VCS Provisioning Extension Jabber 4.3 calling problem

Ian Darby · ‎05-28-2012

Hi,

We have recently upgraded our TMS to 13.2 and we are running X7.1 on our VCSC & VCSE. We configured the new Provisioning Extension and synchronised all of the services between TMS-VCS OK.

When we attempted to configure Jabber 4.3 clients within the PE on TMS, we could not call between any Jabber clients internally. Calls between Jabber clients and other room-based C20, 1700 systems worked OK, and calls externally worked fine as well.

When calling between Jabber clients internally, Jabber just kept coming up with a call fail error.

Search history from the VCSC below:

Search (224)
- State: Completed
- Found: False
- Reason: Forbidden
- Type: SIP (INVITE)
- CallSerial Number: 156afcb6-a922-11e1-ad32-0010f30f59e4
- Tag: 156afdec-a922-11e1-a40a-0010f30f59e4
- StartTime: 2012-05-29 12:06:05
- Duration: 0.01
- Source (1)
- - Authenticated: True
- - Aliases (1)
  - - Alias (1)
    - - Type: Url
    - - Origin: Unknown
    - - Value: Richard.Bullock@vcs.agile.co.nz
- - Zone (1)
  - - Name: LocalZone
  - - Type: Local
- - Path (1)
  - - Hop (1)
    - - Address: 172.17.17.108:54148
- Destination (1)
- - Alias (1)
  - - Type: Url
  - - Origin: Unknown
  - - Value: sip:Ian.Darby@vcs.agile.co.nz
- SubSearch (1)
- - Type: Transforms
- - Action: Not Transformed
- - ResultAlias (1)
  - - Type: Url
  - - Origin: Unknown
  - - Value: Ian.Darby@vcs.agile.co.nz
- - SubSearch (1)
  - - Type: Admin Policy
    - Action: Proxy
  - - ResultAlias (1)
    - - Type: Url
    - - Origin: Unknown
    - - Value: Ian.Darby@vcs.agile.co.nz
  - - SubSearch (1)
    - - Type: FindMe
    - - Action: Reject

Has anyone else experienced this problem, or could point us towards a solution to this?

We have had to revert back to the Legacy TMS Agent to get everything runnning again.

Thanks.

Alok Jaiswal · ‎05-28-2012

Hi Richard,

Important thing to note is that the call history shows "forbidden". so not sure what settings you had on zones or on VCS any policy were applied?

Thanks

Alok

Ian Darby · ‎05-29-2012

Hi Alok,

We had not changed any authentication policies within our zones or subzones prior to upgrading. We did try and make changes to these after the upgrade by changing from "treat as authenticated" to " check credentials". This made no difference.

awinter2 · ‎05-29-2012

Ian,

the search history shows that the call rejection is stemming from the FindMe subsearch.

Can you describe how you have configured FindMe in Provisioning Extensions, with regards to location and device templates?

What is the URI of Ian Darby's Jabber Video device when registered on the VCS?

If you sign in to Ian Darby's FindMe User portal (http://TMS_IP_OR_FQDN/tms/user/default.aspx), does this user have an active location, and is this user's Jabber Video device URI listed as part of this active location?

- Andreas

Ian Darby · ‎05-29-2012

Hi Andreas,

We had not created any FindMe devices or locations for any Jabber clients within the PE. We don't use FindMe, even though we have this feature enabled on our VCS.

We only created the actual Jabber accounts and applied the 4.3 configuration template to these users with the default settings.

The documentation never said that we had to create these FindMe devices or locations? Do we need to do this even though we don't use FindMe?

Thanks.

Jens Didriksen · ‎05-29-2012

You don't, I have disabled the FindMe feature on VCS-C Provisioning tab in TMS.

In Systems-->Provisoning-->Users check the Video Address Pattern and make sure this is the same address as what the actual user URI address is.

I.E. if you're using something like joe.bloggs.movi@domain.com then you'll need to edit this pattern to

{first_name).{last.name}.movi@domain.com as it will otherwise not work.

(Default is just {first_name}.{last.name}@domain.com

/jens

Please rate replies and mark question(s) as "answered" if applicable.

awinter2 · ‎05-30-2012

Ian,

as Jens mentions, FindMe is optional, not required (Although in my opinion FindMe has many benefits and few/no drawbacks).

Can you post a screenshot of how you have set up the 'Users' page in PE for this group of users, as well as a screenshot of the 4.3 configuration template?

I would also recommend that you disable FindMe on the VCS if you are not actively using it, since it somehow seems to be FindMe which is rejecting the call.

- Andreas

Marco · ‎12-22-2014

Hello community,

I have the same Problem but another enviroment:

Search (121)
- State: Completed
- Found: False
- Reason: Forbidden
- Info: Policy Response
- Type: SIP (INVITE)
- CallSerial Number: 3d59c8ec-89da-11e4-9e11-0010f320fb86
- Tag: 3d59ca90-89da-11e4-9ff6-0010f320fb86
- Source (1)
- - Authenticated: True
- - Aliases (1)
  - - Alias (1)
    - - Type: Url
    - - Origin: Unknown
    - - Value: user.movi@test.org
- - Zone (1)
  - - Name: de-test
  - - Type: Local
- - Path (1)
  - - Hop (1)
    - - Address: X:X:X:X:59550
- Destination (1)
- - Alias (1)
  - - Type: Url
  - - Origin: Unknown
  - - Value: sip:user@test.org
- StartTime: 2014-12-22 13:58:35
- Duration: 0.01
- SubSearch (1)
- - Type: Transforms
- - Action: Not Transformed
- - ResultAlias (1)
  - - Type: Url
  - - Origin: Unknown
  - - Value: user@test.org
- - SubSearch (1)
  - - Type: Admin Policy
  - - Action: Proxy
  - - ResultAlias (1)
    - - Type: Url
    - - Origin: Unknown
    - - Value: user@test.org
  - - SubSearch (1)
    - - Type: FindMe
    - - Action: Reject

FindMe reject the call. I can call the movi adress directly, but I want to be able to call the findme id.

Why is this user policy forbidden? Is there something to config in findme for call policy service?

Thanks a lot