I am having some trouble getting external user access to our office communication server. This is how it is setup:
Internal server: officecomm.mydomain.net (private ip) using a private certtificate from an internal CA
edge server: officecommedge.mydomain.com (public IP) public cert, ports 443,5061,50000-59999, and 3478 open officecommedge.mydomain.com (private IP)
Internally all chat is working. Externally officecommedge.mydomain.com resolves and I am able to telnet to 443 but not login.
The external clients are manually setup with a internal server of officecomm.mydomain.net, external server of officecommedge.mydomain.com:443 and TLS checked. On the external client event log I get this error:
Communicator was unable to resolve the dns hostname of the login server officecomm.mydomain.net
On my edge server i am getting this error in the event log:
a significant number of connection failures have occurred with remote server Unknown IP 172.21.4.xxx (this is my officecomm.mydomain.net server) failure type C3E93D68.
When I try to validate my officecomm.mydomain.com server i get these failures:
DNS Resolution succeeded: 167.142.xxx.xxx TLS connect succeeded: 167.142.xxx.xxx:5061 Routing trust check and MTLS connectivity: TlsTransport is not connected, State=Disconnected Suggested Resolution: Routing trust check and/or MTLS connection establishment failed. This is usually caused by the remote server not accepting the certificate presented by the current machine. Check the local and remote server certificates for any misconfiguration. In addition, check whether the local server is recognized as a trusted server by the remote server.
DNS Resolution succeeded: 167.142.xxx.xxx TLS connect succeeded: 167.142.xxx.xxx:5061 Routing trust check and MTLS connectivity: Timed Out Suggested Resolution: Routing trust check and/or MTLS connection establishment failed. This is usually caused by the remote server not accepting the certificate presented by the current machine. Check the local and remote server certificates for any misconfiguration. In addition, check whether the local server is recognized as a trusted server by the remote server.
Any advise to help me resolv this would be greatly appriciated, I assume there is a certificate or dns issue somewhere but unfortunatly those are not my strong points.