I'm having trouble setting up my first edge server for ocs 2007 r2.
OCS Internal Server
- working fine
- set up with internal CA (specifically installed for this job)
OCS Edge (For IM only)
- got ports open between OCS Internal and Edge (443 and 5061)
- I have a single NIC with IPs
- - first IP is for example: 192.168.1.10
- - second IP is for example: 192.168.1.20 (we have NAT'd external address to this and set up the sip.domain.com and srv records to point to this NAT)
- I'm using the first IP as the Internal interface.
- I have set up the routing to next hop on the wizard and on the internal ocs server (added server fqdn to local hosts file).
The 2 certificates in use
1. Internal interface on the edge is from the Internal CA, generated an offline request, and processed it with the Internal CA and downloaded and installed by assigning it to Internal Interface through the wizard (had to install chain from Internal CA too, as they are not contactable)
2. External interface has a UCC certificate from comodo and I installed this fine too. Generated request with wizard and selected the box to include the server fqdn in the response (this being servername.domain.com and not sip.domain.com). Why do i need to include that?
I have only port 443 open to the NAT (external interface) and when connecting a client with auto configuration or manual, it says:
"There was a problem verifying the certificate from the server. Please contact your system administrator"
I currently dont have DNS outbound or web access on this server. Is this required? The certificate is showing up as valid from the certificate store.