locked
Two load balanced OCS 2007 pools fail two party IM validation- but clients still can communicate? RRS feed

  • Question

  •  

    I have a ocs2007 director; an lcs2005sp1 standard edition server; and two separate pools -- ocspoldev1.contoso.com (physical host ocspoldev1a.contoso.com)  and ocospoldev2.contoso.com (physical host ocspoldev2a.contoso.com)... the pool vips ocspoldev1.contoso.com and ocspoldev2.contoso.com are homed on a Cisco CSM hardware load balancer.  The lcs server isn't load balanced. 

     

    When I run my validation from either of my front end server in either pool or the front end server on my OCS director – everything passes except for the two user connectivity.  I receive an error “Security association encoded into the route set has not yet been fully established” error.  However, I can have two clients log into each pool and still communicate with each other…and my users on the LCS server can talk to both pools......so I’m not sure what’s broken. Obviously in my error below I replaced my domain with conotoso.com and blanked out the beginnig of my IP addresses and changed my usernmaes Smile

     

    Maximum hops: 3
    Received a failure SIP response: User sip:user1@contoso.com @ Server ocspoldev1.contoso.com
    Received a failure SIP response: [
    SIP/2.0 500 The server encountered an unexpected internal error
    FROM: "S, User2"<sip:user2@contoso.com>;tag=dc86697225f4a77b8c5;epid=epid01
    TO: <sip:user1@contoso.com>;epid=epid11;tag=B6D29F58E3DFA68AC1CF3BB279895194
    CSEQ: 17 INVITE
    CALL-ID: 66d43e79fbef4859bdcf575388b59a1f
    VIA: SIP/2.0/TLS xxx.xx.7.155:1341;branch=z9hG4bKb74a78df;received=xxx.xx.12.215;ms-received-port=23991;ms-received-cid=52600
    CONTENT-LENGTH: 0
    AUTHENTICATION-INFO: NTLM rspauth="01000000000000009EBC007514BC77BA", srand="917AFC05", snum="3", opaque="B0868CED", qop="auth", targetname="ocspoldev1a.contoso.com", realm="SIP Communications Service"
    ms-diagnostics: 1;reason="Service Unavailable";source="ocspoldev2a.contoso.com";ErrorType="Security association encoded into the route set has not yet been fully established";HRESULT="C3E93C2F(SIPPROXY_E_UNKNOWN_USER_OR_EPID)"

    ]

    Suggested Resolution: Use the maximum hop count to determine the server that generated this error. For example, if the maximum hop value is 2, then it is likely that this error was generated by a server that is 1 (immediate target) or 2 hops away. Check whether the target user is a valid user and that the target user domain is trusted by the source user's pool. Check the connectivity between the source and target pools.
    Attempting to establish SIP dialog: Processing failed as one or more steps did not complete successfully

     

     

    So I'm not sure what the error is really about? Obviously I should care - but I'm not sure what I'm running down here....

    Wednesday, August 6, 2008 2:03 PM

All replies

  • Chad:

     

    i am also seeing this with a much simpler installation with a single SE OCS server talking only to itself with both users being part of that one OCS install.  it also says 3 hops and then fails, but little information as to what those 3 hops are.  Have you found anything further?

     

    Thanks.

     

    Chris

     

    Tuesday, August 12, 2008 5:33 PM
  • Hi Guys,

    I am having the same issue, did you manage to find a resolution? for this problem?

    S
    Monday, September 8, 2008 12:47 PM
  • I'm getting this same error in an Enterprise Consolidated pool (with 2 FE servers and a load-balancer VIP) when I run the Validation Wizard. Microsoft, any help hear would be appreciated!

    Wednesday, November 5, 2008 11:22 PM