Hello Jaime, thank you for your answer.

1.- Yes is the same domain internally and externally.

2.- This CUCM is not integrated with ldap, so the local base userID is used.

3.- yes, We're using default JID.

4.- I've just tried, the same result.

5.- that url with user without domain returned found (internally).

Thanks a lot for your help Jaime.

What do you mean without domain??

From the .txt I could see a domain there

You need to try EXACTLY the same your EXP-C is trying, if there's a domain there, you need to include that as well.

With rcaero, It says found, 

with rcaero@domain.com, It says not found.

Jaime, I've found the next log:

https://cucm.domain.com:8443/cucm-uds/clusterUser?username=fmoreno

It returned found.

Thanks for your help.

Jaime, 

I've found something weird, 

The logs show the user gets authenticated, obtain the device list, services, server addresses, and sipEdgeServer.

But then the Jabber tries to authenticate to CUP private adress, the _cuplogin and _cisco-uds can not be resolve from outside.

I do not have idea what is happening.

Thanks a lot for your help Jaime.

I'd probably try a couple of things

A) give those expressways a reboot, and make sure you can see the connection to EXP-E up after they come up.

B) after the reboot, go to config -> UC -> UCM, select the servers, and hit refresh servers, repeat for IM&P and CUC.

Then try to login again.

Hi Jaime, 

I did that, still the same.

Somebody configured the Exp's for B2B before RMA, 

May the rearch rules affect the RMA's performance?

Thanks for your help.

search rules attached.

OK, are there any warnings on either of your expressways??

Please make sure that there's no zone that is using port 5060, as it needs to be dedicated to the connection to CUCM, and cannot be used for anything else if you're using MRA.

Hi, 

The only zone with port 5060 is the auto-created for CUCM, 

The CUCM has one trunk with port 5060 to Exp-Core for B2B.

The sip configuration on boths EXP's is:

tcp:5060

tls:5061

mtls:off

udp:off

ipv6:off

Thank you for your help.

Then that's your problem, you CANNOT use port 5060 from CUCM if you're going to configure anything else besides MRA, and if you do not have an alert on EXP-C, that means that your neighbor zone is not using port 5060, otherwise it would have told you, you were using the same port to the same destination in more than one zone.

That SIP trunk you use for B2B, CANNOT use port 5060, you need to change that.

Port 5060 has to be reserved for MRA registration on CUCM for EXP-C

That is a great information,
I will try it in the night.
To change EXP-C's sip listening port is under Configuration->Protocols->SIP, Right?
Thanks a lot for your help.

No, you're not understanding, what you need to do, is change the port on CUCM for that SIP trunk to something else, and the neighbor zone for B2B has to match that port.

Port 5060 for communication between CUCM and EXP-C, is already used for MRA (and you cannot change that), any other SIP trunk you want to configure between them, has to use ports that are not already in use.

You don't need to change absolutely anything else.

Got It, 

will try tonight.

I will post the results,

thanks again.