I have setup a single deployment scenario behind isa 2006 firewall acting as reverse proxy, I have two domains external : hostx.com and internal lcg.tv I created a certificate for the server with san names which includes internal and external domain names, the problem is when authenticating from external clients with the logon name @hostx.com I recieve signin problem, but when login with @lcg.tv I can sign in with no problems, I checked in live communication server on the properties of the forest that the hostx.com domain name is added. I don't know what is the problem.
How are your Communicator clients locating the Access Edge server? Are you using the _sip._tls SRV record or manually entering the FQDN in the Communicator configuration? When I ran queries against those domain names I did get an SRV record back for either one but I did see a sip.lcg.tv record, which could explain why those users are working. What are the subject and SAN FQDNs in your certificate?Mike Stacy | Evangelyze Communications | http://www.evangelyze.net/cs/blogs/mike