cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3004
Views
10
Helpful
4
Replies

VCS 8.1 COLLAB EDGE does not work

sebastjankocelj
Level 1
Level 1

Hi All,

I am trying to test collab edge functionality on VCS 8.1 and CUCM 9.1.2. DNSs are fine, but telnet does not work for both ports (8443 and 5222). Port 5222 in unreachable. There is no issue with FW, because this ports are opened. I can access port 5222 locally to IM&P server. In VCS-C the status of CUCM and IM&P is Active. Do you have any ideas, what am I missing?

BR,

Sebastjan Kocelj

2 Accepted Solutions

Accepted Solutions

epicolo
Level 3
Level 3

Are you checking this ports in a VCS E (not VCS C)  running X8.1 and with Remote and Mobile feature enabled?

As you said, your public DNS and external FW should be configured to accept this requests.

The X8.1 have an Automated protection, please revise the internal VCS E Firewall rules and also check the inbound port usage at VCS E menu.

You can also SSH into VCS E using root and use netstat or other Linux commands to check network conectivity.

Hope it helps.

Regards

Elter

View solution in original post

- I am checking this port on external IP of VCS-E. Remote and Mobile feature IS enabled.

- DNS and FW are configured as supposed to.

- I do not have any FW rules configured on VCS-E, and for sure ASA is forwarding 5222 and 8443 ports to VCS-E. Local Inbound Ports list contains 8443 and 5222.

- I can see that the port 5222 is listened of the internal IP address. Not for ALL.

--------------------------------

~ # netstat -an |grep 8443

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN

~ # netstat -an |grep 5222

tcp        0      0 192.168.50.1:5222     0.0.0.0:*               LISTEN

~ #

--------------------------------

So this does not look OK, because local IP is used for 5222 port. After investigating IP settings on VCSE, I have found that the settings for external IP is actually local IP Address. After changing this and restarting the system, the telnet is working and Jabber is connecting via VCSE without VPN. Thanks for the hints...

View solution in original post

4 Replies 4

epicolo
Level 3
Level 3

Are you checking this ports in a VCS E (not VCS C)  running X8.1 and with Remote and Mobile feature enabled?

As you said, your public DNS and external FW should be configured to accept this requests.

The X8.1 have an Automated protection, please revise the internal VCS E Firewall rules and also check the inbound port usage at VCS E menu.

You can also SSH into VCS E using root and use netstat or other Linux commands to check network conectivity.

Hope it helps.

Regards

Elter

- I am checking this port on external IP of VCS-E. Remote and Mobile feature IS enabled.

- DNS and FW are configured as supposed to.

- I do not have any FW rules configured on VCS-E, and for sure ASA is forwarding 5222 and 8443 ports to VCS-E. Local Inbound Ports list contains 8443 and 5222.

- I can see that the port 5222 is listened of the internal IP address. Not for ALL.

--------------------------------

~ # netstat -an |grep 8443

tcp        0      0 0.0.0.0:8443            0.0.0.0:*               LISTEN

~ # netstat -an |grep 5222

tcp        0      0 192.168.50.1:5222     0.0.0.0:*               LISTEN

~ #

--------------------------------

So this does not look OK, because local IP is used for 5222 port. After investigating IP settings on VCSE, I have found that the settings for external IP is actually local IP Address. After changing this and restarting the system, the telnet is working and Jabber is connecting via VCSE without VPN. Thanks for the hints...

I know this is an old discussion, but I need to know what if the 5222 port looks closed in the Exp-E. In my case, the netstat show this:

~ # netstat -an | grep 5222
~ #
~ #

~ # netstat -an | grep 8443
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN

 

How can I enable the XMPP port?

Just forget it...in new version of Expressway-C you need to add the services supported for the internal domain for IM&P like the IM and Presence service and XMPP Federation, so when you enable it and restart the XCP Router service in  IM&P server the port will be active and in LISTEN status.