Hi Paulo,

outgoing calls to Cisco Jabber Free work fine, only incoming calls have an issue.

I tried your suggestion and disabled SIP TLS on the Expressway, but somehow the connection is also terminated with a FIN.

About the deployment:

VCS-C in the internal network, VCS-E with one Leg (NIC 2) in the same network, VCS-E leg two (NIC1) NATed behind a firewall.

Regards,
Paul

Hey Paul,

I think it may be something related to your firewall as you cannot even stablish a layer 4 connection, not sure. Can you check your firewall logs and configuration? Are you able to receive calls from another external systems? What about H323 calls, does it work?

Regards

Paulo Souza

Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Hi Paulo,

I can call new system from our internal system via SIP and H323, even if I enable certificate checking on our VCS Expressway. That's the reason why I'm not sure, if this is really related to the firewall.

I'll also get tcpdumps from outside of the firewall, so I can really confirm that the firewall is not blocking anything.

Regards,
Paul

Hey Paul,

But what about receiving external calls from another external systems other than Jabber Free, are you able to? Did you try to receive calls using H323?

Also, when I said something related to the firewall, I was talking about some strange behavior, not about blocking communication indeed. As I can sucessful receive call from Jabber Free in my environment, it is hard to say that it is some problem related to VCS itself. Did you get the same behavior before enable certificate on VCS?

Regards

Paulo Souza

Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Hi Paulo,

the new installation I was referring to is a customer installation. We have got our own internal Telepresence system.

The issue only exist at our customer system. I have always been able to call into the customer system with SIP and h323.
From the cisco free jabber client call in did not work, even after installing an official certificate or disableing SIP TLS calls from the Cisco Jabber Video Cloud did not work. Calls to the free Jabber Video do work though.

Sent from Cisco Technical Support iPad App

Hey Paul, it is really a strange behavior. I am looking at your screen capture, I see the error "TCP Checksum incorrect", that's why you receive a FIN message and the TCP connection is not established.

I have no ideia what it is causing this issue. I would probably try to put the firewall out of the game, just to make sure that it is not related to the any firewall strange behavior or configuration. I would also check the whole path of the network to see if there is any layer 3 or 4 device that could cause the problem. Just hints, I am not sure.

Paulo Souza

Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Hi Paulo,

TCP Checksum incorrect is not an issue, this is caused by TCP checksum offloading. In older days the CPU had to calculate UDP and TCP checksums, but in nower days the NIC card calculates these.

Regards,
Paul

You are right. I was reading something on google on this matter, and it is really not a issue.

Well, as you are saying that you dont even receive a call invite from Jabber Free because the connection is closed, I dont have nothing in mind to suggest you, I have never seen this issue before, it is really a strange behavior.

One more thing, did you get the same problem before enabling certificate on VCS?

Paulo Souza
Was my response helpful? Please rate useful replies and remember to mark any solved questions as "answered".

Sent from Cisco Technical Support iPad App