Solved

Problems with Live Meeting external user access

Posted on 2008-10-08
3
4,350 Views
Last Modified: 2013-11-29
Hello.
I am facing a problem with a Communications Server Web Conferencing Deployment.
I have set up and configured a Communications Server 2007 in my internal network and it works fine.
Internal conferencing works OK and internal IM also works OK.
My next step, was to set up external Web Conferencing using an Edge Server.
I have set up the Edge server and configured it ONLY for Web Conferencing.
Validation runs OK and all the services seem to be working fine.

Assume that my Edge server's FQDN is live.domain.com
I have set up the following DNS records on my ISP:

"      SRV record for _sipfederationtls._tcp.domain.com over port 5061 to point to live.domain.com
"      DNS SRV (service location) record for _sip._tls.domain.com over port 443 to point to live.domain.com
"      A record for sip.domain.com to point to live.domain.com
"      A record for sipexternal.domain.com to point to live.domain.com

My edge server is configured to listen on 443 port and I have also configured the necessary certificates using an internal CA, including all alternate names.
Both the external client testing computer and the Edge server trust each other (using the Internal CA).
My problem is the following.
When I try to join an internal conference from the external testing computer, I get the following errors in event viewer, in this order:

1)  LiveMeeting failed to connect to server live.domain.com (x.x.x.x) on port 5061 due to error 10061.  The server is not listening on the port in question, the service is not running on this machine, the service is not responsive, or network connectivity doesn't exist.
2) LiveMeeting was unable to resolve the DNS hostname of the login server sipinternal.domain.com
3) LiveMeeting failed to connect to server sip.domain.com (x.x.x.x) on port 5061 due to error 10061.  The server is not listening on the port in question, the service is not running on this machine, the service is not responsive, or network connectivity doesn't exist.
4) LiveMeeting failed to connect to server sipexternal.domain.com (x.x.x.x) on port 5061 due to error 10061.  The server is not listening on the port in question, the service is not running on this machine, the service is not responsive, or network connectivity doesn't exist.

I am pretty sure that the DNS records exist and do resolve to the A record of my edge server. I have nslooked up them and they are OK.
My edge server by default (as I mentioned earlier) listens on port 443, so I have changed it to 5061 and reassigned the certificates.
Again I get the same errors as above with the only difference that the port now is 443 and not 5061.
On my Edge server I get the following error:

Failed to process data received from the client
Over the past 0 minutes Office Communications Server has disconnected clients 1 time(s) as a result of invalid data being received on client connections. The last such client which was disconnected is "xx.xx.xx.xx:xxxx".
Cause: Failed to process data received from the client
Resolution:
Check and make sure that the connection came from a trustworthy client.

I have yet to reach a conclusion of what causes this problems.
Anyone that can provide a solution or any help is welcome.
Thanks in advance!!
0
Comment
Question by:Joshoua
  • 2
3 Comments
 
LVL 12

Assisted Solution

by:gaanthony
gaanthony earned 20 total points
ID: 22683776
First the typical setup is:
Access Edge - One IP address listening to 5061 (Federation) and 443 (remote users)
Web Conference - Second IP assigned to same NIC listening on 443
Access Edge FQDN point to first IP
Web conference FQDN (separate name and SSL cert) points to second IP.
To save money and use one cert/fqdn change remote user port to 5061 so web conference can use 443 on the same IP.
You must also specify the Edge Server FQDN(s) in the Forest/Global Properies/Access Edge.
Check that you can telnet to the Access Edge FQDN and IP address on port 5061 and 443.
Check that you can telnet to the Web Conf Edge FQDN and IP address on 443.
Are you able to connect with an external client via Communicator?  If basic IM is not working across the Edge then need to fix that before solving web conference issue.
0
 

Accepted Solution

by:
Joshoua earned 0 total points
ID: 22684607
So..in order to make this work I need at least two IP addresses?
I have tried changing the port to 5061 but it still doesn't work, I get the same error messages but on port 443 not 5061.
I haven't tried connecting with communicator, do I need to activate any other roles on my Edge server before trying that?
Thanks for the quick reply!!
0
 

Author Comment

by:Joshoua
ID: 22684642
Actually,could you clarify how do I change the port for remote users so that Web Conferencing uses port 443?
Please note that the only role activated for my Edge server is the Web Conferencing, nothing else.
I am sure the users are connecting to the Edge server but then something cuts them off, I can see errors on the Edge server that say that "OCS has disconnected 1 clients in the past 1 minutes, please check that it's trustworthy source".
I just don't get it..
I only got one IP address available and 1 FQDN, how do I set that up. I am willing to setup everything from the beginning if it is necessary.
Thanks again.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

The question has been asked on multiple occasions as to how best to do printing in a remote desktop or terminal services environment.   It seems that this particular question has plagued several people and most especially as Terminal Services, as…
Know what services you can and cannot, should and should not combine on your server.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

23 Experts available now in Live!

Get 1:1 Help Now