<img height="1" width="1" src="https://www.facebook.com/tr?id=188095848408072&amp;ev=PageView &amp;noscript=1">

Skype for Business, Sonus CloudLink, Modern Voice, PSTN Calling | Apr 30, 2018 3:09:30 PM

Sonus Cloud Connector Edition (CCE) fails to access O365 and internet due to multiple Default Gateways

 

Recently I worked on an issue for a customer who was complaining that their Sonus CCE Appliance is not connecting to O365.

 

https://support.sonus.net/display/UXDOC61/Configuring+the+SBC+Edge+for+a+Single+CCE

The symptoms were:

Symptom 1: When you run PowerShell command on the ASM Get-CcAplianceStatus, it gave an error for item 2:

 

 Picture1-1

 

This suggests that the O365 credentials configured in CCE are incorrect. But they were correct. We checked this by manually logging into O365 using this account. We also updated it in the CCE to make sure, using the steps at the end of this page:

https://support.sonus.net/display/UXDOC61/Configuring+the+SBC+Edge+for+a+Single+CCE

Symptom 2: The log located here on the ASM C:\Windows\WindowsUpdate.log showed the following errors:

 

WARNING: There was an error communicating with the endpoint at 'http://statsfe2.update.microsoft.com/ReportingWebService/ReportingWebService.asmx'.

WARNING: The server name or address could not be resolved

Again, we see messages about names not resolving.

We did multiple NSLOOKUPs from both the ASM and the EDGE VM, and all works OK:

 

Picture2

 

So clearly, it’s not DNS causing this.

Investigation phase

Looking at the output of IPCONFIG, I noticed that the ASM has got 2 Default Gateways configured:

 

Picture3-1

 

As any network engineer knows, it’s bad to configure more than 1 Default Gateway on any appliance/server.

Usually, the ASM gets to the internet via Corpnet Switch (Adapter #3), via your internal network. Same as any other internal server. In our case, the ASM should send all internet traffic to 10.10.40.1 and then from there it goes out to the WWW.

 

The CCE Internet Switch (Adapter #2) is only used for the Edge VM to reach the internet. This is so it doesn’t have to flow through the internal network like the other servers.

This is where it get’s interesting. Doing a TRACERT from the ASM to 8.8.8.8 shows that the ASM is trying to route via the incorrect DGW:

 

Picture4

 

Below is a diagram from our original CCE design showing the entire setup. You will notice that the Edge VM uses its own dedicated link for internet access (yellow line), whereas the other VMS and the ASM access the internet via “Internal Network”. Everything except the Edge VM is blocked by that firewall from accessing the internet, which is why we are getting errors. The Firewall at IP 10.10.50.1 was handing out DHCP options to the ASM which is where the second Default Gateway was coming from.

 

Picture5

 

Solution:

 

The solution was to simply modify the “SfB CCE Internet Switch” on the ASM and change it from DHCP to Static IP and make sure there is no Default Gateway configured.

No changes were required on the Sonus SBC or on any of the VMs directly.

Doing a TRACERT from the ASM now shows the correct path:

 

Picture6

 

Another alternative solution is to disable DHCP on the firewall device, which is where all the trouble started.

Side Note: The adapter “SfB CCE Internet Switch” on the ASM actually doesn’t need an IP address at all. This switch is only used by the Edge VM. The ASM only needs to use “SfB CCE Management Switch” and “SfB CCE Corpnet Switch”. So you could clear out all the items on that adapter if you wish.

 

Subscribe to Our Blog

Stay up to date with the latest tips and news

Insync

Isn’t it nice when things just work?

What does your organisation need to “just work”?

PLATFORMS

UNIFIED COMMUNICATIONS

IDENTITY

AUTOMATION
 

Still not sure what you need?

No problem! We can help.

CONTACT US