locked
I have Limited external calling RRS feed

  • Question

  • Hi,

     

    In the communicator i get a message limited external calling. When i validate my standaard edition server i get this message:

    Code Snippet

    WMI Class MSFT_SIPDomainData   WMI Class Path: \\OCS07-SRV1\root\cimv2:MSFT_SIPDomainData
    WMI Instance Path: \\OCS07-SRV1\root\cimv2:MSFT_SIPDomainData.InstanceID="{69D9DBD0-FF96-7843-9F9A-0DC6FAE7B3E4}"
    Address (String): ishandig.nl
    Authoritative (Boolean): False
    DefaultDomain (Boolean): True
    InstanceID (String): {69D9DBD0-FF96-7843-9F9A-0DC6FAE7B3E4}
      Success

    Checking federation settings   Default outgoing route for federation: None available
    Suggested Resolution: Federation is enabled at the forest level. However, no global or default federation servers are available. Ensure that these settings point to a valid server and that the server is running.
      Failure
    [0xC3FC200D] One or more errors were detected
    Checking global federation route   Global Federation Route: OCS07-SRV2.ishandig.nl
      Failure
    [0xC3FC200D] One or more errors were detected
    Global Federation Route OCS07-SRV2.ishandig.nl   DNS Resolution succeeded: 192.168.150.3
    TLS connect failed due to incorrect remote subject name: 192.168.150.3:5061 Error Code: 0x80090322 outgoing TLS negotiation failed; HRESULT=-2146893022
      Failure
    [0xC3FC200D] One or more errors were detected
    Checking local federation route   Local Federation Route: OCS07-SRV2.ishandig.nl
      Failure
    [0xC3FC200D] One or more errors were detected
    Local Federation Route OCS07-SRV2.ishandig.nl   DNS Resolution succeeded: 192.168.150.3
    TLS connect failed due to incorrect remote subject name: 192.168.150.3:5061 Error Code: 0x80090322 outgoing TLS negotiation failed; HRESULT=-2146893022
      Failure
    [0xC3FC200D] One or more errors were detected
    Checking static routes       Success
    WMI Class MSFT_SIPRoutingTableData   WMI Class Path: \\OCS07-SRV1\root\cimv2:MSFT_SIPRoutingTableData
    WMI Instance Path: \\OCS07-SRV1\root\cimv2:MSFT_SIPRoutingTableData.Backend="(local)\\rtc",InstanceID="{6B962EF2-20EF-471C-B95B-323B37A0F0EA}"
    Backend (String): (local)\rtc
    Enabled (Boolean): True
    InstanceID (String): {6B962EF2-20EF-471C-B95B-323B37A0F0EA}
    MatchURI (String): SIP:*@ishandig.nl
    NextHop (String): lbg1.ishandig.nl
    NextHopPort (UInt32): 5061
    NextHopTransport (String): TLS
    ReplaceHostInRequestURI (Boolean): False
    TLSCertIssuer (UInt8): [NULL]
    TLSCertSN (UInt8): [NULL]
      Success
    Static route lbg1.ishandig.nl       Success
    lbg1.ishandig.nl   DNS Resolution succeeded: 192.168.250.3
    TLS connect succeeded: 192.168.250.3:5061
      Success
    Checking all trusted servers       Failure
    [0xC3FC200D] One or more errors were detected
    Global Federation Route OCS07-SRV2.ishandig.nl   DNS Resolution succeeded: 192.168.150.3
    TLS connect failed due to incorrect remote subject name: 192.168.150.3:5061 Error Code: 0x80090322 outgoing TLS negotiation failed; HRESULT=-2146893022
      Failure
    [0xC3FC200D] One or more errors were detected
    Local Federation Route OCS07-SRV2.ishandig.nl   DNS Resolution succeeded: 192.168.150.3
    TLS connect failed due to incorrect remote subject name: 192.168.150.3:5061 Error Code: 0x80090322 outgoing TLS negotiation failed; HRESULT=-2146893022
      Failure
    [0xC3FC200D] One or more errors were detected
    Internal Server OCS07-SRV1.ishandig.nl   DNS Resolution succeeded: 192.168.150.2
    TLS connect succeeded: 192.168.150.2:5061
    Routing trust check and MTLS connectivity: Succeeded
      Success
    Attempting to send a CCCP HTTP request https://OCS07-SRV1.ishandig.nl:444/LiveServer/Focus   Received a successful HTTP response: HTTP Response: 200
    Content-Length:0
    Date:Sat, 23 Jun 2007 18:47:43 GMT
    Server:Microsoft-HTTPAPI/1.0

