Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1545
Views
0
Helpful
2
Replies

VCS Starter Pack in a datacenter (Behinde fixed NAT)

Go to solution
moemen.mostafa
Level 1
Level 1

‎12-26-2011 06:41 AM - edited ‎03-17-2019 10:41 PM

Hi guys,

We have a Telepresence VCS starter pack express server and it was working great in our office on E2 dataline but now after moving it to a datacenter there is a problem with registering a Movi client to the VCS over the Internet.

The server setup now is this:  VCS Starter pack - Firewall/Touter - Internet - Movi

The VCS is connected to LAN (internal datacenter network with one interface and is static NATed to the Internet with a router)

all ports are open in the firewall (inbound and outbound)

And here is the settings in the VCS:

Default Zone - Authentication Policy - Check Credential

Default Subzone - Authentication Policy - Threat as authenticated

Also here is the log of the Movi Registering attempt from the public network (Internet):

Dec 26 14:11:21

tvcs: Event="Message Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Num-bytes="426"   Level="4"   UTCTime="2011-12-26 12:11:21,714"

Dec 26 14:11:21

tvcs: Event="Response Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Method="SUBSCRIBE"   To="sip:provisioning@tele.med"   Response-code="404"   Level="3"   UTCTime="2011-12-26   12:11:21,714"

Dec 26 14:11:21

tvcs: Event="Request Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Method="SUBSCRIBE"   Request-URI="sip:mmostafa@tele.med"   Level="3"   UTCTime="2011-12-26   12:11:21,712"

Dec 26 14:11:21

tvcs: Event="Message Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Num-bytes="998"   Level="4"   UTCTime="2011-12-26 12:11:21,712"

Dec 26 14:11:21

tvcs: Event="Message Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Num-bytes="587"   Level="4"   UTCTime="2011-12-26   12:11:21,643"

Dec 26 14:11:21

tvcs: Event="Response Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Method="SUBSCRIBE"   To="sip:provisioning@tele.med"   Response-code="407"   Level="3"   UTCTime="2011-12-26   12:11:21,643"

Dec 26 14:11:21

tvcs: Event="Request Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Method="SUBSCRIBE"   Request-URI="sip:mmostafa@tele.med"   Level="3"   UTCTime="2011-12-26   12:11:21,642"

Dec 26 14:11:21

tvcs: Event="Message Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Num-bytes="661"   Level="4"   UTCTime="2011-12-26   12:11:21,642"

Can any one help me in understanding why this happens?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
awinter2
Level 7
Level 7

‎12-26-2011 08:51 AM

Hi Moemen,

there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.

In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.

You can also find more information on this in the VCS Administrator's guide for X7.0.

Regards

Andreas

View solution in original post

0 Helpful
2 Replies 2

Go to solution
awinter2
Level 7
Level 7

‎12-26-2011 08:51 AM

Hi Moemen,

there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.

In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.

You can also find more information on this in the VCS Administrator's guide for X7.0.

Regards

Andreas

0 Helpful

Go to solution
moemen.mostafa
Level 1
Level 1
In response to awinter2

‎12-26-2011 01:56 PM

Thanks Andreas for your prompt answer.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents