Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
440
Views
0
Helpful
4
Replies

Office communicator SSL TLS hello packets are not reaching server through ASA 5540

NDP
Level 1
Level 1

‎11-13-2013 09:32 AM - edited ‎03-11-2019 08:04 PM

Hi All,

Need help to resolve one issue which is creating lot of problems in my organization.

One project is trying to share desktop over communicators. Project users use my orgnizantion communicator and clients use thier own communicator . This is successful from one location where our communicator sip servers are hosted. where as the other locations are unable to share thier desktops over communicator. Only the difference we have is , ASA 5540 is placed at non working locations. We permitted IP level access for projects teams still no luck

Micrrosoft confirmed below points

when users inititae share desktop users system will contact the client communicator server over 50K ports

if 50K ports are not successful , then user system will contact my orgnizantion communicator on SSL ports 443 with tls packets

here, the telnet is successful for our servers on ports 443

the Microsoft team confirmed that they are seeing SSL  TLS hello packets are generated by client but not reaching Server to pull all server lists .

Could you please confirm whether we need to enable any commands to resolve share desktop on office communicator R2 . As per Microsoft, the SSL TLS hello packets are not reaching servers where as the telnet connectivity is fine, we are not using content based firewalls.

Labels:
0 Helpful
4 Replies 4

jumora
Level 7
Level 7

‎11-13-2013 04:21 PM

Please detail with ASA show tech, IP addresses involved and any other detail what you see on the ASA logs.

Value our effort and rate the assistance!
0 Helpful

jumora
Level 7
Level 7
In response to jumora

‎11-14-2013 06:06 AM

The reason I am asking for the configuration, captures, logs is because there is no feature that needs to be enabled for pass through traffic.

Value our effort and rate the assistance!
0 Helpful

NDP
Level 1
Level 1
In response to jumora

‎11-15-2013 01:55 AM

Hi Jumora,

Sorry for the delayed response. We could not share the config due to internal security polcies :-( . we created a Cisco TAC to address it . I was just wondering if any command could resolve it :-) thanks for your spport

0 Helpful

NDP
Level 1
Level 1
In response to jumora

‎12-16-2013 03:56 AM

Hi Jumora,

Cisco has identified the issue .. that was not with ASA.. But, Cisco confirmed that The riverbed was stopping it and vendor changed some settings as per Cisco suggestion ,. And,.. it started working  :-)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card