Asked by:
0000274D error with directaccess from windows 7

Question
-
We receive the appv client error 2A-0000274D on windows 7 client, connecting with DirectAccess to w2012 server, if we use RTSPS 322. If we change the osd file to use RTSP 554, it works fine.
The client can connect to any server/share in the internal network.I have found some KB articles to diagnose this problem: http://support.microsoft.com/kb/930730/en-us http://support.microsoft.com/kb/2615139 , but both articles didn't help.
If the client computer is on the corporate network, all works well. RTSPS and RTSP appv applications.In the article http://www.virtualizationadmin.com/articles-tutorials/vdi-articles/microsoft-hyper-v/securing-app-v-streaming-with-secure-rtsp.html it is recommended to use RTSPS if there is some kind of firewall/nat between the client and server. Our DA server is some kind of NAT/VPN, so RTSPS should work, and RTSP not. This is in contradiction with our experience.
Has anyone also found this behaviour ? Can there be a detection of man-in-the-midle (=our w2012-DA server) attack with RTSPS, and the block it ?
Wednesday, October 23, 2013 10:04 AM
All replies
-
Hello,
Have you setup your server to respond to RTSPS?
Nicke Källén | The Knack| Twitter: @Znackattack
Wednesday, October 23, 2013 10:05 AM -
No, I thought I had. If I look in the osd file, I see <CODEBASE HREF="rtsps://%SFT_SOFTGRIDSERVER%:322/....
I asumed that the server listens on port 322. If I do a netstat -an | find "322" on the server, no port is listed. I can find an listening port 554 on the server.In the config of the APPV server, there is no certificate. How can this work ? On the corporate network, clients receive an osd file, using port 322, but connect on port 554. Why/How ?
If the same client computer is remotely connected through DA, this does not work. Why ?
Wednesday, October 23, 2013 11:03 AM -
Hello,
Lets conclude this first;
You are not using RTSPS.
It seems that you have not setup this up, that it is not configured and it will therefore not work through DA or not through DA.
If you want to configure this - here are some topics to get you started;
Nicke Källén | The Knack| Twitter: @Znackattack
Wednesday, October 23, 2013 11:19 AM -
No certificate bound to the server, no RTSPS, pure and simple.
Steve Thomas, Senior Consultant, Microsoft
App-V/MED-V/SCVMM/Server App-V/MDOP/AppCompat
http://blogs.technet.com/gladiatormsft/
The App-V Team blog: http://blogs.technet.com/appv/
The MED-V Team Blog: http://blogs.technet.com/medv
The SCVMM Team blog: http://blogs.technet.com/scvmm/
“This posting is provided "AS IS" with no warranties, and confers no rights. User assumes all risks.”Friday, October 25, 2013 2:57 AM