locked
Internal Desktop Sharing - Connection Problems

    Dotaz

  • Hi,,
    I have two subnets in my enviroment,

    subnet 1 (ocs 2007 R2 Enterprise Edition Server, Client A)
    subnet 2 (client B)

    When I try to initiate a remote desktop Session between Client A <---> Client B.
    Client B gets the notification that Client A wants to initiate a Session, port 5060/5061 of my Frontend server are reachable, though.
    But the 2 clients cannot connect to do a desktop sharing session.

    As far as I know is this a P2P connection, isn't it ?
    Which ports have to be open on my firewall ?

    Thanks
    3. srpna 2009 12:20

Odpovědi

  • Correct, the clients will attempt a Peer-to-Peer media session (Remote Desktop is RDP over SRTP).

    Once the clients establish a P2P session they will attempt to transmit media over dynamically addresses ports in the range of 1024-65535 UDP/TCP (technially I beleive only TCP is required for Desktop Sharing, UDP is used by Audio/Video).
    Take a look at the Office Communicator component in this table: http://technet.microsoft.com/en-us/library/bb870402.aspx

    Your best option is probably to limit (minimum of 20 ports) the Media Port Range (via GPO) in the OC client and then open just that range of ports on the firewall between subnets.
    Details for that can be found here: http://technet.microsoft.com/en-us/library/bb964029.aspx
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    • Označen jako odpověď g3ocs 4. srpna 2009 6:46
    3. srpna 2009 12:41
    Moderátor

Všechny reakce

  • Correct, the clients will attempt a Peer-to-Peer media session (Remote Desktop is RDP over SRTP).

    Once the clients establish a P2P session they will attempt to transmit media over dynamically addresses ports in the range of 1024-65535 UDP/TCP (technially I beleive only TCP is required for Desktop Sharing, UDP is used by Audio/Video).
    Take a look at the Office Communicator component in this table: http://technet.microsoft.com/en-us/library/bb870402.aspx

    Your best option is probably to limit (minimum of 20 ports) the Media Port Range (via GPO) in the OC client and then open just that range of ports on the firewall between subnets.
    Details for that can be found here: http://technet.microsoft.com/en-us/library/bb964029.aspx
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    • Označen jako odpověď g3ocs 4. srpna 2009 6:46
    3. srpna 2009 12:41
    Moderátor
  • Thank you Jeff,
    once again you saved my day!!!
    4. srpna 2009 6:46