Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1051
Views
0
Helpful
2
Replies

Expressway-C registration error TLS unknown protocol

Go to solution
Gregory Brunn
Spotlight
Spotlight

‎02-02-2020 08:18 AM

Hoping someone can help me out with this.

I am attempting to directly register SIP endpoints to the an expressway-C and it fails. In the logs I am seeing an inbound TLS negotiation error with details stating unknown protocol. Can anyone assist in helping to break down why I am seeing this.

Endpoint is Cisco EX60. Expressway is running in fips mode. I have uploaded CA certs to the endpoint that signed the expressway-C cert but without any luck.

 

 

Any one seen the a error similar to the one below or in point in the correct direction to tshoot. I have sanitize the info for other field.

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Wayne DeNardi
VIP Alumni
VIP Alumni

‎02-04-2020 05:20 PM

The EX60 is a very old device, and goes fully End of Support in a few months time (30 June 2020), so I'd start by recommending that you start looking at replacing those old systems with something newer and supportable.

But, to go in to your issue a bit more - what software version are you running on Expressway-C and the EX60?  If the EX is running very old software, this may not be helping your troubleshooting.  The current software version for an EX at the date of this post is TC7.3.20 - many of the older versions have been deferred due to a high impact security issue.

Your TLS issue may be certificate related, or DNS related.  I'd suggest you go back through the Cisco Expressway Certificate Creation And Use Deployment Guide and double check what you have configured in your environment against this.

Wayne

Please remember to mark helpful responses and to set your question as answered if appropriate.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Wayne DeNardi
VIP Alumni
VIP Alumni

‎02-04-2020 05:20 PM

The EX60 is a very old device, and goes fully End of Support in a few months time (30 June 2020), so I'd start by recommending that you start looking at replacing those old systems with something newer and supportable.

But, to go in to your issue a bit more - what software version are you running on Expressway-C and the EX60?  If the EX is running very old software, this may not be helping your troubleshooting.  The current software version for an EX at the date of this post is TC7.3.20 - many of the older versions have been deferred due to a high impact security issue.

Your TLS issue may be certificate related, or DNS related.  I'd suggest you go back through the Cisco Expressway Certificate Creation And Use Deployment Guide and double check what you have configured in your environment against this.

Wayne

Please remember to mark helpful responses and to set your question as answered if appropriate.

0 Helpful

Go to solution
Gregory Brunn
Spotlight
Spotlight
In response to Wayne DeNardi

‎02-05-2020 06:15 AM

Wayne you are spot on and actually I forgot to update this case before you replied. 

Basically certs were accepted TLS methods were not.

EX60 where only used because it what I had in lab for testing. Lab needs an update but not a huge lab budget.

0 Helpful
Customers Also Viewed These Support Documents