cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
605
Views
2
Helpful
6
Replies

Jabber fails from oustide after upgrade CCUM-CUC and Expressway

sprintership
Level 1
Level 1

Hello,

We have upgraded all from 12.5 to 15 and Jabber fails (login) from outside. From inside all is fine. What would be a workaround to fix it.

I assume its not a bug but just things are a bit different in 15. I also tried xConfiguration EdgeConfigServer VerifyOriginServer: Off but still no luck. 

 

6 Replies 6

Initially, it’s necessary to gather logs from both Expressway E and C and examine them using the CSA tool. This will provide a deeper understanding of your problem.

Did you upgrade the versions of Expressway E? If so, could you specify the source and destination versions?

Prior to the upgrade, did you review all the upgrade guides and release notes?

Please provide more details about your upgrade and share the findings from the CSA tool’s analysis of the Expressway logs.



Response Signature


Yes all: 12.5 CCUM CUC & Expressway C&E to 15 version.

If you upgraded from 12.x to 15 among other things the CUCM certificates that Expressway uses would have changed. Did those get updated in Expressway after the upgrade?

And as @Nithin Eluvathingal noted, ensuring that you reviewed all of the upgrade guides and release notes will hopefully identify the problem.

Maren

sprintership
Level 1
Level 1

there seem to be two problems:

1. both CCUM pub and sub have IPs instead of DNS names,

2. Expressway C MRA cert must be present in CCUM manager and tomcat - in my case, I use self-signed cert which may be a problem. Can I use GoDaddy SSL cert? 

 

 

I have found the perfect video explaining what CA server I can use for Expressway C and Expressway E :  

My understanding is for Expressway E I can use GoDaddy SSL cert. For Expressway C I can use CA trust cert and that can be Windows CA.

 

The only question is if I need a separate certificate with a separate CSR generated for CallManager – Trust and separate for Tomcat – trust – correct?

These certificates are different once, so yes you’ll need to have separate CSRs.



Response Signature