OCS AV edge server Media Relaying doesn't work RRS feed

  • Question




    I have an OCS 2007 enviroment with two servers. One Standard edition server and an edge server.

    The edge server is in the same lan as the internal interface of the edge server. The edge server has all the edge roles.

    The outside interface of the edge server has two (public) IP addresses, so that I could leave the port settings to their defaults.

    I can connect with MOC clients from my LAN to the standard server.

    and from the internet to the outside interface of the edge server. (i put the external servername in the client statically)


    I have a Video MCU, and I am able to make video calls into it from the LAN and from the internet, BUT only if the internet users are connected directly to the internet/. When they are behind NAT (and have private IP adresses) they can connect to my edge server, they can transmit video into the bridge, but their source addresses are not the IP address of the edge server but their Local addresses.


    It seems that media relaying is not working through the edge server.

    That bridge (which acts as a normal sip user) seems to be sending the data directly back to the internet clients. (it is not taking the edge server path)


    I'm completely lost here. Can anyone help me?


    Tuesday, September 30, 2008 6:58 PM


All replies

  • Are you using a custom Video MCU ?

    Seems that it is not completely compatible with OCS

    When doing audio/video to the internet SIP messages are sent with multiple IP Address candidates to connect to

    The first in the list is the local address of the internet client (so not possible if doing NAT to connect directly)

    Other addresses are in the list to connect to a port on the EDGE server instead of the client directly, so I guess this is not working correctly on the MCU or it does not know the concept


    Have a look how this should work in this guide

    Designing Your Perimeter Network for Office Communications Server 2007 White Paper




    Tuesday, September 30, 2008 9:17 PM
  • I am using a Codian 4515 MCU, and I can set it to use the Microsoft OCS dialect of SIP.

    I want to be able to have meetings with multiple video attendants all being able to see eachother.

    I understand that Microsoft OCS doesn't support this.


    Are you aware of any MCU's that do completely support OCS?

    Or is there a Microsoft solution to do what I want?


    But, when I connect two MOC Clients from two, let's say home networks,  they cannot do audio/video with each other. and from one client PC when I do a wireshark trace, the clients are trying to connect to each others local IP addresses.

    Isn't the media stream supposed to go through the Edge server?

    I hardly see any traffic going towards the Edge servers public IP address. in fact there is no traffic whatsoever to the external AV edge server's seperate Ip address

    shouldn't that happen?


    When one client is directly connetced to the internet, and another client is connected to a (home) lan  everything works just fine..



    Wednesday, October 1, 2008 8:35 AM
  • This is the SIP Invite message recieved by the MCU.



