Hi everyone,
I should start by saying I'm not a networking guy so I am hoping to get some assistance for some odd DNS behaviour we are seeing on our internal firewall ASA 5525 9.8.
Basically, when you Ping / Packet Trace / Show DNS host to push.webexconnect.com, depending on what context you are on, you receive different IP addresses back. This issue is manifesting internally by stopping us receiving Notifications for Cisco Jabber on our iPhones when the app is not open on the device (this was working until a few weeks ago). The push.webexconnect.com URL is used by Cisco to send traffic to Apple and for Apple to then relay that traffic via APNS which wakes up Jabber on the phone and displays the call Notification essentially.
The route the traffic takes is CUCM Publisher > FW Context 1 > FW Context 2 > Internet
Traffic is resolving as expected on the Context 1, and the IP addresses resolved are consistent with those we’ve tested externally (Google, Cloudflare, etc). Context 2 is listing different IPs which are part of Webex Cloud but I have not seen responses anywhere other than here.
Context 1:
Ping
Result of the command: "ping push.webexconnect.com"
Sending 5, 100-byte ICMP Echos to 62.109.230.142, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 10/12/20 ms
Show DNS
Result of the command: "show dns host push.webexconnect.com"
Name: push.webexconnect.com
Address: 62.109.206.142TTL 00:01:05
Address: 62.109.230.142TTL 00:00:55
Context 2:
Ping
Result of the command: "ping push.webexconnect.com"
Sending 5, 100-byte ICMP Echos to 66.163.36.125, timeout is 2 seconds:
Success rate is 0 percent (0/5)
Show DNS
Result of the command: "show dns host push.webexconnect.com"
Name: push.webexconnect.com
Address: 66.163.36.125TTL 00:00:15
Address: 173.243.12.125TTL 00:00:42
I checked the DNS configuration for both contexts. There were some minor differences in the ordering but otherwise both were the same. I corrected the ordering on Context 2 to match that of Context 1 and issued "clear dns host push.webexconnect.com" but this has not made any difference to the issue as it is still pulling in the 66. And 173. Addresses.
First Context DNS Config:
dns domain-lookup "External Internet Context"
dns domain-lookup "Context 1"
dns server-group DefaultDNS
name-server 208.67.222.222
name-server 208.67.220.220
name-server 8.8.8.8
name-server (Internal DNS)
name-server (Internal DNS)
domain-name Company
Int-3rd DNS config:
dns domain-lookup Context 1
dns domain-lookup voice
dns server-group DefaultDNS
name-server 208.67.222.222
name-server 208.67.220.220
name-server 8.8.8.8
name-server (Internal DNS)
name-server (Internal DNS)
domain-name Company
To further muddy the waters, running a packet trace from our CUCM publisher to the URL, 4 times out of 5 it will not resolve the host name which I guess could be related.This mismatch between contexts is the root of the issue I believe.
Any guidance would be really appreciated on this as I am unsure where to go next.
No comments:
Post a Comment