    Received a successful HTTP response: OK
      Success
    Check user logon       Failure
    [0xC3FC200D] One or more errors were detected
    Attempting to login user using Kerberos   Maximum hops: 2
    Failed to register user: User sip:rob.janssen@ishandig.nl @ Server
    Failed to send SIP request: No connection could be made because the target machine actively refused it
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. This can be ignored if you have not enabled the transport on the target server.
      Failure
    [0xC3FC200D] One or more errors were detected
    Attempting to login user using NTLM   Maximum hops: 2
    Failed to register user: User sip:rob.janssen@ishandig.nl @ Server
    Failed to send SIP request: No connection could be made because the target machine actively refused it
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. This can be ignored if you have not enabled the transport on the target server.
      Failure
    [0xC3FC200D] One or more errors were detected
    Attempting to login user using Kerberos   Maximum hops: 2
    Failed to register user: User sip:maik.bruin@ishandig.nl @ Server
    Failed to send SIP request: No connection could be made because the target machine actively refused it
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. This can be ignored if you have not enabled the transport on the target server.
      Failure
    [0xC3FC200D] One or more errors were detected
    Attempting to login user using NTLM   Maximum hops: 2
    Failed to register user: User sip:maik.bruin@ishandig.nl @ Server
    Failed to send SIP request: No connection could be made because the target machine actively refused it
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. This can be ignored if you have not enabled the transport on the target server.
      Failure
    [0xC3FC200D] One or more errors were detected
    Check two-party IM    Check two-party IM: Skipped due to user registration failure
      Failure
    [0xC3FC200D] One or more errors were detected
    Test Conference    Error: Conference servers or pools are not specified. Please disable client auto-logon and specify valid conference servers or pools for both users.
      Failure
    [0xC3FC200D] One or more errors were detected

     

     

     

    Saturday, June 23, 2007 5:57 PM

Answers

  • Hi Helly,

    It looks like you have some certificate issues:

    :"TLS connect failed due to incorrect remote subject name:"

     

    Can you verify your certificate configuration?
    Friday, July 13, 2007 9:42 PM

All replies

  • And on my external server i get this error:

     

    Code Snippet
    Check user logon       Failure
    [0xC3FC200D] One or more errors were detected
    Attempting to login user using NTLM   Maximum hops: 2
    Failed to register user: User sip:maik.bruin@ishandig.nl @ Server
    Failed to send SIP request: No connection could be made because the target machine actively refused it
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. This can be ignored if you have not enabled the transport on the target server.
      Failure
    [0xC3FC200D] One or more errors were detected
    Attempting to login user using NTLM   Maximum hops: 2
    Failed to register user: User sip:rob.janssen@ishandig.nl @ Server
    Failed to send SIP request: No connection could be made because the target machine actively refused it
    Suggested Resolution: Make sure that the server is listening on the specified IP address/Port/Transport. If you have a firewall make sure that this port is open. Make sure that the server is running. This can be ignored if you have not enabled the transport on the target server.
      Failure
    [0xC3FC200D] One or more errors were detected
    Check two-party IM    Check two-party IM: Skipped due to user registration failure
      Failure
    [0xC3FC200D] One or more errors were detected

     

    Saturday, June 23, 2007 6:08 PM
  • Hi Helly,

    It looks like you have some certificate issues:

    :"TLS connect failed due to incorrect remote subject name:"

     

    Can you verify your certificate configuration?
    Friday, July 13, 2007 9:42 PM
  • Can you give more information about your setup and configuration? What doyou have installed? What works? What does not work?
    Friday, July 13, 2007 9:43 PM


  • Hi Thom,

    This is Mustan here and i am getting the same error... I am installing Ms-Communicator for my internal  domain users ( with out internet/exchange)  for IM and conference facility.

    while connectivity/signing into my domain thru office communicator .. its prompt error saying "There was a problem verifying the certificate from the server. Please contact your system administrator".

    can u help me out plzzz???

    regards,
    Mustan Aziz

    <!--[if !vml]--><!--[endif]-->
    <!--[if !vml]--><!--[endif]-->
    Tuesday, January 15, 2008 12:23 PM
  • Hi,

     

    This is very likely due to a mismatch between the *internal* FQDN of your edge server and the subject of the certificate on this *internal* certificate. re-run the 'certificates' wizard and choose/generate a corresponding certificate (under the same CA as the pool, or a CA trusted by the pool servers) and assign it to the internal interface of the edge server.

     

    FWIW, Erik

     

    Tuesday, January 15, 2008 2:20 PM
  • Hi Mustan,

     

    It seems you have a different problem. This is very likely due to a mismatch between the *EXternal* FQDN of your edge server and the subject of the certificate on this *EXternal* certificate.

    You could also re-run the 'certificates' wizard and choose/generate a corresponding certificate (under the same CA as the pool, or a CA trusted by the pool servers) and assign it to the internal interface of the edge server. Make sure the subject or subjaltname contains the *EXternal* FQDN of your edge server

     

    FWIW, Erik

    Tuesday, January 15, 2008 2:22 PM