Skip to end of metadata
Go to start of metadata

This section describes procedures for troubleshooting the Media Relay Authentication Server (MRAS) configuration.

The Show Mras Command

Unconfigured MRAS

This output is from an MRAS that is unconfigured or does not exist.  The MRA Server, IP, Port and GRUU are populated when the UC Extended Wizard is executed.

Media Relay Authentication Information
--------------------------------------
MRA Server      : <Not configured>
MRA Server IP   : N/A
MRA Port        : N/A
MRA Server GRUU : <Not available>
VX GRUU         : sip:vxgw2.vx.net@vx.net;gruu;opaque=srvr:Gateway:5fKaBxCKAEubHaBIbaco6wAA
  CREDENTIALS INFORMATION
    Username        : <Not available>
    Password        : <Not available>
    Expiration Time : <N/A>
  MEDIA RELAY INFORMATION
    Turn Server FQDN    : <Not available>
    Turn Server IP      : 0.0.0.0
    TCP Port        : <N/A>
    UDP Port        : <N/A>
vxgw2#

Items to verify:

  • Verify the General | OCS-Gateway configuration.
  • Configuration of The Extended UC Wizard (VXbuilder) was successfully run (twice) and the GRUU verified.

MRAS unavailable

This output is due to an MRAS that is not reachable over the network. The credentials and Media Relay Information are obtained by sending a SIP SERVICE message to the Edge Server.

Media Relay Authentication Information
--------------------------------------
MRA Server      : dmz10.dmz.com
MRA Server IP   : 10.254.1.10
MRA Port        : 5062
MRA Server GRUU : sip:dmz10.dmz.com@dmz.com;gruu;opaque=srvr:MRAS:zKlTLDILv0-i64KhhaPVkAAA
VX GRUU         : sip:a01.gov.au@dmz.com;gruu;opaque=srvr:Gateway:m0qn2IlU5ES278GY2Fsc9wAA
  CREDENTIALS INFORMATION
    Username        : <Not available>
    Password        : <Not available>
    Expiration Time : <N/A>
  MEDIA RELAY INFORMATION
    Turn Server FQDN    : <Not available>
    Turn Server IP      : 0.0.0.0
    TCP Port        : <N/A>
    UDP Port        : <N/A>

Items to verify:

  • The VXe FQDN is configured as a trusted host on the Edge Server
  • The Edge Server has an entry in the Inbound SIP Route Call Routing
  • There are no firewall issues between VXe and the internal Edge Ethernet interface
  • The DNS A record for the Edge Server's FQDN points to the Edge Server internal IP address
  • MTLS is completing incorrectly between the VXe and the Edge Server
    •   There may be a certificate problem. See the Employing Certificates with VX document

The Firewall

In your external firewall, you must unblock port 3478 for User Datagram Protocol (UDP) communication. The Mediation Server has the option of using 3478 TCP, however RTP over TCP can provide a poor user experience with audio. RTP over UDP is far more robust over long latency lines. Using the RTP over UDP configuration improves call quality and the overall user experience.

You must also open a block of ports in the 50000-59999 range for SRTP/RTCP on your external firewall, this block of ports must match your UC configuration.

  • No labels