Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Conductor and MCU4501 failing due to a TLS failure on the Egress

Hi All,

 

In my understanding the deployment guide does not clearly state that the Encryption key is a must, it simply states that "The TelePresence MCU has the ability to use a secure connection for communications."

I don't have a valid service contract in order to open a TAC case and request the free Encyption key as a workaround.

 

As for the diagnostic log I can see:
"A conference has been successfully created on the conference bridge and is ready to receive participants."

Then there is a SIP call setup from one of the phones
"Received call without content" and "Initiating call without media capabilites" Is this normal behavior?

 

After that:

"A request has been received from a client for a participant to create or join a conference."
Conference "001031030002-0x5325c79cf9018455" exists, allocating additional port with a status of OK.

 

Here it suggests that TLS is expected but on the configured port 5060 and then a regular TCP connection is established:

 

Returning CPL, conference alias = "88800016", MCU prefix = ""

<taa:routed>
         <location clear="yes" url="88800016@XXX" dest-addr="XXX" transport="TLS" port="5060" src-addr="XXX" priority="1.0">             <proxy timeout="30"/>         </location> </taa:routed>

 

Detail="TCP Connecting"

Detail="TCP Connection Established"

 

Then after a while I have:


Detail="TCP Connection Closed"
and
Transaction reject on INVITE. reason="SIP_MSG_EXCPT_TLS" generated error="404 Not Found"
Detail="Call was rejected" reason="404 Not Found"

 

So my question is - is this a bug?

 

Kind regards

Maciek

Everyone's tags (1)
1 REPLY

You are trying to connect to

You are trying to connect to port 5060 using TLS, but that would be 5061

so please check your config (like the conference bridge setting on the conductor or the neigbor zone one the vcs to see that you do not use 5060 but 5061!

 

Also check that the encryption key is present on your mcu/ or tps and that

SIP-TLS (5061) and HTTPS (443) on the MCU are enabled

Please remember to rate helpful responses and identify

351
Views
0
Helpful
1
Replies
CreatePlease to create content