AV Edge server validation errors

All replies

• 

  

  0

  Sign in to vote

  Should have guessed shouldn't I.
  
  Reboot the firewall and it all works
  
  Grrrrrrrr
  
  Dave
  

  Wednesday, February 20, 2008 10:17 PM
• 

  

  0

  Sign in to vote

  I am facing exactly the same issue at a customer. AV validation doesnt succeed, it timeouts during the "Sending allocate without authentication for transport TCP" and in wireshark I see first UDP STUN response the same as yours (however, next 2 STUN response packets contain no error).
  
  I hope that the ISA restart may solve my issue also.
  
  Update: The issue may also happen, if the edge server is not configured in a supported way, for example: a single network card with the 2 IP address (external and internal) that are in the same subnet (ex. 10.0.0.10 and 10.0.0.11), so responses may not coming back from the good IP (the IP that the OCS expects to see) -> you can check these in STUN response packets, they contain different IP as the source then the IP address in the UDP packet header.
  Other problem may happen, if external IP is not a valid public IP (as in this case the 10.0.0.xxx is not a valid public IP)
  

  Tuesday, April 29, 2008 9:12 AM
• 

  

  0

  Sign in to vote

  I had this same problem but did things a little different.
  
  In my case the problem was recognized when I introduced a new standard edition R2 server.
  
  I went to the Edge server and added the new server to the authorized internal OCS servers on the edge server. I am not sure if i didn't give the edge server time to replicate but that did not work, so I ran through the configuration wizard and just accepted all defaults and then this problem was resolved (maybe services got restarted). Anyways just wanted to post in case someone else was having this problem.

  ---

  Jay

  Tuesday, June 23, 2009 1:12 PM