn't help.

Should I put it in IM&presence as additional domain?

My jabber can login with no problem from the inside with gpilat@abc.local

 

any suggestion is welcomed

 

Goran

 

Labels:
0 Helpful
2 Replies 2

Sandro Nardi
Spotlight
Spotlight

‎03-14-2019 05:25 AM

Hi,
is the domain configured on Expressway C under Configuration->Domain?
is correctly syncronized with Expressway E under Status-> Unified Communications status -> Domains?
0 Helpful

goranpilat
Level 3
Level 3
In response to Sandro Nardi

‎08-29-2019 05:26 AM

Hi,

 

got it working in the meantime, and here's what the deal was:

 

I had the same string set in "domains" for MRA and webRTC link in CMS section (both on Expressway)

 

both were set to video.XXXX.YY. When I realised where the catch was, I changed CMS link to cms.video.XXXX.YY and the error was gone.

 

Misleading was the following:

If you first do "CMS" portion, and "Domain" portion afterwards, you will not get any configuration error, expressway will allow you to configure it in such way only to drive you mad with error from the logs from the original post.

If you do it the other way around (which, of course, isn't how I did it), it will give you error making you re-evaluate your domains/links).

 

Anyway, hope this will help somebody

 

0 Helpful
Customers Also Viewed These Support Documents