OCS 2007 R2 Federation Issue - 1 way communication
-
terça-feira, 27 de setembro de 2011 18:00
We are experiencing issues with federation to a test domain and a customer both with the same results. We are able to send out to them but they cannot send to us. On my test domain edge server i have been able to pull the following information which appears at every send attempt going from domain A to the external domain B.
TL_INFO(TF_PROTOCOL) [1]05F8.08D8::09/27/2011-17:42:33.446.000057b3 (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(122))$$begin_record
Instance-Id: 000000BC
Direction: outgoing;source="internal edge";destination="external edge"
Peer: 12.109.108.144:3695
Message-Type: response
Start-Line: SIP/2.0 504 Server time-out
From: "Test User"<sip:testuser@commandalkontest.com>;tag=5f408249cd;epid=728b24aca6
To: <sip:celdridge@commandalkon.com>;tag=D6D1E23D6488E70CF049F0BC61C073D4
CSeq: 1 INVITE
Call-ID: 53e241f9527247bdafd7eee7d6aecd09
ms-user-logon-data: RemoteUser
Authentication-Info: NTLM rspauth="01000000000000005799799CF26A7E8A", srand="A8CC68EF", snum="23", opaque="55986CB9", qop="auth", targetname="ocs-s01.caitest.local", realm="SIP Communications Service"
Via: SIP/2.0/TLS 12.109.108.144:3695;ms-received-port=3695;ms-received-cid=1800
ms-diagnostics: 2;reason="See response code and reason phrase";source="ocs-s01.caitest.local";HRESULT="0xC3E93C69(SIPPROXY_E_CONNECTION_FAILED)"
Content-Length: 0
Message-Body: –
$$end_recordIn this example i am sending IM from the testuser@commandalkontest.com (A) account to my account celdridge@commandalkon.com(B) across the federated connection. I can send from B to A fine but not reverse. Any help would be greatly appreciated.
Todas as Respostas
-
terça-feira, 27 de setembro de 2011 19:25
Hi ,
Could you please check following ,
1. Port 5061 is working from internet to access edge FQDN in both direction and ensure that firewall has bidirectional port allowed for it.
2. I hope you got a public certificate and root CA installed on the edge box .
3. Just check the sipfederation DNS record which is resolving from internet .
- Sugerido como Resposta Sharon.ShenMicrosoft Contingent Staff, Moderator quinta-feira, 29 de setembro de 2011 06:34
- Marcado como Resposta Sharon.ShenMicrosoft Contingent Staff, Moderator sexta-feira, 7 de outubro de 2011 01:45
-
quinta-feira, 29 de setembro de 2011 06:33Moderador
Hi,chadeldridge,
Error 504 are typically routing, firewall or DNS related (that really limits it doesn’t it!) Here are some suggestions:
1)Please verify you and your partner both have created federation DNS SRV record _sipfederationtls.tcp.sipdomain.com pointed to the access Edge servers FQDN with port 5061.
2)Please verify there are federation routes in both federation sides,also please check your edge server are trusted by federated partner
3)Please try to telnet over 5061 to federated partner to check if your firewall configuration or federated partner does not allow the sip traffic
4)Please verify that the certificate installed on both edge servers are corrected.If you are using a third party cert,make sure your partner trust the issuance chain on the edge server.If you are using internal CA,you will need to ship them a copy of the chain.
5)Here are some similar thread and troubleshooting article for your reference,you can read through them and maybe can get some clews in them .
http://ocsguy.com/2010/01/22/one-way-messages-with-federated-partner-and-id-504-in-communicator/ (This one contains how to troubleshoot the OCS with logging tool)
Hope these useful!
Regards,
Sharon
- Sugerido como Resposta Sharon.ShenMicrosoft Contingent Staff, Moderator quinta-feira, 29 de setembro de 2011 06:34
- Editado Sharon.ShenMicrosoft Contingent Staff, Moderator quinta-feira, 29 de setembro de 2011 06:34
- Marcado como Resposta Sharon.ShenMicrosoft Contingent Staff, Moderator sexta-feira, 7 de outubro de 2011 01:45
.png)
