I am very confuse setting up my OCS edge server to do public IM
I have one server hosting public IM, Webcon, and AV.
I have external dns im.domain.com for public interface, conferencing.domain.com for webcon and av.domain.com for AV
remote users can connect without a problem, but federation is not working.
I am trying to configure an ENTCert and I get confuse.
For the private interface I am using servername.damain.com for SN and SAN I'm using sip.domain.com
For access edge server public interface I am using im.domain.com for SN and this is where I get confuse. I want use sip.domain.com and the server.domain.com, conferencing.domain.comMonday, December 21, 2009 3:46 PM
Ideally you should just configure sip.domain.com as your Access Edge external FQDN and then populate the Access Edge certificate SN field with just that field. Unless you have multiple SIP domains there is no need for a SAN field unless you are attempting to use the same certificate for all external roles, which is not the preferred configuration.
Take a look at this blog article for more details on the Edge Server certificate requirements: http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=79
Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCS
Monday, December 21, 2009 6:00 PMModerator
- Proposed as answer by Jeff SchertzMVP, Moderator Tuesday, December 22, 2009 1:41 PM
Technically the name you selected will work, so we'd need more details on what specifically isn't working and the errors you get in order to figure out what the root cause is.
Jeff Schertz, PointBridge | MVP | MCITP: Enterprise Messaging | MCTS: OCSMonday, December 21, 2009 6:44 PMModerator
TLS handshake failed: 188.8.131.52:5061 Error Code: 0x80131500 Remote disconnected while outgoing tls negotiation was in progress Failure
[0xC3FC200D] One or more errors were detectedTuesday, December 22, 2009 2:45 PM