How to fix port(s) for AV Call

Toate mesajele

• 10 aprilie 2007 05:58

   

   
  

  0

  Hi,

  You should only have to open port 443 (probably opened already) and port 5061. Have you gone through the OCS Edge Server Deployment guide? There is a section in it  called Step 2.2 Configure Firewalls starting on page 22, that goes over the ports needed.

  I hope this helps.

   
• 13 aprilie 2007 09:21

   

   
  

  0

  Hi,

  When I have opened only ports which are on Figure 5, in Step 2 Set up Infrastructure for Edge Servers, page 19 (23)

  I have situation that when one user from inside, and one from outside Company want to "Start Call", or "Start Video Call" , they have messages:

  1. Message for Answering call

  2. After user click on "Accept Call", they have message "Connecting call" for few second,

  3. End call and after that windows for audio/video call is closed.

  In this situation I monitor this connection for internal user on ISA 2004, and I have dropped connection for different ports directly to IP address of External user.
  Internal OCS client try to connect directly to External user on different ports.

  When I open all outbound connection for internal users, internal and external users can connect with Audio or Video call. 
  

  Mario.

   

   
• 20 aprilie 2007 23:20

   

   
  

  0
  This can be configured using the "PortRange" registry keys: "HKLM\Software\Policies\Microsoft\Communicator\PortRange".
  
  Using the Enabled, MaxMediaPort and MinMediaPort values.  These can be configured manually, or as part of Group Policy using the communicator.adm.
  
  Settings are descibed in the communicator_2007_Group_Policy_Settings.xls in the public documentation.
   
• 23 aprilie 2007 12:47

   

   
  

  0

  Hi,

   

  Yes, resolution are in Group policy settings.

   

  Thank You Thom!

   

  Mario.

   
• 4 mai 2007 23:23

   

   
  

  0

  See the following table from the OCS Edge Deployment documentation.  It covers the ports used by the A/V Conferencing Edge Server for audio/video communications between an internal and an external client.  Note that you can reduce the range of ports that is opened but cannot change the starting port of that range.  See "Step 2.2" in the documentation for more information.

   

  Table 10 Firewall Settings for the A/V Edge Server

  Firewall	Policy Rules	Figure Mapping
  Internal	Local Port: 443 TCP (STUN/TCP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP address	12
  	Local Port: 5062 TCP (SIP/MTLS) Direction: Outbound (For authentication of A/V  users) Remote Port: Any Local IP:  The internal IP address of the A/V Edge Server. Remote IP: Any IP Address	13
  	Local Port: 3478 UDP (STUN/UDP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP Address Note: If you are using ISA Server as your firewall, you must configure the rule for send/receive.	14
  External	Local Port: 443 TCP (STUN/TCP) Direction: Inbound (for external users access to media and A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server Remote IP: Any IP Address	8
  	Local Port Range: 50,000-52,999 TCP (RTP /TCP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address. Remote IP: Any IP Address	9
  	Local Port: 3478 UDP (STUN/UDP) Direction: Inbound (for external users connecting to media or A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server Remote IP: Any IP Address Note: If you are using ISA Server as your firewall, you must configure the rule for send/receive.	10
  	Local Port Range: 50,000-52,999 UDP (RTP/UDP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address. Remote IP: Any IP Address	11

   
• 15 mai 2007 14:29

   

   
  

  0

  Good Morning

  I have the same problem.

  I can't find the PortRange registry key. I have intalled the ADM for communicator but i can't find the policy for the port range.

  Can you help me

  Many thanks.

  Luca

   
• 16 mai 2007 06:31

   

   
  

  0

  Hi Luca,

   

  If you import communicator.adm file in your Group policy, then you must expand Computer configuration, Administrative, Templates, Microsoft Office Communicator Feature Policies, and inside you will see Setting with name  "Specify dynamic port ranges".

   

  This is description:

  "Specifies the ranges of dynamically-allocated ports that Microsoft Office Communicator can use to transmit audio and video data using RTP. If you open specific ranges of ports on a firewall between two clients to allow the clients to communicate, this policy forces the clients to use ports in those ranges.

  Note: If you enable this policy setting, avoid creating RTP port ranges that overlap.

  If you enable this policy setting, both ranges must fall between 1024 and 65535 inclusive, in each range the minimum must be less than the maximum, and the RTP range must contain at least four ports (if the lowest port number in the range is even) or five ports (if the lowest port number in the range is odd). If you specify a range that violates one of these rules, Microsoft Office Communicator cannot use the SIP Communications Service.

  If you disable or do not configure this policy setting, Microsoft Office Communicator attempts to send and receive RTP data using ports selected at random throughout the range of 1024 to 65535 inclusive."

   

  When you enable and set this setting to e.g. Min. port range: 5350, Max port range: 5353, and you apply this GP to some computer with Office Communicator 2007, then when this GP will be allayed to computer they will have registry key.

   

  I hope this will help you.

   

  Regards,

  Mario.

   

   
• 16 mai 2007 08:34

   

   
  

  0

  Hi Mario and many thanks.

  I have imported the communicator.adm then i have find inside my material of OCS 2007 beta. But the poli for port range not is present. I can't find "Specify dynamic port ranges".  Where i can find it?

  Luca

   
• 16 mai 2007 12:45

   

   
  

  0

  I have find the policy in internet and now the voice comunicaztion function.

  Thanks vey much

  Luca

   
• 20 septembrie 2007 15:06

   

   
  

  0

  My followup question is a little different.

   

  I have opened all of the above ports on the firewall but I am not using an A/V edge server. When I connect via VPN everything works. Connect directly [w/o VPN] I get as far as answering the call on the and then it disconnects with an error about audio.

   

  Is there a way to get a single server instance of OCS to accept calls [using domain user accounts] form the outside without the use of an edge server?

   

   

   
• 20 martie 2009 23:19

   

   
  

  0
  So it appears most of our issues are with port forwarding at the user end and their Internet connection equipment (Linksys, Qwest M1000, etc.) and A/V not working.  Is there a solution for A/V that doesn't require us to upgrade firmware on Linksys and other end user equipment.  STUN and the NAT function on home LAN equipment appears to be an issue.