I was going to mention the FQDN issue as I ran into it last month. Also, we had
a scenario where the Nortel was sending SRTP keys in the SDP and it would cause
issues, though I believe the symptom there was one way audio and not a complete
failure. The fix for that was to disable SRTP in the COS
Hi All
We have an issue where phones (7821) that have registered in SRST and then
been rebooted will not re register in SRST untill roughly 20 mins has past.
After the phone has rebooted is does then not contain any servers in its
Active / Standby server list so the phone will never know where t
Hi All,
I'm resurrecting an old thread from the deep, where Nate suggested using
DigiCert wildcard certificates for UC infrastructure.
I'm trying to use some of these for a Expressway MRA implementation, and am
struggling with the TLS-verification between the Expressway-E and
Expressway-C.
There
Hi all,
I am facing a problem with an external call from a movi client (movi is
registered to some external video system) which disconnects after about 5-7
sec.
Setup:
External Movi Client -à Expressway-E-àExpressway-C -à CUCM Cluster -à
Conductor -à vTP Server
In the CUCM Traces I
Did you put all of your SANs in the digicert page?
I have this working on all of my expressway installs.
Sent from my iPhone
+1 801 718 2308
> On Jul 15, 2015, at 7:35 AM, Ian Anderson wrote:
>
> Hi All,
>
> I'm resurrecting an old thread from the deep, where Nate suggested using
> DigiCert
Sounds like a codec issue. Are both sides negotiating the same codec?
Thanks,
Ryan
Original Message
From: Robert Schuknecht
Sent: Wednesday, July 15, 2015 09:37 AM
To: cisco-voip@puck.nether.net
Subject: [cisco-voip] External Call from Movi Client to Conductor fails after 5
s
On 15 July 2015 at 15:02, NateCCIE wrote:
> Did you put all of your SANs in the digicert page?
>
> I have this working on all of my expressway installs.
>
> Hi Nate,
Thanks for the quick response, just for preservation in the archives for
future posterity and confirmation that digicert seems fin
Has anyone seen the Call Manager RTMT alert for CiscoGraceTimeLeft,
CiscoNoProvisionTimeout, CiscoSystemInDemo, or CiscoSystemInOverage
occur?
The RTMT alerts are all enabled (default) but I've seen multiple call
manager 9.x and 10.x go over the licenses in ELM/PLM and get out of
compliance by a f
I’ve found the hardest thing to find a cert providers that likes putting the
domain as a san such as DNS=mycollab.com. Has anyone found any providers that
are kosher with that? From one of the Cisco Live sessions, I was told this is
needed for service discovery to function properly.
Dennis Heim
Digicert lets you put your domain and subdomains of any level as SANs. It’s
great! They even generated a duplicate certificate for me with a different root
CA that was supported with WebEx enabled Telepresence. We use their wildcard
certificates on all of our UC servers.
From: cisco-voip [mailt
I'm a little confused here. According to this article:
http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-communications-manager-callmanager/115957-high-level-view-ca-00.html#wildcard,
and this defect ID: https://tools.cisco.com/bugsearch/bug/CSCta14114/, wild
card cert
Good point. I spoke too soon: we use wildcard certificates on VCS-E and WebEx
Meeting Server only. IIRC VCS officially doesn’t support wildcard certificates
either but everything seems to work provided the hostnames are configured as
SANs. CUCM might be the same with the multi-server certificate
If you have not seen the Cisco Live session on collab security I would
definitely recommend it. It had some good discussion on certificates. Based on
that Wildcard certs will never be supported on CUCM and the like and are
frowned upon within the security community.
Dennis Heim | Emerging Techn
I'm reading through the IM&P v9 documents and it's referring to user count
maximums and thresholds. I'm wondering how these apply.
Our CallManager v9 setup is LDAP synchronized to our enterprise AD with about
70,000 users being brought into the directory.
Not all of these users will be IM&P
To Dennis' point you don't have to put DNS=mycollab.com in the SAN. There
is an alternative to use DNS=collab-edge.mycollab.com
http://www.cisco.com/c/dam/en/us/td/docs/voice_ip_comm/expressway/config_guide/X8-5/Mobile-Remote-Access-via-Expressway-Deployment-Guide-X8-5.pdf
[image: Inline image
Most of the time wildcard certs mean you have a CSR and a private key generated
by something, and then you upload the private key and the public key to lots of
servers. The application would need to be able to upload a private key and not
require its own CSR.
Cucm, unity cxn, uccx, do not sup
16 matches
Mail list logo
