Showing results for 
Search instead for 
Did you mean: 

Webex Hybrid Data Security - KMS strange behavior


Hi All,


I am currently in a setup of Hybrid Data Security on Webex Teams, involving 3x KMS.

I already have a case open, but the engineer looks not understanding ...

In fact, the KMS are configured with IP:


For a total unkown reason, the KMS are sending out packet with source IP in range 172.16.X.X or 172.17.X.X. It's a total unknow range, and why the KMS will send packet with a different IP than the one configured during the setup?


As well, we saw that the KMS is sending UDP/53 (DNS) packets to IP, but same, this IP is unknown, because the DNS configured on the KMS is


My guess is that black box is running several instance of docker stuff with an internal network, but it put a total mess in the configuration and troublshooting.

If anybody has an idea, I will appreciate.



2 Replies 2


Answer to myself: after digging on the KMS, in the GUI web page, there is the menu of the network configuration, and then there is a tab named "advanced configuration". Here we can found that unknown network plan which is used by the containers within the KMS. TAC does not know what we have to do with that network, I mean if we have to configure a customer network or not.

Thanks Gabriel. It seems TAC doesn’t know much about on-prem KMS. Seems not many customers have deployed it. 

Have you encountered an issue with your other hybrid connectors (calendar, message) retrieving keys from on-prem KMS after some time?

Getting Started

Welcome to the Webex Community. This is your home to ask questions, share knowledge, and attend live webinars.

Recognize Your Peers