locked
LCS 2005 EE SP1 - Cannot Connect Via Access Proxy --> Director ----> Enterprise Pool RRS feed

  • Question

  •  

    Thnaks Ram. I have one more issue here are the details:

     

    My Internal Domain name is different from external. I have to sign in user using external domain name.

    Clarification:

    Internal Domain = contoso.msft

    External Domain = northwindtraders.com

    User SIP URI = test1@northwindtraders.com

     

    Infrastructure:

    1) Created two enterprise pools using two sql instances. one for Enterprise User Home Pool and other is for the director with no users homes

    2) Deployed array of Enterprise Pool Servers and activated them with Enterprise User Home Pool

    3) Deployed array of Director servers based on LCS 2005 EE SP1 and activated them against Director Pool

    4) Deployed Access proxy server

     

    Certificates as follows:

    Enterprise Pool FQDN: epool01.contoso.msft

    Certificate Issued: epool01.contoso.msft

     

    Director Pool FQDN = dirpool.contoso.msft

    Certificate Issued = dirpool.northwindtraders.com

     

    Access Proxy (WorkGroup.Local) and DNS Suffix = northwindtraders.com

    Certificate for Internal: ap01.northwindtraders.com

    Certificate for External edge: sip.northwindtranders.com

     

    Ports:

    EPOOL01.contoso.msft = 5061 MTLS

    DIRPOOL.Northwindtraders.com = 5061 MTLS

    AP01.Northwindtraders.com 5061

    SIP.Northwindtraders.com = 5061

     

    Configuration:

    Forest Level:

    Federation = dirpool.northwindtraders.com - 5061

    Access Proxy = ap01.northwindtraders.msft

     

    EPOOL01

    Override Federation = Blank

     

    DIRPOOL

    Override Federation = ap01.northwindtraders.msft 5061

     

    Access Proxy

    Next Hop = dirpool.northwindtraders.msft

    Authorized Servers = Server FQDN for LCS Directors

     

    Public = listening on 5061 with remote access and federation allowed

    Private = listening on port 5061

     

    Issue

    1) Able to connect via communicator client using dirpool.northwindtraders.com (no issues)

    2) Cannot connect via Access Proxy (sip.northwindtraders.msft) tried every thing. It asks for user authentication but does not sign in

    3) Bypassed Director and configured Access Proxy next hop to backend EPool01.contoso.msft. Able to connect.

     

    Please advice what is missing when i connect via Access Proxy ====> Dirpool =====> EPool01

     

     

    Saturday, February 9, 2008 6:28 AM

All replies

  • Did you add the Director to the Host Authorization Table on your EPOOL01?  It's under the Properites for the Enterprise Pool.  Sounds like you have settings in place from AP to DIR, but might be missing the link between the DIR and EP.  Just my thoughts.  Let me know if you get this working.  Good luck.

    Wednesday, March 5, 2008 12:27 AM