Calls to CMR Hybrid and Video Device-Enabled Meetings (V1, V2) are Disconnecting During the Call in Webex
Solution:
Firewall TCP Timers and their Use within:
- Collaboration Meeting Rooms (CMR) Hybrid
- Cisco Webex Video Device-Enabled Meetings (V1, V2) (formerly CMR)
- Webex Cloud Connected Audio ((formerly CCA)
It is very necessary to give careful consideration to the significance of TCP sessions inside the CMR solution when the client environment includes stringent firewall settings.
An active, bi-directional TCP session is established between the client Cisco Expressway and the Webex Edge components whenever a CMR or a Video Device-Enabled Meeting is being conducted. The Webex Edge component has a TCP connection timer that is set to a default of thirty minutes. A Cisco Expressway will have a TCP connection timer that is set to a default value of two hours.
When establishing your firewall, it is essential to ensure that it will never be permitted to silently abandon the TCP connection in fewer than 30 minutes. This is one of the most significant configuration settings.
A SIP re-invite may be sent to the Cisco Expressway on the TCP connection that has been closed if the firewall is set to discreetly terminate a TCP connection in less than 30 minutes. This happens when the connection is closed. That connection will be terminated by the firewall. Webex will send a BYE message to the client after the Re-Invite times out for the specified amount of time. This Bye message will almost always utilize the same TCP port, and it is possible that it will also be dropped.
At a later point in time, an invitation will be sent from the Cisco Expressway to the Webex side. A fresh or non-terminated TCP connection will be used for the Re-invite operation. As a consequence of this, it will be permitted to pass over the firewall and access Webex. Webex will respond with an error code stating that the call does not exist (481 Call/Transaction Does Not Exist) if the call does not already exist.
It is also essential to keep in mind that a TCP session is not exclusive to a given call in and of itself. The same TCP port will be utilized for numerous calls or conferences if the Cisco Expressway or Webex edge is sending a message to the same destination and already has (what it perceives to be) an open TCP connection to that destination IP address.
This may result in numerous conversations or conferences being terminated at the same time or very close to the same time.
See the graphic that follows for further information on the issue: