It happened to me when I was

Chi Fai Leung · ‎02-26-2014

Hi,

I just deployed the VCS 8.1 ova for the Expressway-C and Expressway-E about the demo of VPN-less Jabber. It is successful for me to configure the Expressway-C and the Expressway-E, but I don't know how can I work on the jabber on the outside.

How to identify the internal and the external domains

My Expressway-C, CUCM, Presence server domain is: company.local

My Expressway-E with dual networks domain is: company.com

As the outside Jabber, then I should type the <username>@company.local OR <username>@company.com? Where's the translations? The outside Jabber will lookup the internal DNS SRV records 1st, then lookup the external DNS SRV record? jabber-config.xml to control that? (XML: <Policies><RemoteAccess>ON</RemoteAccess></Policies>)

Actually: I just want to the jabber reg. to the CUCM, because that is the free.

I added the DNS SRV record on the external domain "_collab-edge._tls.compan.com". How can the outside Jabber cannot reach the internal DNS SRV records, then reach the collab_edge DNS SRV record?

Then the edge will find the zone cline and go to the Expressway-C to CUCM?

Chi Fai Leung · ‎03-04-2014

It was successful to login the VPN-less Jabber with IM only through the Edge, but it is fail to associate the phone (fail to connect the CUCM). Any Configuration Im missing?

PS: I make the lab as the same domain between the internal DNS server and external DNS server.

Mike Baird · ‎03-25-2014

I am having the exact same problem. The 5066 port DID work for me and now my trunk is functioning. And I can get IM/Unity to work, but the phone services are not working.

Muaaz El Kamali · ‎04-17-2014

Hi,

To get phone services in VPN-less jabber you need to add a Digest User

espereir · ‎03-17-2014

It happened to me when I was setting up Edge; you have to change the default SIP port on the neighbor zone that is pointing to the CUCM to something else, then change the SIP Trunk Security Profile port on the CUCM to match it (You will need to Copy de default one in order to save it after making the changes).

On the Neighbor Zone I changed the SIP port from 5060 to 5660 and then changed it on the SIP Trunk Security Profile; there is no need to change the SIP Trunk port (just a reset) since it only affects inboud connections towards the CUCM; after you do that, Jabber will get Phone Services.

HTH

---

espereir

Chi Fai Leung · ‎03-17-2014

Hi espereir,

Really Thanks for your help!

Actually, that can formed the CUCM <TLS> Expressway-C as the TLS 5061, 5560, and TCP 5660. But it still fail to connect the Phone Service at the outside.

Chi Fai Leung · ‎03-17-2014

Hi espereir,

Is it successful on the iPad IOS 7 w Jabber 9.6.1? Windows on Jabber 9.6.1? Mac on 9.6.1?

Marucho Mendez · ‎08-01-2014

Hi,

Any update on this? I am facing the same issue.

Joshua Warcop · ‎08-05-2014

Your Jabber ID is defined within CUCM and CUPS and typically this would be the same as your e-mail address. Following the standard SIP URI = MAIL. You would log into Jabber with your primary SIP URI as it is synchronized from LDAP. Typically this directory setting is "mail".

Example: user@company.com

_collab-edge._tls should only be resolvable by your Jabber clients outside of the network. Inside of the network the Jabber client should only resolve _cisco-uds._tcp.

All of your server DNS structure can be different than your primary SMTP. However, your certificates will all need to be valid regardless of name. Your CA must be able to issue certificates for .local.

Expressway-C/E VPN-less Jabber DNS issues