[cisco-voip] Cisco Hybrid Services Expressway Connector registration
Ryan Huff
ryanhuff at outlook.com
Fri Aug 31 07:14:08 EDT 2018
On Aug 31, 2018, at 06:55, Ryan Huff <ryanhuff at outlook.com<mailto:ryanhuff at outlook.com>> wrote:
No, it shouldn’t, stateful egress should be fine (what goes out, comes back in the same way).
However, since you say you have a PA ... I'm guessing it is doing something weird that isn’t expected. Layer 7 firewalls are the bane of Cisco UC existence... lol (not that bad really, just takes extra effort almost always).
I had a similar type issue with a CheckPoint firewall recently and in that case, we discovered the CP was doing this odd inspection and classification of the traffic .... so we had to disable the application identification mechanism so the traffic wasn’t inspected or classified.
Sent from my iPhone
On Aug 31, 2018, at 06:49, Dana Tong <dana.tong at yellit.com.au<mailto:dana.tong at yellit.com.au>> wrote:
Does it need a direct one to one NAT? There was nothing in the Palo Alto logs for denial of traffic.
Regards,
Dana Tong
+61 416 165 030
On 31 Aug 2018, at 8:28 pm, Ryan Huff <ryanhuff at outlook.com<mailto:ryanhuff at outlook.com>> wrote:
Something is in its way to the Internet ... web filter perhaps? Asymmetrical route somehow? Expressway-C is a diva when it comes to having Internet access for the Hybrid connectors.
Sent from my iPhone
On Aug 31, 2018, at 02:47, Dana Tong <dana.tong at yellit.com.au<mailto:dana.tong at yellit.com.au>> wrote:
FYI it also times out and fails when the device has full Internet access.
From: cisco-voip <cisco-voip-bounces at puck.nether.net<mailto:cisco-voip-bounces at puck.nether.net>> On Behalf Of Dana Tong
Sent: Friday, 31 August 2018 4:35 PM
To: cisco-voip voyp list <cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>>
Subject: [cisco-voip] Cisco Hybrid Services Expressway Connector registration
Hey guys,
I keep getting a timeout when trying to register an Expressway Connector for Hybrid Services.
hercules-a.wbx2.com<http://hercules-a.wbx2.com> took too long to respond.
The domain is Verified in the Webex Control HUB, and the device name / fqdn is in the HUB also.
The Expressway C box has access for TCP port 80, and 443 (http/s).
I try to initiate the registration on the Expressway, enter my credentials, and then select the option for Cisco to manage the certificate and click register.
It then just times out.
Any tips?
Cheers
Dana
_______________________________________________
cisco-voip mailing list
cisco-voip at puck.nether.net<mailto:cisco-voip at puck.nether.net>
https://puck.nether.net/mailman/listinfo/cisco-voip
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://puck.nether.net/pipermail/cisco-voip/attachments/20180831/71f8beda/attachment.html>
More information about the cisco-voip
mailing list