I'm able to connect calls but I get no audio or video in either direction. According to the install guide "Cisco Jabber Guest media does not go through the traversal link between Cisco Expressway-E and Cisco Expressway-C" and "Inbound firewall rules are required to allow media to flow from the Cisco Expressway-E to Cisco Expressway-C."
Does this mean that I need to open up my firewall to that large range of ports to allow the RTP traffic from the Expressway Edge to get to the Expressway C? Is it not possible to create a travesal zone for the jabber guest media to use? Thanks, Mike
Solved! Go to Solution.
Should be a firewall between both of them and open the required ports, expressway-c and expressway-e.
Kind;y check the below link:-
please rate all useful information
Did you manage to get anywhere with this? I'm trying the same setup as you (single nic) but can't get audio or video to work (the call connects, but no media).
Need your help ... Have you faced below issue..
I am deploying jabber Guest setup but facing same problem of No Audio and Video , but I managed to get Audio but still there is no Video on either side.
I tried configuring jabber guest setup with both single and dual NIC but still not able reslove
Jabber Guest Server - 10.5.3.115
Expressway C and E - X8.5.1
The media will flow differently depending on which configuration you have deployed. For single NIC Expressway-E, the media flows over a range of ports between E and C. For dual NIC Expressway-E, the media will flow via the traversal zone.
The ports for both are outlined in the install guide, under "Ports and Protocols".
Which have you deployed? Do you have NAT or PAT? Where is your firewall deployed?
I have a single NIC no NAT. Why can't Jabber guest use a traversal zone in this scenario just like other telepresence calls? This is what I don't understand.
when deployed in single NIC, the JG server sends the signaling to the C. In that case, the E is used as a TURN server only; propogate the media. It's not part of the signaling, so doesn't have a way to know to use the traversal zone.
In the dual NIC deployment, JG server sends the signaling to the E, which forwards it to the C via the traversal zone. In that case, the E can and does use the traversal zone for the media.
That's great if your Expressway has a dual NIC, but mine doesn't. If JG can't use a traversal zone for media on an Expressway with a single NIC then that is a serious limitiation. I've heard that this is not an issue with JG 10.2. Do you know if that's accurate? Thanks, Mike
Mike, I tried your suggestion and it's almost working. I now get one way audio/video to the Jabber Guest client, but no video from Jabber Guest. I took a packet capture on the exp-core and the C20 that I'm calling and I do see UDP packets being received. Also, when I look at the call stats on the C20 it is showing call stats for video, but the numbers are odd, especially the resolution. To me it seems like the media is making it through but the call isn't being set up correctly.
Hmm, the fact that the media is getting to your C20 would imply the call is setup properly. I've actually deployed a similar configuration in our lab and it's working properly.
What do you mean by "numbers are odd"? Are there other phone models you can call to see if it's limited to this model? We don't have a C20 handy in my configuration, but I regularly call EX60 and 90s.
Sorry, I thought I had included a screen shot of the call stats. See below. In the Call section that are not receive stats, but under audio and video there are, although they are weird. Video resolution of 2x8? And it will fluctuate during the call. I did also try to a TP server and had the same results. I'll try a couple of other endpoints.
Mike, I have opened up all ports in my firewall to the Expressway Core, but I still get no video either way. I did a packet capture on the Core and Edge. The Edge show the sending of lots of UDP packets to the private IP address of the Core, while the Core shows no receipt of UDP packets from the Edge.
Any idea what is going on? Thanks, Mike
sorry for delay, I was away for a few days. Are you still having a problem? The media should flow like so
JG client->TURN encapsulated media->Edge->Core->phone
Should the Edge be able to reach the private IP:port that you're seeing from your sniffer trace? Are you doing PAT or NAT between Edge and Core?
No problem. Edge sits on the internet, single NIC no NAT. Core has a 1to1 NAT to a public IP. Firewall has all ports opened inbound between Edge and Core. For some reason the sniffer trace shows the Edge sending packets to the private IP of the Core.
I may have bigger issues though. If I try to make a Jabber Guest call from my internal network, I experience the same no video symptoms, plus the Jabber Guest client is sending the traffic to the Edge, while the phone is sending traffic to the core. I would expect that the two internal devices would exchange media directly since they are both internal. Is that not the case?
JG client will always send the media to the Edge. As part of the call buildup, the JG client receives the Core's IP address (the one the JG server is communicating with) and tells the Edge to relay media there. It sounds like your Edge server cannot communicate with that IP since it's private?
With NAT/PAT between the Edge and Core, we ask that customers use the dual NIC Edge configuration. If you can't do that, you could try pointing the JG server at the Edge for call control (SIP). Doing this would allow use of the traversal zone for the media. While that isn't officially supported, I think it should work.
This requires 5061 open in both directions for the SIP traffic and the JG server would need the Edge cert.
a customer have same deployment as described here:
Edge X8.7.3 with single NIC and public IP (no NAT to outside)
Core X8.7.3 is inside, with a zone as Media Encryption as Best Effort (to force the media flow through the Core)
Jabber Guest 10.6 is inside, pointing to Core
Reading this post, I realized that cannot be a NAT between Core/JabberGuest and Edge and that is the case. Doing tcpdumps I was able to confirm that the Core send UDPs to Edge and this UDP arrives at the Edge with NATed IP.
Is there a workaround to this scenario? or this customer need to implement Dual NIC?
PS: The B2B calls are working fine and the FW btw Core and Edge have all ports open.
Thanks in advance
Only the Cisco Expressway-E with dual NIC deployment supports NAT/PAT between the Cisco Expressway-E and the Cisco Expressway-C.So customer need to implement Dual NIC.
Workaround(not officially supported):
Has anyone found an solution for this issue? I have a new install (10.5.3.115) and running into the exact same issue. Any and all info is appreciated!
Depends on what the issue is you are referring to :) I got this working, but I had to change the network configuration of my Edge. Are you using dual or single NIC on your Edge?