Buy or Renew
Buy or Renew
Welcome to the new Cisco Community. LEARN MORE about the updates and what is coming.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Help required for setup Expressway C & E

Go to solution
rupam_chakra1983
Beginner
Beginner

‎03-21-2017 02:18 PM - edited ‎03-19-2019 12:14 PM

Hi

I am trying to setup MRA .

But its unsuccessful. and getting the error in the status > unified communication

I am not using any TLS and have not uploaded any certificate since i am not using a secure deployment.

any help in troubleshooting appreciated.

2 people had this problem
Labels:
Preview file
310 KB
0 Helpful
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Sushant Sharma
Beginner
Beginner
In response to rupam_chakra1983

‎03-27-2017 08:41 AM

use both domains in expressway-E and expressway-c, just add it and enable cm and IMP registration 

Advertise  LAN 1 inside your Internal DNS Server for example:

external domain: abc.com

internal domain: xyz.com

External DNS Server:

SRV :

_collab-edge.-tls.abc.com--- pointing to vcse.abc.com

A:

vcse.abc.com--- pointing to public IP address

Internal DNS:

vcse.xyz.com--- pointing to LAN 1 IP address, who is connecting to a vcs-c IP address.

While creating a certificate in expressway-C keep in mind add expressway-e internal fQDn in San names.

View solution in original post

0 Helpful
21 REPLIES 21

Go to solution
Jaime Valencia
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee

‎03-21-2017 02:46 PM

You do need to get certificates for MRA to work, they're the foundation of this.

That is completely separate from the fact you're not using mixed mode on CUCM, that only means you won't need a few steps and SAN entries in the EXP-C certificate.

You also need to read thoroughly the MRA configuration guide which outlines all the steps and requirements for MRA to work.

HTH

java

if this helps, please rate
0 Helpful

Go to solution
rupam_chakra1983
Beginner
Beginner
In response to Jaime Valencia

‎03-23-2017 03:13 PM

Thanks Jamie for the info .

I created a CA and uploaded the signed certificate to the expressway C and Expressway E.

I uploaded the root certificate to both of the server

tried creating a traversal zone using TLS but it is not coming up.

Getting the error in the logs field

tvcs: Event="External Server Communications Failure" Reason="Connect failed" Service="NeighbourGatekeeper" Dst-ip="Public IP of Exp-e" Dst-port="7001" Detail="name:FQDN of EXP E" Protocol="TCP" Level="1" UTCTime="2017-03-23 21:21:58,918"

0 Helpful

Go to solution
Jaime Valencia
Hall of Fame Cisco Employee Hall of Fame Cisco Employee
Hall of Fame Cisco Employee
In response to rupam_chakra1983

‎03-23-2017 04:39 PM

Do you have dual NIC on EXP-E??

Or single NIC, and have you actually used the public IP??

Do you have all the proper ports open between both systems?

for MRA, you need to use the UC traversal zone, there is no TLS option there

HTH

java

if this helps, please rate
0 Helpful

Go to solution
rupam_chakra1983
Beginner
Beginner
In response to Jaime Valencia