I suspect it may be due to a recent CUCM upgrade (11.5.1) but my Expressway C cannot communicate with it:
SIP: Failed to connect to 10.1.16.1:5065 : No response from system
Both systems have been rebooted, but still not working.
What software version is your Expressway running?
When running CUCM 11.5(1), due to changes in the IM&P Service, you should be running Expressway X8.8 and later as earlier versions are not compatible, refer to the Interoperability section of the Expressway X8.8 Release Notes.
Has anything else changed, other than upgrading CUCM?
I think it's down to a certificate issue (when isn't it!). When I change the SIP trunk security profile to TCP from TLS, connectivity is restored. I'll refresh the certs to confirm.
Do certs change when upgrading?
First thing first, are you using a self signed certificate or CA signed ?
CUCM 11.5 brings support for ECDSA certificate.
Is this for MRA ? or a normal CUCM neighbour zone on TLS for CUCM B2B Calls ?
If its for B2B calls, Can you go to CUCM Enterprise parameter and then check for "security parameters" and you will see TLS ciphers. what do you have configured there ?
By default its "All Ciphers RSA Preferred". Just make sure you have set that under enterprise parameter.
Also check the security profile to verify if the correct port is configured( 5065 as you mentioned) along with the correct FQDN for the incoming certificate.
If it still fails then do a tcp dump at both the end and check the certificates, what you are sending and what is getting received and then make sure certificates are trusted at both the ends.