A/V Authentication Edge Server: Could not contact A/V Authentication Edge Server RRS feed

  • Question




    I am trying to perform a validation on the AV configuration, but I receive this error


    A/V Authentication Edge Server: Could not contact A/V Authentication Edge Server.
    To resolve this error, check for the following
    1. The outbound proxy is reachable.
    2. The outbound proxy and A/V Authentication Edge Server are in trusted server list of each other.
    3. The outbound proxy and A/V Authentication Edge Server have valid certificates.
    4. Conference Server certificate is valid.
    5. A/V Authentication Edge Server Gruu is correct.


    My setup is as follows:

    Single Standard edition front end server

    Single Edge server running consolidated edge topology (all 3 edge servers on one box).

    Edge server has two physical nic cards.  One internal and one external.  The external interface has 3 publicaly routable IP address assigned.  one for each of the edge server roles.


    All other validation checks are successful.


    On a side note I had everything working on this hardware previously using internally generated certs.  I took the servers down, reloaded the OSs and purchased certificates from third party certification authority and now I have this problem.  Everything is configured exactly as it was before from the detailed notes I kept during the trial install.


    The reason I started looking at this is external conferences with audio/video are failing. The conference works, but the audio/video drops after a couple of seconds. Internal audio and video works fine


    Has anyone got any clue?





    Sunday, July 20, 2008 5:47 AM

All replies

  • I'll check following on the Edge server...


    And following on the OCS Server...


    If these settings are fine then I'd suggest to check the networking part.

    From OCS FE server, the internal interface of the AV Edge FQDN should only resolve to the internal interface IP Address of the Edge Server.
    The AV authentication service is litening at 5062. and if you have changed the IP Addresses then ensure that you do have right firewall configuration at place (as per following diagram).


    Just changing to the public certificate will not make any difference provided the certificate still has proper subject name.

    R. Kinker
    MCSE 2003 (Messaging), MCTS - LCS 2005, MCTS - OCS 2007
    Sunday, July 20, 2008 7:19 AM
  • I have followed those links above and still have the same issue. Where you able to get to the bottom of this problem.


    I have two servers, edge services running on a server in my DMZ and OCS running internal.


    Two interfaces on the edge server one public IP on ext_if and one private on int_if. I have firewall off for the internal interface for testing.


    I have tried many different configuration, I am using one without a director now.

    Thursday, July 24, 2008 5:05 PM