12-26-2011 06:41 AM - edited 03-17-2019 10:41 PM
Hi guys,
We have a Telepresence VCS starter pack express server and it was working great in our office on E2 dataline but now after moving it to a datacenter there is a problem with registering a Movi client to the VCS over the Internet.
The server setup now is this: VCS Starter pack - Firewall/Touter - Internet - Movi
The VCS is connected to LAN (internal datacenter network with one interface and is static NATed to the Internet with a router)
all ports are open in the firewall (inbound and outbound)
And here is the settings in the VCS:
Default Zone - Authentication Policy - Check Credential
Default Subzone - Authentication Policy - Threat as authenticated
Also here is the log of the Movi Registering attempt from the public network (Internet):
Dec 26 14:11:21 | tvcs: Event="Message Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Num-bytes="426" Level="4" UTCTime="2011-12-26 12:11:21,714" |
Dec 26 14:11:21 | tvcs: Event="Response Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Method="SUBSCRIBE" To="sip:provisioning@tele.med" Response-code="404" Level="3" UTCTime="2011-12-26 12:11:21,714" |
Dec 26 14:11:21 | tvcs: Event="Request Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Method="SUBSCRIBE" Request-URI="sip:mmostafa@tele.med" Level="3" UTCTime="2011-12-26 12:11:21,712" |
Dec 26 14:11:21 | tvcs: Event="Message Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Num-bytes="998" Level="4" UTCTime="2011-12-26 12:11:21,712" |
Dec 26 14:11:21 | tvcs: Event="Message Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Num-bytes="587" Level="4" UTCTime="2011-12-26 12:11:21,643" |
Dec 26 14:11:21 | tvcs: Event="Response Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Method="SUBSCRIBE" To="sip:provisioning@tele.med" Response-code="407" Level="3" UTCTime="2011-12-26 12:11:21,643" |
Dec 26 14:11:21 | tvcs: Event="Request Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Method="SUBSCRIBE" Request-URI="sip:mmostafa@tele.med" Level="3" UTCTime="2011-12-26 12:11:21,642" |
Dec 26 14:11:21 | tvcs: Event="Message Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Num-bytes="661" Level="4" UTCTime="2011-12-26 12:11:21,642" |
Can any one help me in understanding why this happens?
Solved! Go to Solution.
12-26-2011 08:51 AM
Hi Moemen,
there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.
In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.
You can also find more information on this in the VCS Administrator's guide for X7.0.
Regards
Andreas
12-26-2011 08:51 AM
Hi Moemen,
there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.
In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.
You can also find more information on this in the VCS Administrator's guide for X7.0.
Regards
Andreas
12-26-2011 01:56 PM
Thanks Andreas for your prompt answer.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: