cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5226
Views
13
Helpful
18
Replies

Telepresence Conductor not registering on CUCM

I am trying to setup 1 Telepresence server under a Telepresence Conductor but when I create a Conference bridge pointing to the ad-hoc IP address setup on the Conductor, the CUCM show registration "Unknown" and IP address "Unknown". In other words the Telepresence Conductor do not register as an ad-hoc conference bridge under the CUCM

  • The CUCM is in version 9.1,
  • The TS in version 4.0
  • And the Conductor in version 2.4.1 (Conductor Essential version - the free version limited to 1 TS)

Because the CUCM is in version 9.1 I looked at both manuals :

Both the CUCM servers (all servers) and the Conductor have their certs certified by the same Trust CA which certificate is uploaded in the Conductor trust CA and the CUCMs CallManager-trust certificates. So there should not be any certificate issue.

The Conductor and Telepresence Server config seems OK. The Conductor shows the Telepresence Server as Active on the Conference Bridge.

I created on the CUCM an encrypted SIP trunk security profile, with the name of the Telepresence Conductor as it appears in the cert (note that depending on the docs it says to put here the name of the CUCMs...) as they appear on the certs in the "X.509 Subject Name".

And created the conference bridge with

  • Bridge Type = Cisco Telepresence MCU
  • the destination IP address setup as the Conductor ad-hoc IP address
  • MCU Conference Bridge SIP Port = 5061 (in older docs it says 5060 but doesn't make a difference)
  • SIP Trunk Security Profile = The secured profile I created
  • SIP Profile = Standard SIP Profile For TelePresence Conference
  • Normalization Script Info - Script = telepresence-conductor-interop (which I downloaded from Cisco site)

I tried to look at the CallManager logs using RTMT but didn't found much (don't know exactly where to look though).

In the SDL logs I found that message: "No registered Device found in this node" regarding the conductor device name

18 Replies 18

Jonathan Robb
Cisco Employee
Cisco Employee

Hi,

I would set the sip trunk security profile to the non secure profile for telepresence, set the sip port to 5060, and untick the HTTPS port for the HTTP / username section, do a save, apply, reset.  You should be able get the Conductor registered in this state and out of 'unknown'

If you are able to, then tic the HTTPs box, ensure the port is on 443, save, apply reset. Then, change the security profile to your conductor secure profile, change the sip port to 5061, - and save, apply, reset.

This is probably an extra step here but just try this and see if it will at least come out of 'unknown' step and into unregistered at the very least.

-Jonathan

Jonathan,

Thanks a lot for trying to help.

In the CUCM I followed the steps you mentionned

  • change the Bridge port to 5060,
  • change the SIP Trunk security profile to Non Secure SIP Trunk Profile
  • Change the HTTP Port to 80
  • uncheck the Use HTTPS box

That didn't worked at first. I had to go on the Telepresence Server in Network > Services and re-enable SIP(TCP) and SIP (UDP) and then it would register on the CUCM.

Once that was working, on the CUCM, I switch the  HTTP Interface Info port to HTTPS. It was still registered.

Then ifin the SIP Interface info I switch back the Bridge port to 5061 and the SIP Trunk Security Profile to my secure profile it goes unregistered. I went back to the Telepresence Server in Network > Services and disabled again SIP(TCP) and SIP (UDP) but the result is the same.

So I currently switched back to port 5060 and Non Secure SIP Trunk Profile.

Where should I look for logs?

And I have to say that there is something in the CUCM-Conductor Telepresence Server interaction I don't quite understand: the fact that I have to go and re-activate the 5060 SIP port on the TS for the CUCM-Conductor connection to work on that port is puzzling.

 

Hi Matt,

Did you ever get this sorted. I'm also having this issuing except i'm using version 10.5 of CUCM and Conductor 2.4. Just curious if you got it working over port 5061 or not.

 

Also does anyone know if you can just use the self signed certs of CUCM and Conductor to do this or do you need to get a real cert from a provider. If you can use the self signed do you just uploaded the PEM file for Conductor under Call-manager Trust or does it got someplace different? Possibly tomcat?

I had to reboot my whole cluster. I didn't change the config at all. Just restarted the servers. Obviously not the right fix but I was just tired of dealing with it. It was a small deployment.

Yeah I tried that no dice.

 

Chuck mine only registers using 5060 and port 80 soon as i switch to 5061 and 443 It will not register. Did you get this working on 5060 or 5061?

 

If so did u use Self Signed certs from CUCM and Conductor?

 

 

Strangely mine is set to port 80 and 5061. So secure but not so secure. I am not using self signed certs I am using CA signed certs generated from our own internal CA.

Yeah I'm really not sure if using the self signed are even an option. It doesn't say in the guide, it only references using a signed CA .

 

For the certs that you uploaded. Did you have to put them onto both CUCM and Conductor? If so what place did you have to put the Conductor Cert, was it a CallManager trust or a Tomcat trust

 

Humm I just tried what u said and did 5061 on the Trunk and 80 on the CFB configuration page and it registers. 

 

As i mentioned I'm just using self signed. And I put the Conductor Cert undeter CUCM-Trust and the CUCM certs I appended into the Conductor Cert page. 

 

I wonder if i just uploaded the Conductor Cert under Tomcat-trust then it would work?

On UCM I put it in the tomcat-trust only. On the conductor there is only one.

Thanks that did the trick !

 

I put the self signed in the tomcat-trust and it's working now on 5061 and 443

 

Cheers

Awesome. Thanks for the rating. Glad it worked for you. Now to test mine on 443. :)

Thanks for all the comments

On my side, I am using our AD sub CA signed cert on both the CUCM and Conductor and have uploaded on both all sub and root CA certs but I still have the same issue

Hi Matt

 

Thanks for the feedback. I have it working now

 

Matt for the record, 3 months ago i tried to get it working on CUCM 9.1 and never got it to register. In the end TAC said got to 10.5 and I have done 2 customers now at 10.5 and it registers just fine.

 

Ryan

Hi Ryan,

Regarding registering MRG for TP conductor with HTTPS(443), i have signed conductor certificate request from internal CA, shall i upload both CA and conductor certificate at CUCM tomcat-trust or conductor certificate only.

Thank you for your help.

Thanks

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: