Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1667
Views
0
Helpful
2
Replies

iPhone Jabber & AnyConnect with ASA5505 and UC540 won't connect

Go to solution
jan.lipkowski
Level 4
Level 4

‎10-21-2012 11:11 AM - edited ‎03-21-2019 06:27 AM

So I have been trouble shooting this for a while.

Goal: having Cisco Jabber to work over 3G by connecting to ASA5505 using the iPhone AnyConnect client.

My diagram:        iPhone (Jabber/AnyConnect) -> Internet -> ASA5505 -> UC540

ASA/UC540 Vlans:     voice Vlan 10.1.1.0/24, data Vlan 192.168.1.0/24

The connection between the ASA and UC540 is trunk port allowing vlan 1 and 100 (data and voice)

ASA5505 AnyConnect address pool: 172.16.1.X/27

If I connect to the UC540 over wifi, Jabber works perfectly (all incoming, outgoing, and voicemail)

If I connect to the ASA5505 via 3G (AnyConnect client) and the iphone receives a 172.16.1.1 address, it can ping CME/CUE no problem but the Jabber client connect.

Here is the crazy part... if I change the AnyConnect address pool to be the same as the voice vlan (to 10.1.1.100-120 ensuring no IP address overlap) Jabber connects on the iPhone but messaging does not work - CUE can't access the iphone when it receives a 10.1.1.100 address assigned by the firewall.

Please help... I believe it's a routing issue.  When running 'debug ip icmp' on the UC540 while trying to register with the iPhone, the debug shows:

003949: Oct 21 18:06:55.233: ICMP: dst (10.1.10.2) port unreachable sent to 172.16.1.1

strange... why is it sending port unreachable?  I can ping 172.16.1.1 from CME and CUE no problem.

Thank you!

Cheers,

Jas

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
bjames
Level 5
Level 5

‎11-01-2012 09:38 AM

Jas,

Sorry to say this is not supported, several of us have got it to work, but for me it all of a sudden drops the call. I'm not sure when it will be 100% supported but maybe someone from teh business unit can address that.

Part of the reason is the phone must be on the Voice VLAN (according to the docs) so I am not sure how you are bridging the voice vlan through the firewall in a routed configuration.

Bob James

View solution in original post

0 Helpful
2 Replies 2

Go to solution
bjames
Level 5
Level 5

‎11-01-2012 09:38 AM

Jas,

Sorry to say this is not supported, several of us have got it to work, but for me it all of a sudden drops the call. I'm not sure when it will be 100% supported but maybe someone from teh business unit can address that.

Part of the reason is the phone must be on the Voice VLAN (according to the docs) so I am not sure how you are bridging the voice vlan through the firewall in a routed configuration.

Bob James

0 Helpful

Go to solution
jan.lipkowski
Level 4
Level 4
In response to bjames

‎11-05-2012 06:49 AM

Thanks Bob... I had my Cisco Channel Account Manager confirm this as well... though it was once supported (short period), they removed it.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents