04-19-2017 03:52 AM - edited 03-18-2019 01:00 PM
What is the firewall the SRV record needs open for the VCS Cluster ???
VR
Chet
Solved! Go to Solution.
04-19-2017 08:44 PM
Make sure your firewall has all the inbound ports from the internet to DMZ that are listed in Appendix 3 of the VCS Basic Configuration (Control with Expressway) Deployment Guide. A breakdown of the DNS records and their ports are also covered in Appendix 2, similar to what's found in the cluster creation guide.
Something that can help in determining the issue is to enable logging on the endpoint:
04-19-2017 08:00 AM
Take a look at Appendix 2 of the VCS Cluster Creation and Maintenance Deployment Guides. Some like to create an SRV record for each individual VCS peer and use the priority and weights to specify the order they are to be used, while others only use a single SRV record for the VCS cluster FQDN which has an A record for each VCS peer and use DNS round robin to pick which one to use.
04-19-2017 08:17 PM
Patrick,
Thank you ... problem I am having is that the SRV record for the cluster has been working for many months but something happened a few weeks ago to one of the firewalls and whats happening is that VTC EP's trying to register to the VCS automatically are defaulting to my other peer. When I look at the logs it reflects the VTC system sending packets to the VCS inside the firewall on port 1719 a few attempts then I get the timeout period to long. What port is the SRV record need open on a firewall ??? I think there is something else going on and can't convince the firewall team that the issue appears to be there ... They think the problem is either my EP or the VCS but I have plenty of system inside the firewall registered and the EP's are registering that are outside the firewall are registering to other VCS's without any issues. Frustrating ...
04-19-2017 08:44 PM
Make sure your firewall has all the inbound ports from the internet to DMZ that are listed in Appendix 3 of the VCS Basic Configuration (Control with Expressway) Deployment Guide. A breakdown of the DNS records and their ports are also covered in Appendix 2, similar to what's found in the cluster creation guide.
Something that can help in determining the issue is to enable logging on the endpoint:
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide