Solved

Problems with Live Meeting external user access

Posted on 2008-10-08
3
4,375 Views
Last Modified: 2013-11-29
Hello.
I am facing a problem with a Communications Server Web Conferencing Deployment.
I have set up and configured a Communications Server 2007 in my internal network and it works fine.
Internal conferencing works OK and internal IM also works OK.
My next step, was to set up external Web Conferencing using an Edge Server.
I have set up the Edge server and configured it ONLY for Web Conferencing.
Validation runs OK and all the services seem to be working fine.

Assume that my Edge server's FQDN is live.domain.com
I have set up the following DNS records on my ISP:

"      SRV record for _sipfederationtls._tcp.domain.com over port 5061 to point to live.domain.com
"      DNS SRV (service location) record for _sip._tls.domain.com over port 443 to point to live.domain.com
"      A record for sip.domain.com to point to live.domain.com
"      A record for sipexternal.domain.com to point to live.domain.com

My edge server is configured to listen on 443 port and I have also configured the necessary certificates using an internal CA, including all alternate names.
Both the external client testing computer and the Edge server trust each other (using the Internal CA).
My problem is the following.
When I try to join an internal conference from the external testing computer, I get the following errors in event viewer, in this order:

1)  LiveMeeting failed to connect to server live.domain.com (x.x.x.x) on port 5061 due to error 10061.  The server is not listening on the port in question, the service is not running on this machine, the service is not responsive, or network connectivity doesn't exist.
2) LiveMeeting was unable to resolve the DNS hostname of the login server sipinternal.domain.com
3) LiveMeeting failed to connect to server sip.domain.com (x.x.x.x) on port 5061 due to error 10061.  The server is not listening on the port in question, the service is not running on this machine, the service is not responsive, or network connectivity doesn't exist.
4) LiveMeeting failed to connect to server sipexternal.domain.com (x.x.x.x) on port 5061 due to error 10061.  The server is not listening on the port in question, the service is not running on this machine, the service is not responsive, or network connectivity doesn't exist.

I am pretty sure that the DNS records exist and do resolve to the A record of my edge server. I have nslooked up them and they are OK.
My edge server by default (as I mentioned earlier) listens on port 443, so I have changed it to 5061 and reassigned the certificates.
Again I get the same errors as above with the only difference that the port now is 443 and not 5061.
On my Edge server I get the following error:

Failed to process data received from the client
Over the past 0 minutes Office Communications Server has disconnected clients 1 time(s) as a result of invalid data being received on client connections. The last such client which was disconnected is "xx.xx.xx.xx:xxxx".
Cause: Failed to process data received from the client
Resolution:
Check and make sure that the connection came from a trustworthy client.

I have yet to reach a conclusion of what causes this problems.
Anyone that can provide a solution or any help is welcome.
Thanks in advance!!
0
Comment
Question by:Joshoua
  • 2
3 Comments
 
LVL 12

Assisted Solution

by:gaanthony
gaanthony earned 20 total points
ID: 22683776
First the typical setup is:
Access Edge - One IP address listening to 5061 (Federation) and 443 (remote users)
Web Conference - Second IP assigned to same NIC listening on 443
Access Edge FQDN point to first IP
Web conference FQDN (separate name and SSL cert) points to second IP.
To save money and use one cert/fqdn change remote user port to 5061 so web conference can use 443 on the same IP.
You must also specify the Edge Server FQDN(s) in the Forest/Global Properies/Access Edge.
Check that you can telnet to the Access Edge FQDN and IP address on port 5061 and 443.
Check that you can telnet to the Web Conf Edge FQDN and IP address on 443.
Are you able to connect with an external client via Communicator?  If basic IM is not working across the Edge then need to fix that before solving web conference issue.
0
 

Accepted Solution

by:
Joshoua earned 0 total points
ID: 22684607
So..in order to make this work I need at least two IP addresses?
I have tried changing the port to 5061 but it still doesn't work, I get the same error messages but on port 443 not 5061.
I haven't tried connecting with communicator, do I need to activate any other roles on my Edge server before trying that?
Thanks for the quick reply!!
0
 

Author Comment

by:Joshoua
ID: 22684642
Actually,could you clarify how do I change the port for remote users so that Web Conferencing uses port 443?
Please note that the only role activated for my Edge server is the Web Conferencing, nothing else.
I am sure the users are connecting to the Edge server but then something cuts them off, I can see errors on the Edge server that say that "OCS has disconnected 1 clients in the past 1 minutes, please check that it's trustworthy source".
I just don't get it..
I only got one IP address available and 1 FQDN, how do I set that up. I am willing to setup everything from the beginning if it is necessary.
Thanks again.
0

Featured Post

Best Practices: Disaster Recovery Testing

Besides backup, any IT division should have a disaster recovery plan. You will find a few tips below relating to the development of such a plan and to what issues one should pay special attention in the course of backup planning.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Best way to configure an old server? 13 116
Add user group members to local Administrators 2 53
Event ID: 1202 / Source: SceCli 6 107
ADMT Intra Forest migration questions 7 179
##the calculator has been updated to version 1.6 please download the use the updated version## Hi there, After the previous post of the original version of the calculator here : http://www.experts-exchange.com/articles/OS/Microsoft_Operatin…
On a regular basis I get questions about slow RDP performance, RDP connection problems, strange errors and even BSOD, remote computers freezing or restarting after initiation of a remote session. In a lot of this cases the quick solutions made b…
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question