    -Line Value="INVITE sip:12345@;transport=tcp;ms-received-cid=5500 SIP/2.0 "
    -Line Value="ms-user-data: ms-publiccloud=true;ms-federation=true "
    -Line Value="Record-Route: <sip:Iep.visionsconnected.local;transport=tcp;ms-role-rs-to;ms-role-rs-from;lr>;tag=DE91E1A58550E0647DB9A480CF8FE8C8 "
    -Line Value="Via: SIP/2.0/TCP;branch=z9hG4bK45DCC1EA.B1CC5BE7;branched=FALSE "
    -Line Value="Max-Forwards: 68 "
    -Line Value="Content-Length: 1706 "
    -Line Value="Via: SIP/2.0/TLS;branch=z9hG4bK2B68586D.27AD27EA;branched=FALSE;ms-received-port=1248;ms-received-cid=5A00 "
    -Line Value="Via: SIP/2.0/TLS;received=;ms-received-port=1219;ms-received-cid=D00 "
    -Line Value="P-Asserted-Identity: "Gilbert Spoor"<sip:g.spoor@visionsconnected.nl> "
    -Line Value="From: "Gilbert Spoor"<sip:g.spoor@visionsconnected.nl>;tag=e0533b6537;epid=7c7058f95a "
    -Line Value="ms-edge-proxy-message-trust: ms-source-type=InternetUser;ms-ep-fqdn=den.visionsconnected.local;ms-source-verified-user=verified "
    -Line Value="To: <sip:12345@visionsconnected.local>;epid=SM000E25 "
    -Line Value="Call-ID: 06a783251a6b4c73a0517893de197f3f "
    -Line Value="CSeq: 1 INVITE "
    -Line Value="Contact: <sip:g.spoor@visionsconnected.nl;opaque=user:epid:XBMQFnXgYVeLBNsks3UoegAA;gruu> "
    -Line Value="User-Agent: UCCP/2.0.6362.0 OC/2.0.6362.0 (Microsoft Office Communicator) "
    -Line Value="Ms-Conversation-ID: AckjtWkNqO+nxmxuQhe8R6DmYeyhxA== "
    -Line Value="Supported: timer "
    -Line Value="Supported: ms-sender "
    -Line Value="Supported: ms-early-media "
    -Line Value="ms-keep-alive: UAC;hop-hop=yes "
    -Line Value="Supported: ms-conf-invite "
    -Line Value="Content-Type: application/sdp "
    -Line Value=" "
    -Line Value="v=0 "
    -Line Value="o=- 0 0 IN IP4 "
    -Line Value="s=session "
    -Line Value="c=IN IP4 "
    -Line Value="b=CT:99980 "
    -Line Value="t=0 0 "
    -Line Value="m=audio 20096 RTP/AVP 114 111 112 115 116 4 8 0 97 101 "
    -Line Value="k=base64Big SmilerOJryGLsEvtmQQAVflfHG8hfEjIj8MhCXsiCwyXh/UvIUCDuRENW02RMRHO "
    -Line Value="a=candidate:4/yWjR6dm+Xz79b4PCZPDOMTo47BlVsJTofwrciuL/E 1 Y0+TLyY86nSQloiM+zNLlw UDP 0.900 20096 "
    -Line Value="a=candidate:4/yWjR6dm+Xz79b4PCZPDOMTo47BlVsJTofwrciuL/E 2 Y0+TLyY86nSQloiM+zNLlw UDP 0.900 55680 "
    -Line Value="a=cryptoscale:1 client AES_CM_128_HMAC_SHA1_80 inline:wQbZLFbvieHJ+Zp7t5MK26MvQlUE8g4P0l5jlpKq|2^31|1:1 "
    -Line Value="a=crypto:2 AES_CM_128_HMAC_SHA1_80 inline:uWGPhd/EpkIsL/pFlwn2OoonWhU7Yg1YDwrvLRnO|2^31|1:1 "
    -Line Value="a=maxptime:200 "
    -Line Value="a=rtcp:55680 "
    -Line Value="a=rtpmap:114 x-msrta/16000 "
    -Line Value="a=fmtp:114 bitrate=29000 "
    -Line Value="a=rtpmap:111 SIREN/16000 "
    -Line Value="a=fmtp:111 bitrate=16000 "
    -Line Value="a=rtpmap:112 G7221/16000 "
    -Line Value="a=fmtp:112 bitrate=24000 "
    -Line Value="a=rtpmap:115 x-msrta/8000 "
    -Line Value="a=fmtp:115 bitrate=11800 "
    -Line Value="a=rtpmap:116 AAL2-G726-32/8000 "
    -Line Value="a=rtpmap:4 G723/8000 "
    -Line Value="a=rtpmap:8 PCMA/8000 "
    -Line Value="a=rtpmap:0 PCMU/8000 "
    -Line Value="a=rtpmap:97 RED/8000 "
    -Line Value="a=rtpmap:101 telephone-event/8000 "
    -Line Value="a=fmtp:101 0-16 "
    -Line Value="a=encryptionSurpriseptional "
    -Line Value="m=video 42112 RTP/AVP 121 34 "
    -Line Value="k=base64:kz5WYXMTXqcZUV/1hlR5X95icm7EZgWEemZ5oyN4L9A4ojk71iCB/qxZcIrr "
    -Line Value="a=candidate:rc2uhT7joZ98UG+3LeEZQzjwq9Z05kTkwnJ+xWGOvSE 1 E38oaU2kx3FdHn4qwS6vkA UDP 0.900 42112 "
    -Line Value="a=candidate:rc2uhT7joZ98UG+3LeEZQzjwq9Z05kTkwnJ+xWGOvSE 2 E38oaU2kx3FdHn4qwS6vkA UDP 0.900 55168 "
    -Line Value="a=cryptoscale:1 client AES_CM_128_HMAC_SHA1_80 inline:yqyOV2v4KdJPLZluFFvmkmQCo6gULWwD1RygtzK1|2^31|1:1 "
    -Line Value="a=crypto:2 AES_CM_128_HMAC_SHA1_80 inline:0CPaMTOaXP1yDFzdT98mNQ/6Qrbo2IvEBVICPxbJ|2^31|1:1 "
    -Line Value="a=maxptime:200 "
    -Line Value="a=rtcp:55168 "
    -Line Value="a=rtpmap:121 x-rtvc1/90000 "
    -Line Value="a=rtpmap:34 H263/90000 "
    Line Value="a=encryptionSurpriseptional "


    Wednesday, October 1, 2008 11:09 AM
  • It might be possible that your Firewall blocks the necessary ports on OCS EDGE Server

    You need for AV EDGE

    TCP 443

    UDP 3478

    both TCP and UDP 50000-59999


    Two clients connected from home network should also work perfectly and talk to OCS EDGE if they are behing a NAT router




    Wednesday, October 1, 2008 10:44 PM
  • There are no restrictions whatsoever between the internet and the edge server.

    In my firewall I have put a Permit Ip any any rule towards the edge server, which means that all ports are open.



    Thursday, October 2, 2008 7:56 AM
  • Maybe it is best to check all you settings with the EDGE Planning tool (that gives you all information about configuring the EDGE Server)





    Thursday, October 2, 2008 10:31 PM
  • Thank you very much, I'va managed to get it working by running the edge configuration wizard again. I changed the web conferencing edge ports to something different so that the other ports could run on their defaults. After that everything worked like a charm. I can use my Codian bridge for video mixing.


    I heard that OCS should be able to do multi percipient conferences(more than two). Does anybody know how to activate this?


    Best regards,


    A happy gilbert ;-)


    Friday, October 3, 2008 6:16 PM
  • Audio & Video Conferencing is enabled by default no need to enable anything!


    If you are referring to Live Meeting Conferencing then you need to check policies on the users if they have permissions to create meetings


    Friday, October 3, 2008 9:55 PM