Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

Cant access serviceability from one CUCM server to the next

If I log into my pub and serviceability, I try to access my other subs. I keep getting an error when trying to access the other servers from the drop down list. Although, everything is replicating throughout the cluster, I can log into another CUCM and only use serviceability for that one server also.

Im going to do a reset tonight on the cluster. the logs are clean and clear on RTMT on all servers. It's very odd. I thought maybe a security password would be wrong, but there are no errors anywhere on any server in the cluster.

10 REPLIES
Bronze

Re: Cant access serviceability from one CUCM server to the next

could you paste a screenshot of error you are getting?

Re: Cant access serviceability from one CUCM server to the next

Status: Connection to the server cannot be established(Unknown Error)

I see a few others in the forum have had this problem.

I did check to see if the application ID and the OS id were the same, etc, everything looks good there.

New Member

Re: Cant access serviceability from one CUCM server to the next

Hey Tommer, long time no talk to man.  I am having the same issue with CUCM 7.1.3, did you ever figure this out?

Have an open TAC case but you know how it goes, hook a brother up.

Re: Cant access serviceability from one CUCM server to the next

Its some kind of TomCat bug.   Did you change the name of servers after the upgrade or anything?  Or IP addressses?  I moved onto another job and did not get a resolution to the problem before I left.  I suspect it has to do with the certs built into CUCM.  You can try to reset the cert in the OS GUI.   There are steps listed in the forums here on how to do that.

TAC wanted all these wireshark traces between the cucm servers and I couldnt get back to the datacenter to stream this steam out.   Yeah, I could have done a capture from CUCM I guess.... but hindsite I guess.....

New Member

Cant access serviceability from one CUCM server to the next

This is the top hit in goolge when I was having this issue so though i would add the following solution.

I had this issues with CUCM9.1

In the Pub go to:

1. OS Administrator > Security > Certificate Managment

2. Download the cert: ipsec-trust

In the sub your having the issue

1. OS Administrator > Security > Certificate Managment

2. Delete the cert: ipsec-trust

2. Upload the ipsec-trust cert you downloaded from the Pub.

On both the Pub and Sub restart tomcat from the cli

Hopre that helps

Thanks

Alexis

http://www.netpacket.co.uk/
http://www.blog.netpacket.co.uk/

http://www.netpacket.co.uk/ http://www.blog.netpacket.co.uk/
VIP Purple

Cant access serviceability from one CUCM server to the next

Hi,

there is a bug associated to this issue

Unified Serviceability Tools can not connect to other nodes

CSCud67438

Symptom:
Cisco Unified Serviceability pages Tools -> Service Activation or Control Center Feature or Network Services can not connect to other nodes in the cluster.

When another node is selected the Status indicates

Connection to the Server cannot be established (Unknown Error)

Conditions:
CCMService Tomcat logs indicates the following error message when attempting to connect to other nodes in the cluster,

{http://xml.apache.org/axis/}stackTrace:javax.net.ssl.SSLException: Certificate not verified.

Workaround:
We have the following workarounds
- Accessing SUB serviceability pages directly
- Restarting tomcat on PUB ( once ) after the upgrade

For SNMP configuration where same Community string needs to be added or modified on all nodes, again using a Subscriber node instead of the Publisher also seems to work in this case.

regds,

aman

New Member

Cant access serviceability from one CUCM server to the next

good find!.. i never check the tomcat logs ..

alexis

http://www.netpacket.co.uk/ http://www.blog.netpacket.co.uk/
New Member

Cant access serviceability from one CUCM server to the next

Works like a champ!  Thanks!

New Member

5 stars for the post. Have

5 stars for the post. Have been able to resolve issues couple of times with this procedure.

Thanks,
Sami

New Member

We faced this issue in our

We faced this issue in our test environment and we regenerated   " ipsec.pem" certificate in SUB only

then all started fine

5002
Views
19
Helpful
10
Replies