Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Jabber for Windows & Microsoft Direct Access

Afternoon all,

We currently have Jabber for Windows 9.2.4 deployed, and our SOE team is working on Windows 8 Direct Access.

This basically connects your work laptop to the corporate domain, when you are out in internet land.

All the MS apps are working correctly, but Jabber for Windows cannot contact the CUPS servers, through the DA dmz servers.

I can succefully ping / http / XMPP to the CUPS servers, using the telnet command from the PC.

Is there some behavour that Jabber does not like, with DA? I know DA uses IPv6... could this be the problem?

Any ideas would be useful!



New Member

Jabber for Windows & Microsoft Direct Access

Anyone have any luck with this?

New Member

Jabber for Windows & Microsoft Direct Access

Nothing has changed on my end. I was just thinking of opening a TAC, but haven't yet.

New Member

Jabber for Windows & Microsoft Direct Access

I have had quite a bit of success using APP46 from IVO networks to get apps that don't natively work with DA to work successfully. I haven't tried Jabber yet but this maybe possible as long as it uses FQDN's rather than IP Addresses. DA doesn't work with IP addresses at all. The other issue you may have is that the Jabber traffic I believe is encrypted and then DA will encrypt this traffic again so you may generate a fair load on your system.

The the cisco answer would be to deploy jabber 9.6/9.7 with a VCS expressway running X8 code (collaboration edge) on the edge of your network and exclude the jabber traffic via NRPT but this solution isn't avaliable yet. MS don't recommend pushing Lync over DA either (though I believe its now supported in Lync 2013?).

New Member

Jabber for Windows & Microsoft Direct Access

This is a moot issue. Like Dan has mentioned the Expressway "E" and Expressway "C" will provide the solution.

New Member

Jabber for Windows & Microsoft Direct Access

We had this same issue - Jabber Client does not support IPV6 (whcih Microsoft DA requires), and this is posted in many Cisco Support for Jabber posts.  The fact that "Cisco" has enterprise tools that in late 2013 still do not support IPV6 is a bit crazy.  You won;t get Jabber working through Microsoft DA until Cisco releases support for IPV6 for Jabber Windows Clients.  They say they are working on it, but that was back in May when we asked....

New Member

Jabber for Windows & Microsoft Direct Access

Just out of interest, why did you put Cisco in quotation marks?

New Member

Any update on this? We are

Any update on this?


We are starting to roll-out Windows 8.1 with Direct Access for our remote users, but they can't use Jabber... its becoming a real problem.


When will Jabber support Direct Access? We're having discussion about Microsoft Lync for our voice platform because of lack of support for jabber with DA.


Please provide roadmap, timeline, or beta testing opportunities if its in development. I'd hate to have to move off Jabber because they can't support our increasing mobile workforce..

Cisco Employee

What you're asking cannot be

What you're asking cannot be discussed on CSC, either engage your AM to submit this questions, or ask in partners forum

J4W now supports MRA, you might want to look into that.



if this helps, please rate
New Member

I have temporarily halted our

I have temporarily halted our DirectAccess deployment (not just because of the Jabber problem, but it was certainly a factor).

Later this summer we are going to deploy the VCS Expressway and will try Jabber over DirectAccess again once the Expressway install has occurred.



New Member

Hi there,

Hi there, This is no longer an issue for us.. We now have collaboration edge working with jabber 9.7 . This works nicely alongside direct access, as long as you configure DA to not route traffic which is destined for the expressway & block the internal Uds srv record to cucm. Cheers Dion
Cisco Employee

Would you be open to having a

Would you be open to having a discussion with me on the configuration you used to achieve this ?


If so, I can send you my details

New Member

Dion, we have Jabber with MRA

Dion, we have Jabber with MRA working for all devices except our Windows 7 machines with Direct Access.  What exactly did you do to not route traffic which is destined for the Expressway Edge?

We've excluded the internal UDS SRV records and even tried excluding our CUCM and IM&P servers (using the A record) but still no luck.  Are there any screenshots you can share of your DA configuration and/or routing?


Hi Chris,

Hi Chris,

Please can you share how you excluded the internal srv record discovery when connected via DA.



Hello community,

Hello community,

We are having a very similar or identical problem: we are installing the Cisco Jabber solution without inconvenience in our infrastructure (LAN, WiFi, remote access via VPN, through the Firewall), but we can not run Jabber with DirectAccess.

The Jabber client automatically discovers the services in all cases (SRV records), the user is able to authenticate and use the messaging services. Even through DirectAccess, it manages to control its desktop phone (which is not really necessary if we consider that the user accesses the corporate network from his home with DirectAccess).

But the problem occurs when we want to take control of the softphone using DirectAccess. The connection is never established. By performing a packet capture in the Firewall, we do not observe SIP connection attempts, however in the Jabber log, there are records that indicate connection attempts using the IPv4 of the CUCM server instead of the FQDN (DirectAccess requires FQDN since it uses a tunnel IPv6).

All our configuration of CUCM, IM & P, etc., is made with FQDN.

Could anyone solve this problem?

Thank you.
New Member

Re: Jabber for Windows & Microsoft Direct Access



Has anyone worked out a way to make Jabber work over direct access using a force tunnel setup?

We have successfully used Expressway to bypass MSDA when using split tunnel. However I have customers using forced tunnel setup and haven't found a workaround yet...if one exists?


Any help appreciated.