locked
Internal Desktop Sharing - Connection Problems

    질문

  • Hi,,
    I have two subnets in my enviroment,

    subnet 1 (ocs 2007 R2 Enterprise Edition Server, Client A)
    subnet 2 (client B)

    When I try to initiate a remote desktop Session between Client A <---> Client B.
    Client B gets the notification that Client A wants to initiate a Session, port 5060/5061 of my Frontend server are reachable, though.
    But the 2 clients cannot connect to do a desktop sharing session.

    As far as I know is this a P2P connection, isn't it ?
    Which ports have to be open on my firewall ?

    Thanks
    2009년 8월 3일 월요일 오후 12:20

답변

  • Correct, the clients will attempt a Peer-to-Peer media session (Remote Desktop is RDP over SRTP).

    Once the clients establish a P2P session they will attempt to transmit media over dynamically addresses ports in the range of 1024-65535 UDP/TCP (technially I beleive only TCP is required for Desktop Sharing, UDP is used by Audio/Video).
    Take a look at the Office Communicator component in this table: http://technet.microsoft.com/en-us/library/bb870402.aspx

    Your best option is probably to limit (minimum of 20 ports) the Media Port Range (via GPO) in the OC client and then open just that range of ports on the firewall between subnets.
    Details for that can be found here: http://technet.microsoft.com/en-us/library/bb964029.aspx
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    • 답변으로 표시됨 g3ocs 2009년 8월 4일 화요일 오전 6:46
    2009년 8월 3일 월요일 오후 12:41

모든 응답

  • Correct, the clients will attempt a Peer-to-Peer media session (Remote Desktop is RDP over SRTP).

    Once the clients establish a P2P session they will attempt to transmit media over dynamically addresses ports in the range of 1024-65535 UDP/TCP (technially I beleive only TCP is required for Desktop Sharing, UDP is used by Audio/Video).
    Take a look at the Office Communicator component in this table: http://technet.microsoft.com/en-us/library/bb870402.aspx

    Your best option is probably to limit (minimum of 20 ports) the Media Port Range (via GPO) in the OC client and then open just that range of ports on the firewall between subnets.
    Details for that can be found here: http://technet.microsoft.com/en-us/library/bb964029.aspx
    Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    • 답변으로 표시됨 g3ocs 2009년 8월 4일 화요일 오전 6:46
    2009년 8월 3일 월요일 오후 12:41
  • Thank you Jeff,
    once again you saved my day!!!
    2009년 8월 4일 화요일 오전 6:46