Timed out waiting for client to present validation cookie

All replies

• 

  

  0

  Sign in to vote

  This is defenitely a firewall issue... when I try to connect from a client via Edge in the DMZ I can connect to Life Meeting directly.

   

  With the firewall in between I get the error above. What other ports should be open then 5061, 443, 444?

   

  /Thomas

  Wednesday, August 15, 2007 3:28 PM
• 

  

  0

  Sign in to vote

  I was right that it is a firewall issue. Live Meeting wants to connect over port 80 to verify the certificate by reaching my certiciate server. So it is not connecting on the external OCS FQDN via the reverse proxy but it tries to get access via the external and then the internal firewall to check the authorization.
  
  Strange because this never has been documented in the  Edge  Server deployment guide.
  
  
  Anyway after allowing connects on port 80 on both firewalls I got rid of the error above. Live Meeting is logging on now via Edge.
  
  Is there any clarification for the fact that Live Meeting also connects over port 80? Could it because of any certificate server mentioned in my root certificate?
  
  /Thomas
  

  Saturday, August 18, 2007 10:31 AM
• 

  

  0

  Sign in to vote

  Ok, I am getting the same thing.  So on your external firewall...where did you allow port 80 traffic to go to....the Web Conferencing Edge Server or the External interface of your back end firewall?  Also where did you allow port 80 traffic to go to from your Internal firewall....the CA sitting on the internal network? 

  Thursday, April 17, 2008 8:09 PM
• 

  

  0

  Sign in to vote

  I was directing it to my certificate server. This is of course not the way it should be implemented but it helped until I implemented public certificates on the edge interfaces
  

  Monday, April 21, 2008 6:03 PM
• 

  

  0

  Sign in to vote

  Hi,
  
  as soon as I configured webconf edge server role to listen on port 443 on the external NIC public IP, the machine started to get such errors in the event log. I thought that this is just some random traffic from the public internet, probing my public IP and port 443 to connect via the web browser or similat. But after reading your post, I am not so confident now
  
  Anyway, did you trace your own client connecting to livemeeting from external network, and that trace shows a port 80 probe from livemeeting client? I am not sure, why  the event log says (recognizes?) event source as web conferencing edge, if it has nothing to do / not bound to port 80, only to port 443?
  

  Sunday, April 27, 2008 4:42 PM
• 

  

  0

  Sign in to vote

  No it has something to do with the fact that I have not used public certificates on my accessedge interfaces. All my external clients have the root certificate installed on the client PC. I was tracing traffic on the Cisco ASA and MS ISA firewall and found out that port 80 was blocked. After further investigation I concluded that external clients were trying to resolve the internal certificate server.
  
  If you use certificates from a public CA you should not get thes errors.
  
  /Thomas
  

  Monday, May 5, 2008 12:07 PM
• 

  

  0

  Sign in to vote

  The interesting fact is, that we have a valid public certificate since the beginning.
  

  Sunday, May 11, 2008 7:20 PM
• 

  

  0

  Sign in to vote

  Interesting. Have you been able to trace your network traffic ?
  

  Tuesday, May 13, 2008 11:55 AM
• 

  

  0

  Sign in to vote

  Hi Guys,
  
  I had the same issue, and found the solution to be clock difference.
  
  see this post
  http://www.remoteitservices.com/content/ocs-web-conferencing-edge-problem
  

  ---

  Ayman Abu_qutriyah

  Monday, June 15, 2009 11:27 AM