Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Cannot login to Cisco Jabber 10.5.1 over Mobile and Remote Access

Hi,

We have deployed sucessfully VCS Expressway-C and VCS Expressway-E with only 1 zone which is "Unified Communication Traversal" and is for Mobile and Remote Access only. VCS-C and VCS-E are communicating and in statuses everything is active and working. Also VCS-C can communicate with CUCM and CUP (both version 10.5).

Problem is when I deploy Cisco Jabber 10.5.1 on computer outside of LAN and without VPN it start communicating with VCS-E, ask me for accepting certificate (we have certificate only intenally generated on Windows CA) and after that it is trying to connect and after few seconds it will tell me that it can't communicate with server.

 

Did any of you had same problem or can you advice how to troubleshoot? In Jabber logs there is only something like "Cannot authenticate" error message, but when I startup VPN I can authenticate without any problems.

 

Thanks

Everyone's tags (1)
6 REPLIES

On Expressway-C are your HTTP

On Expressway-C are your HTTP Allow Lists setup properly?  By default, and auto discovered CUCM and IMP should be listed via IP and Hostname, but if not, you'll need to insert manually.

Also, you can look at the config file your Expressway-E would be handing out to Jabber via this method.

From the internet, browse to:

https://vcse.yourdomain.com:8443/Y29sbGFiLmNvbQ/get_edge_config?service_name=_cisco-uds&service_name=_cuplogin


Where:

  • vcse is your Expressway-E hostname (or CNAME/A record)
  • yourdomain.com is your own domain
  • The first directory is your Base64 encoded domain name, remove and trailing equal signs (=)


The XML returned is basically the DNS SRV record information available as if internal for _cisco-uds and _cuplogin

TFTP DNS SRV is optional if you configured TFTP in IMP for your Legacy Clients.

 

Anthony Holloway

Please use the star ratings to help drive great content to the top of searches.
New Member

It looks like CUP server bug.

It looks like CUP server bug.

 

We had 10.5 RTM version. I have upgraded to UCSInstall_CUP_10.5.1.12900-2 after I've created this question and also renamed my VCS-E server hostname to match my CUP domain when clients are looking from outside.

Example: I had vcs-e.domain.com and I have renamed to vcs-e.cz.domain.com (as my CUP domain is cz.domain.com) and updated SRV records to match new hostname.

 

So I don't know if it was bug, or incompatibility between CUP 10.5 RTM and VCS 8.2.2 but now after these 2 changes I'm able to login with mobile and remote access normally. No change in configuration, just upgrade CUP and external hostname change of VCS-E.

 

Thanks all

New Member

i had problems that after

i had problems that after changing the hostname on Edge and matching it with DNS records it worked, so probably this configuration change fixed your issue.

New Member

can you log in from inside

can you log in from inside your lan? using the same jabber account?

New Member

yes, without any problems

yes, without any problems

New Member

What is logged under "Event

What is logged under "Event logs" in VCS Expressway?

1583
Views
4
Helpful
6
Replies
CreatePlease to create content