ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
436
Views
0
Helpful
2
Replies
Highlighted
Rising star

Expressway-C registration error TLS unknown protocol

Hoping someone can help me out with this.

I am attempting to directly register SIP endpoints to the an expressway-C and it fails. In the logs I am seeing an inbound TLS negotiation error with details stating unknown protocol. Can anyone assist in helping to break down why I am seeing this.

Endpoint is Cisco EX60. Expressway is running in fips mode. I have uploaded CA certs to the endpoint that signed the expressway-C cert but without any luck.

 

 

Any one seen the a error similar to the one below or in point in the correct direction to tshoot. I have sanitize the info for other field.

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advisor

Re: Expressway-C registration error TLS unknown protocol

The EX60 is a very old device, and goes fully End of Support in a few months time (30 June 2020), so I'd start by recommending that you start looking at replacing those old systems with something newer and supportable.

But, to go in to your issue a bit more - what software version are you running on Expressway-C and the EX60?  If the EX is running very old software, this may not be helping your troubleshooting.  The current software version for an EX at the date of this post is TC7.3.20 - many of the older versions have been deferred due to a high impact security issue.

Your TLS issue may be certificate related, or DNS related.  I'd suggest you go back through the Cisco Expressway Certificate Creation And Use Deployment Guide and double check what you have configured in your environment against this.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

View solution in original post

2 REPLIES 2
Highlighted
VIP Advisor

Re: Expressway-C registration error TLS unknown protocol

The EX60 is a very old device, and goes fully End of Support in a few months time (30 June 2020), so I'd start by recommending that you start looking at replacing those old systems with something newer and supportable.

But, to go in to your issue a bit more - what software version are you running on Expressway-C and the EX60?  If the EX is running very old software, this may not be helping your troubleshooting.  The current software version for an EX at the date of this post is TC7.3.20 - many of the older versions have been deferred due to a high impact security issue.

Your TLS issue may be certificate related, or DNS related.  I'd suggest you go back through the Cisco Expressway Certificate Creation And Use Deployment Guide and double check what you have configured in your environment against this.

Wayne
--
Please remember to rate responses and to mark your question as answered if appropriate.

View solution in original post

Highlighted
Rising star

Re: Expressway-C registration error TLS unknown protocol

Wayne you are spot on and actually I forgot to update this case before you replied. 

Basically certs were accepted TLS methods were not.

EX60 where only used because it what I had in lab for testing. Lab needs an update but not a huge lab budget.