cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
826
Views
0
Helpful
7
Replies
Highlighted
Beginner

Cisco MRA not working *New deployment*

We are having trouble getting MRA working in our environment and would like some help to identify why it is not working.

We are currently running


CUCM : System version: 11.5.1.15900-18 Unrestricted
Cisco VCS Control: Version: X8.11.4
Cisco VCS Expressway: Version: X8.11.4

 

Everything seems to be configured correctly but I am not able to work out where this is falling over.

On the VCS Control I can see the user is authenticated:


edgeconfigprovisioning: Level="INFO" Detail="Authenticated user successfully" Username="8130" ClientId="85.255.234.187" UTCTime="2019-03-20 09:48:04,482"

 

But the Expressway gives the error:
traffic_server[7453]: Event="get_edge_sso" Detail="Access denied" Reason="Only legacy auth supported" Domain="global.com" Src-ip="85.255.234.187" Src-port="17712" UTCTime="2019-03-20 09:47:50,907

 

I've tried to find more information on the Reason="Only legacy auth supported" but cannot find any further information.

Everyone's tags (1)
1 ACCEPTED SOLUTION

Accepted Solutions
Beginner

Re: Cisco MRA not working *New deployment*

Did you get solve this problem?

7 REPLIES 7

Re: Cisco MRA not working *New deployment*

This doesn’t directly answer your question but two abnormalities stand out in your post:
1. You have the unrestricted version of CUCM deployed. This is only intended for countries with export restrictions (eg Iran, Syria, North Korea). Unless you are in one of those counties stop now and reinstall the restricted version. There is no way to switch back later and ICE pass through support in x12.5 will not work with the Unrestricted version.
2. Why are you using VCS instead of Expressway-C/-E? This is not the correct choice for a new deployment.
Beginner

Re: Cisco MRA not working *New deployment*

Hi Jan,

I was curious if you were able to resolve this issue as I ran into this as well. In my case I'm running "Authorize by user credential" on the Expressway C and I have no issues with users logging into Jabber on the inside. I get the same errors where it shows Authenticated Successfully on the Core but get's "Access Denied" with "Only legacy auth supported" on the Edge.

 

Thanks! 

Beginner

Re: Cisco MRA not working *New deployment*

im having the same issue with a x12.5 deployment, this was usually related to authentication policy set for MRA on the C but i made sure it is set to UCM Basic LDAP/Auth

Beginner

Re: Cisco MRA not working *New deployment*

Did you get solve this problem?

Beginner

Re: Cisco MRA not working *New deployment*

Hi Jan, please, let us know, how did you get to resolve this issue?

 

Beginner

Re: Cisco MRA not working *New deployment*

Hello,

 

CSCuo83458

 

Regards,
Jan

Beginner

Re: Cisco MRA not working *New deployment*

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCuo83458/?reffering_site=dumpcr

 

There are three ways to fix this:

- Change the FQDN configured on VCS/Expressway-E to match the FQDN returned by the _collab-edge SRV record.

- Change the FQDN returned by the _collab-edge SRV record to match the FQDN configured on VCS/Expressway-E.

- Change the FQDN returned by the _collab-edge SRV record to an alias of the FQDN configured on VCS/Expressway-E, with the requirement that the alias has to be in the same domain as the FQDN

CreatePlease to create content
Content for Community-Ad
July's Community Spotlight Awards