[cisco-voip] 'interesting' EMCC behavior

Brian Meade (brmeade) brmeade at cisco.com
Tue Oct 8 16:16:48 EDT 2013


Erick,

Does the user ever show up in the Remotely Logged-In Device Report on the home cluster?

Brian Meade

From: Erick Wellnitz [mailto:ewellnitzvoip at gmail.com]
Sent: Tuesday, October 08, 2013 4:03 PM
To: Ryan Ratliff (rratliff)
Cc: Brian Meade (brmeade); cisco-voip
Subject: Re: [cisco-voip] 'interesting' EMCC behavior

I may have found something but I'm not sure.

In the packet capture, I see that the request for SEPXXXXXXXXXXXX.cnf.xml.sgn is sent to the user's cluster but is not found.  At that point the logout is initiated.

On Mon, Oct 7, 2013 at 10:51 AM, Erick Wellnitz <ewellnitzvoip at gmail.com<mailto:ewellnitzvoip at gmail.com>> wrote:
And this:


7730: WRN 09:00:37.155813 SECD: WARN:getTLInfoFromFile: ** phone has no TL file /flash0/sec/ctl//CTLFile.tlv

On Mon, Oct 7, 2013 at 10:48 AM, Erick Wellnitz <ewellnitzvoip at gmail.com<mailto:ewellnitzvoip at gmail.com>> wrote:
The only 'abnormal' thing I see is this:


7739: WRN 09:00:37.178303 SECD: WARN:getTLInfoFromFile: TL signer's issuer name too big, may truncate

On Fri, Oct 4, 2013 at 6:26 PM, Ryan Ratliff (rratliff) <rratliff at cisco.com<mailto:rratliff at cisco.com>> wrote:
I it's easier get the console logs there will likely be something there to go off.

Sent from my iPhone

On Oct 4, 2013, at 5:10 PM, "Erick Wellnitz" <ewellnitzvoip at gmail.com<mailto:ewellnitzvoip at gmail.com>> wrote:
The profile logs in, phone resets, profile gets logged out, phone resets and displays 'extension mobility unavailable.

We believe it is somehow related to DNS because when we register a phone to one of the 9.1 clusters in the other location login works as expected.  I haven't had a chance to do a packet capture yet.

On Fri, Oct 4, 2013 at 4:00 PM, Ryan Ratliff (rratliff) <rratliff at cisco.com<mailto:rratliff at cisco.com>> wrote:
By the way what's the error code that the phone displays?  EM has been better than most about having useful errors, even if they are subject to the secret decoder ring.

-Ryan

On Oct 4, 2013, at 4:10 PM, Erick Wellnitz <ewellnitzvoip at gmail.com<mailto:ewellnitzvoip at gmail.com>> wrote:

Yes, it is also the primary tftp server.

On Fri, Oct 4, 2013 at 12:57 PM, Ryan Ratliff (rratliff) <rratliff at cisco.com<mailto:rratliff at cisco.com>> wrote:
System->Server values don't impact certificates.  They will impact what the phone gets in config files so if you aren't using DNS this will be an issue.  Is that pub also the TFTP server that is going to show up in the mini-config?

-Ryan

On Oct 4, 2013, at 1:13 PM, Erick Wellnitz <ewellnitzvoip at gmail.com<mailto:ewellnitzvoip at gmail.com>> wrote:

I always forget about doing a packet capture on the phone.

I'm thinking it is cert related because on this one cluster the Publisher is set up under servers using it's hostname instead of IP while all the others are using IP.

We're going to change this once we get approval then re-export, consolidate and import.

On Thu, Oct 3, 2013 at 4:49 PM, Brian Meade (brmeade) <brmeade at cisco.com<mailto:brmeade at cisco.com>> wrote:
Erick,

Can you grab a packet capture from the phone trying to log in?  The packet captures seem to show the EMCC issues very clearly.  You should see after the login, the phone will download its mini-config with the new TFTP server info.  You'll then see it try to download its ITL from the other cluster.  If you don't see the phone request anything after that, most likely it didn't trust the signer of the ITL and it will show the "Extension Mobility is unavailable" error message.

Usually that means you need to do a Re-Export, Consolidate, Import of the certificates.

Brian Meade

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net>] On Behalf Of Erick Wellnitz
Sent: Thursday, October 03, 2013 5:01 PM
To: Jason Aarons (AM)
Cc: cisco-voip
Subject: Re: [cisco-voip] 'interesting' EMCC behavior

That's the odd thing.  All of the traces look like it is successful but the phone (7965) resets, logs the user out and displays a message that extension mobility is not available without an error code.  I get similar behavior on the 8945 but without the message.

I've gon through the EMCC guide a number of times and nothing sticks out as obvious.

On Thu, Oct 3, 2013 at 3:41 PM, Jason Aarons (AM) <jason.aarons at dimensiondata.com<mailto:jason.aarons at dimensiondata.com>> wrote:
I was using 8.6 the first time I setup EMCC to another 8.6 box.

From: cisco-voip [mailto:cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net>] On Behalf Of Anthony Holloway
Sent: Thursday, October 03, 2013 3:39 PM
To: Erick Wellnitz
Cc: cisco-voip
Subject: Re: [cisco-voip] 'interesting' EMCC behavior


I have one idea.
EMCC does not work very well in 8.5 because you cannot "home" a user to a cluster.  Therefore, if your LDAP integrations are the same for each cluster, it would be impossible to know which cluster the user is homed to.  9.1 on the other hand has this feature on the end user page, and thus overcomes this limitation.

On Thu, Oct 3, 2013 at 1:50 PM, Erick Wellnitz <ewellnitzvoip at gmail.com<mailto:ewellnitzvoip at gmail.com>> wrote:
I have a strange situation.

3 Clusters. 2 on 9.1 and the other on 8.5  EMCC works except with users configured on the 8.5 cluster.  The profile logs in then immediately logs out without an error message.

Any ideas would be greatly appreciated!

_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip



itevomcid


_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip







-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20131008/2a16a465/attachment.html>


More information about the cisco-voip mailing list