12-26-2011 06:41 AM - edited 03-17-2019 10:41 PM
Hi guys,
We have a Telepresence VCS starter pack express server and it was working great in our office on E2 dataline but now after moving it to a datacenter there is a problem with registering a Movi client to the VCS over the Internet.
The server setup now is this: VCS Starter pack - Firewall/Touter - Internet - Movi
The VCS is connected to LAN (internal datacenter network with one interface and is static NATed to the Internet with a router)
all ports are open in the firewall (inbound and outbound)
And here is the settings in the VCS:
Default Zone - Authentication Policy - Check Credential
Default Subzone - Authentication Policy - Threat as authenticated
Also here is the log of the Movi Registering attempt from the public network (Internet):
Dec 26 14:11:21 | tvcs: Event="Message Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Num-bytes="426" Level="4" UTCTime="2011-12-26 12:11:21,714" |
Dec 26 14:11:21 | tvcs: Event="Response Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Method="SUBSCRIBE" To="sip:provisioning@tele.med" Response-code="404" Level="3" UTCTime="2011-12-26 12:11:21,714" |
Dec 26 14:11:21 | tvcs: Event="Request Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Method="SUBSCRIBE" Request-URI="sip:mmostafa@tele.med" Level="3" UTCTime="2011-12-26 12:11:21,712" |
Dec 26 14:11:21 | tvcs: Event="Message Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Num-bytes="998" Level="4" UTCTime="2011-12-26 12:11:21,712" |
Dec 26 14:11:21 | tvcs: Event="Message Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Num-bytes="587" Level="4" UTCTime="2011-12-26 12:11:21,643" |
Dec 26 14:11:21 | tvcs: Event="Response Sent" Service="SIP" Src-ip="10.29.10.43" Src-port="5061" Dst-ip="41.130.193.41" Dst-port="59519" Protocol="TLS" Method="SUBSCRIBE" To="sip:provisioning@tele.med" Response-code="407" Level="3" UTCTime="2011-12-26 12:11:21,643" |
Dec 26 14:11:21 | tvcs: Event="Request Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Method="SUBSCRIBE" Request-URI="sip:mmostafa@tele.med" Level="3" UTCTime="2011-12-26 12:11:21,642" |
Dec 26 14:11:21 | tvcs: Event="Message Received" Service="SIP" Src-ip="41.130.193.41" Src-port="59519" Dst-ip="10.29.10.43" Dst-port="5061" Protocol="TLS" Num-bytes="661" Level="4" UTCTime="2011-12-26 12:11:21,642" |
Can any one help me in understanding why this happens?
Solved! Go to Solution.
12-26-2011 08:51 AM
Hi Moemen,
there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.
In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.
You can also find more information on this in the VCS Administrator's guide for X7.0.
Regards
Andreas
12-26-2011 08:51 AM
Hi Moemen,
there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.
In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.
You can also find more information on this in the VCS Administrator's guide for X7.0.
Regards
Andreas
12-26-2011 01:56 PM
Thanks Andreas for your prompt answer.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide