Cisco Cisco Expressway Manuale Di Manutenzione
n
At least one domain is configured on the Expressway-C with XMPP federation set to On (
Configuration
> Domains
).
n
IM &Presence servers have been discovered on the Expressway-Cand have an active status
(
(
Configuration > Unified Communications > IM and Presence servers
).
Discovery, connectivity and firewall issues
n
If using DNS lookup, check that _xmpp-server public DNS records exist for the domains and chat node
aliases of all federated parties, and that they use port 5269.
aliases of all federated parties, and that they use port 5269.
n
Check that port 5269 is open in both directions between the internet and Expressway-E in the DMZ.
n
If the Expressway-C cannot connect to XCP on the Expressway-E remote host:
l
Check that the firewall has not blocked port 7400.
l
If the Expressway-E is running dual network interfaces, ensure that the traversal zone on the
Expressway-C is connected to the internally-facing interface on the Expressway-E.
Expressway-C is connected to the internally-facing interface on the Expressway-E.
n
Be aware that inbound and outbound connections can be routed through different cluster peers.
Certificates and secure TLS connections
If you have configured secure TLS connections, ensure that:
n
Valid server certificates are installed, they are in date and not revoked.
n
Both the remote and local server certificates must contain a valid domain in the Subject Alternative Name
(SAN). This applies even if Require client-side security certificates is disabled.
(SAN). This applies even if Require client-side security certificates is disabled.
n
If Require client-side security certificates is enabled, ensure that the server certificate is signed by a CA
and is not locally signed.
and is not locally signed.
n
Certificate Authority (CA) certificates are installed.
n
If you are using group chat over TLS, ensure that the Expressway-C and Expressway-E server certificates
include in their list of subject alternate names (using either XMPPAddress or DNS formats) all of the Chat
Node Aliases that are configured on the IM and Presence servers.
include in their list of subject alternate names (using either XMPPAddress or DNS formats) all of the Chat
Node Aliases that are configured on the IM and Presence servers.
n
Ensure that compatible security settings (TLS required, optional, no TLS) exist on your system and the
remote federated system.
remote federated system.
Checking the Event Log
Check the Event Log on the Expressway-E for XMPP events.
Events related to XMPP federation are tagged with Module="XMPPFederation". There are no XMPP-
related logs on the Expressway-C.
related logs on the Expressway-C.
Performing diagnostic logging
When performing diagnostic logging (
Maintenance > Diagnostics > Diagnostic logging
), set the
develop.xcp.federation support log (
Maintenance > Diagnostics > Advanced > Support Log
configuration
) to debug level.
Cisco Expressway Administrator Guide (X8.5)
Page 88 of 394
Unified Communications
External XMPP federation