We recently replaced a Cisco 6503 with a FWSM firewall with a Juniper SSG550. Our domain controllers are on a separate network from our Unity and Exchange server. Ever since we cut over to the Junipers, we are getting CiscoUnity_MALEx errors what seems like every time someone leaves a message. Most of the time everything is OK however it seems like the first few messages left in the AM fails into the MTA folder. Restarting the AvUMRSyncSvr delivers those messages.
We plugged the Cisco firewall back in and all was fine again.
From what we can tell the Juniper has the same rules that the Cisco had however something is still blocking communication. Just wondering if there are some oddball ports that Unity / Exchange needs with the domain controllers.
We are on Unity 4.1(1) with Exchange 2003 off box. The Exchange box is only used for voicemail and is on the same subnet that the Unity boxes and Call Managers are.
The text of the error is below:
Event Type: Warning
Event Source: CiscoUnity_MALEx
Event Category: Warning
Event ID: 30019
Time: 2:44:57 PM
The MAPI subsystem has indicated that the Global Catalog Server
neodc2.neoucom.edu which is used to resolve addresses for message submission cannot be reached, and that it has switched to using Global Catalog server neodc1.neoucom.edu. Unity will continue to function using this newly selected Global Catalog server and will not automatically switch back to the original one. If Unity does not have a dedicated connection with sufficient bandwidth to the newly selected server, then there may be significant delays in Exchange access by Unity. Please verify that Unity has a good connection to the new Global Catalog for proper functioning.
For more information, click: http://www.CiscoUnitySupport.com/find.php
These errors will flip flop between dc1 and dc2 and sometimes dc1 to dc1.