cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1885
Views
5
Helpful
5
Replies

Unity Connection - DRF Backup Error

Matthew Martin
Level 5
Level 5

Hello All,

Unity Connection: 10.5.2.13900-12

We recently upgraded our CUCM and Unity Clusters to v10.5(2) and since the upgrade I have been unable to get a backup working on the Publisher. When I go to "Backup History" for example, I see the error:

"Local Agent is not responding. This may be due to Master or Local Agent being down."

I have restarted the Master and Local DRF Agents on the Publisher and have not had any luck... Searching Google came up with a Certificate issue that could be causing the problem. But, I didn't want to start Generating new Certs if that wasn't the issue... DRF seems to be just fine on the Subscriber though.

Should the Pub and Sub both have ipsec.pem and ipsec-trust.pem Certs on them? Because it looks like Pub only has ipsec.pem and not the "ipsec-trust" Cert... Not sure that's the problem, but thought I should mention it.

Thanks in Advance,
Matt

1 Accepted Solution

Accepted Solutions

Varundeep Chhatwal
Cisco Employee
Cisco Employee

try uploading the ipsec from cuc-sub onto cuc-pub as ipsec.trust and same on cuc-sub as well if it missing in certificate. once you do it , restart your drf services and then check

both the servers should trust each other's ipsec.

View solution in original post

5 Replies 5

Varundeep Chhatwal
Cisco Employee
Cisco Employee

try uploading the ipsec from cuc-sub onto cuc-pub as ipsec.trust and same on cuc-sub as well if it missing in certificate. once you do it , restart your drf services and then check

both the servers should trust each other's ipsec.

Hey Varundeep,

Thanks for the reply, much appreciated!

Ok, so I downloaded the "ipsec" Cert from the Unity Subscriber and uploaded it to the Unity Publisher as "ipsec-trust".

I was then still having trouble after restarting the Master and Local DRF services so I downloaded the "ipsec" from the Publisher and attempted to upload it to the Subscriber as "ipsec-trust". However, when I attempted to do this I got an error that the Cert I was trying to upload is expired.! Not sure how I missed that...

Now that we know that the Publisher's "ipsec" Cert is expired, what do I need to do now?

Any thoughts would be greatly appreciated!

Thanks in Advance,
Matt

Just regenerate the ipsec certs on pub and then upload it on cuc-sub as trust and then restart the services

Varundeep,

Thanks again for the quick reply, very much appreciated!

Ok, so I regenerated the ipsec Cert on the Publisher. Then, I downloaded the .pem file of that ipsec Cert to my PC and uploaded that same Cert to the Subscriber as the "ipsec-trust" cert as per your Answer...

Everything seems to be working normally again. DRS backups are running without issue!

Thanks Again,
Matt

Jitender Bhandari
Cisco Employee
Cisco Employee

Hi Matt,

reference below link for troubleshooting details.

http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-version-71/111796-cucm-drf.html

HTH

JB