I don't see any connection attempts on port 5222 in the logs. Might want to enable tcpdump on the Diagnostic Logging page and try again.
Also try https://cway.cisco.com/tools/CollaborationSolutionsAnalyzer/ and go to CollabEdge validator. It will test against your domain with a username/password. You can also put the logs in there and it may show you what is going on as well. On Thu, Dec 21, 2017 at 11:15 AM, Ahmed Abd EL-Rahman < ahmed.rah...@bmbgroup.com> wrote: > Hi Brian, > > > > Under presence there is only one domain and all my servers are in the same > domain which is the same internally and externally, we just have some users > accounts on a different domain that’s why I added that domain just to EXP-E > and added it’s related SRV records. > > > > Please have a look on the attached logs taken from both Expressway C and E > for a client which works fine from internal network then connected > successfully from outside but the IM service is not working from outside. > > > > I really do appreciate if you can hint me about possible reasons that make > IM service not working from outside company network. > > > > > > > > > > > > > > > > > > Best Regards > > > > Ahmed Abd EL-Rahman > > Senior Network Engineer > > > > *From:* bmead...@gmail.com [mailto:bmead...@gmail.com] *On Behalf Of *Brian > Meade > *Sent:* Tuesday, December 19, 2017 1:01 AM > > *To:* Ahmed Abd EL-Rahman <ahmed.rah...@bmbgroup.com> > *Cc:* cisco-voip@puck.nether.net > *Subject:* Re: [cisco-voip] Jabber IM service Issue > > > > In IM&Presence under Presence->Domains, do you have multiple domains > listed? Do you have something other than default under Presence Advanced > configuration for setting domain names? Setting the voice services domain > is one of the few reasons you need to login internally first. > > > > If you are using UserID@Default Domain then you shouldn't need to login > internally first. You may just need to remove the domain portion from the > username on the username/password page when logging in the first time. > > > > On Mon, Dec 18, 2017 at 4:06 PM, Ahmed Abd EL-Rahman < > ahmed.rah...@bmbgroup.com> wrote: > > What’s the flexible Jabber ID? Also I have local users created on CUCM > with no LDAP integration. > > > > For the domain portion it’s not removed if the first login is through MRA > and the login failed but as mentioned if I logged in thought inside network > before the login through MRA goes smooth and login successfully but with > one exception that IM service is not available. > > > > > > > > > > > > > > Best Regards > > > > Ahmed Abd EL-Rahman > > Senior Network Engineer > > > > *From:* bmead...@gmail.com [mailto:bmead...@gmail.com] *On Behalf Of *Brian > Meade > *Sent:* Monday, December 18, 2017 11:50 PM > > > *To:* Ahmed Abd EL-Rahman <ahmed.rah...@bmbgroup.com> > *Cc:* cisco-voip@puck.nether.net > *Subject:* Re: [cisco-voip] Jabber IM service Issue > > > > Are you using flexible Jabber ID? > > > > One thing to make sure is that first time MRA login gets rid of the domain > portion in the username on the username/password form after entering > username@domain in the service discovery window. > > > > On Mon, Dec 18, 2017 at 3:43 PM, Ahmed Abd EL-Rahman < > ahmed.rah...@bmbgroup.com> wrote: > > Hi Brian, > > > > Will try what you suggested, but other than this issue I have another > symptom, the user must use Jabber for first time from inside the network > then afterwards he can use it from outside but if he tries the first time > from outside the network it won’t register as all, even the login stage is > not passed. > > > > Does this point to anything ? > > > > > > > > > > > > > > Best Regards > > > > Ahmed Abd EL-Rahman > > Senior Network Engineer > > > > *From:* bmead...@gmail.com [mailto:bmead...@gmail.com] *On Behalf Of *Brian > Meade > *Sent:* Monday, December 18, 2017 11:27 PM > > > *To:* Ahmed Abd EL-Rahman <ahmed.rah...@bmbgroup.com> > *Cc:* cisco-voip@puck.nether.net > *Subject:* Re: [cisco-voip] Jabber IM service Issue > > > > Try removing "inspect sip" from the global policy. You don't want that in > there with Expressway. Not sure if XMPP traffic hits that as well or not. > > > > You can also try refreshing the IM&P Servers on the Expressway-C Unified > Communications configuration. > > > > Enabling diagnostic logging on the Expressway-E and Expressway-C then > trying to connect should help show what is going on as well. > > > > On Mon, Dec 18, 2017 at 3:16 PM, Ahmed Abd EL-Rahman < > ahmed.rah...@bmbgroup.com> wrote: > > Hi Brian, > > > > Currently I’m opening all IP traffic to Expressway public IP on our Cisco > ASA FW > > > > Regarding the inspection configured here it is : > > policy-map global_policy > > class inspection_default > > inspect dns maximum-length 512 > > inspect ftp > > inspect h323 h225 > > inspect h323 ras > > inspect rsh > > inspect rtsp > > inspect esmtp > > inspect sqlnet > > inspect skinny > > inspect sunrpc > > inspect xdmcp > > inspect sip > > inspect netbios > > inspect tftp > > > > which one could cause this issue ? > > > > > > > > > > > > > > Best Regards > > > > Ahmed Abd EL-Rahman > > Senior Network Engineer > > > > *From:* bmead...@gmail.com [mailto:bmead...@gmail.com] *On Behalf Of *Brian > Meade > *Sent:* Monday, December 18, 2017 10:43 PM > *To:* Ahmed Abd EL-Rahman <ahmed.rah...@bmbgroup.com> > *Cc:* cisco-voip@puck.nether.net > *Subject:* Re: [cisco-voip] Jabber IM service Issue > > > > Looks like possible XMPP/TCP 5222 connection issues from the logs. It > just keeps reconnecting over and over again but the port is open on the > Expressway and through the firewall. > > > > What model firewall are you using? You may need to disable some XMPP > inspection/application filtering. > > > > > > On Mon, Dec 18, 2017 at 2:25 PM, Ahmed Abd EL-Rahman < > ahmed.rah...@bmbgroup.com> wrote: > > Dear Gents, > > > > I have a question regarding Jabber setup, I have Jabber client working > fine from internal network but externally it’s able to login and both phone > and voice mail services are connected but IM service is not working while > IM service works just fine from inside network. > > > > Attached is Jabber client logs for this case. > > > > So any ideas ? > > > > Best Regards > > > > Ahmed Abd EL-Rahman > > Senior Network Engineer > > > > > _______________________________________________ > cisco-voip mailing list > cisco-voip@puck.nether.net > https://puck.nether.net/mailman/listinfo/cisco-voip > > > > > > > > >
_______________________________________________ cisco-voip mailing list cisco-voip@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-voip