Just hoping someone would be

PWJPW · ‎09-22-2016

Hi All

We recently upgraded from UC 10.5.2 to 11.5.1 (CUCM,CUPS and CUC).

We use Jabber for Windows and MAC devices, all working well, but all 3rd party XMPP clients can no longer authenticate.

Looking at the debug logs of an XMPP client (such as Pidgin), it shows the problem:

(11:26:42) jabber: Sending (ssl) (me@mydomain.com): <stream:stream to='mydomain.com' xmlns='jabber:client' xmlns:stream='http://etherx.jabber.org/streams' version='1.0'>
(11:26:42) jabber: Recv (ssl)(178): <stream:stream xmlns='jabber:client' xml:lang='en-US.UTF-8' xmlns:stream='http://etherx.jabber.org/streams' from='mydomain.com' id='TJbNCkdwzZW7RT0o0SvDvA6628' version='1.0'>
(11:26:42) jabber: Recv (ssl)(139): <stream:features><mechanisms xmlns='urn:ietf:params:xml:ns:xmpp-sasl'><mechanism>CISCO-VTG-TOKEN</mechanism></mechanisms></stream:features>
(11:26:42) sasl: Mechs found: CISCO-VTG-TOKEN
(11:26:42) sasl: No worthy mechs found
(11:26:42) connection: Connection error on 06DF7CE8 (reason: 3 description: Server does not use any supported authentication method)

However, according to Cisco documentation, CUPS should support/allow both PLAIN AND CISCO-VTG-TOKEN mechanisms.

https://developer.cisco.com/fileMedia/download/a2ce9071-4c3b-4ad5-adaa-095153ea1b4c

In particular:

Cisco Unified CM IM and Presence provides two different SASL authentication mechanisms when connecting over the XMPP Interface: PLAIN and CISCO_VTG_TOKEN. When an XMPP Client connects to Cisco Unified CM IM and Presence, the server will return the supported SASL authentication mechanisms in in stream features:

<mechanisms>
<mechanism>PLAIN</mechanism>
<mechanism>CISCO_VTG_TOKEN</mechanism>
</mechanisms>

Seeing as CUPS is not sending the PLAIN mechanism option to the client, it cannot proceed.

Does anyone know a setting in CUPS where it may have been disabled, or how else to check/debug?

Thanks

James

PWJPW · ‎09-26-2016

Just hoping someone would be able to advise what the solution may be.

Thank you

James

PWJPW · ‎10-04-2016

Just hoping someone can work some magic on this for me?

a.kolpakov · ‎10-18-2019

HI!

Do you find solution of this issue?

jkhtkd5385 · ‎05-31-2017

Did anyone ever get this to work? I have it working internally but not through Expressway.

peterputt · ‎01-23-2018

Hi

how did you get to work internally?

Regards,
Peter

visitdemo11 · ‎11-01-2017

How did you solve this issue?

M Reza · ‎08-15-2022

i have this problem too,

does anyone know how we can fix this issue?..

we installed cucm,cup 12.5 su6 + expressway core,edge 12.7.1

jabber lan login is ok

but jabber MRA internet login says: cannot connect to the server, Internal server error

and we also tested CollabEdgeValidator in cway.cisco, it says: CISCO-VTG-TOKEN not found in authentication mechanisms.

does anyone know how we can fix this issue?..

..if this (helps) or (answered your question), please click (Helpful) or (Accept as Solution)..

b.winter · ‎08-15-2022

Hi, your question has nothing to do with the original post.

The original post tried to login directly to IMP (internally) with a 3rd party client.

You have problems logging in with Jabber via MRA. Maybe you should look up the forum about your problem or create a new post.
One issue could be, that there is no reverse pointer entry in the public DNS, for your Exp-E Public IP.

CUPS 11.5 not allowing XMPP clients to authenticate