cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1652
Views
0
Helpful
2
Replies

VCS Starter Pack in a datacenter (Behinde fixed NAT)

moemen.mostafa
Level 1
Level 1

Hi guys,

We have a Telepresence VCS starter pack express server and it was working great in our office on E2 dataline but now after moving it to a datacenter there is a problem with registering a Movi client to the VCS over the Internet.

The server setup now is this:  VCS Starter pack - Firewall/Touter - Internet - Movi

The VCS is connected to LAN (internal datacenter network with one interface and is static NATed to the Internet with a router)

all ports are open in the firewall (inbound and outbound)

And here is the settings in the VCS:

Default Zone - Authentication Policy - Check Credential

Default Subzone - Authentication Policy - Threat as authenticated

Also here is the log of the Movi Registering attempt from the public network (Internet):

Dec 26 14:11:21

tvcs: Event="Message Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Num-bytes="426"   Level="4"   UTCTime="2011-12-26 12:11:21,714"

Dec 26 14:11:21

tvcs: Event="Response Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Method="SUBSCRIBE"   To="sip:provisioning@tele.med"   Response-code="404"   Level="3"   UTCTime="2011-12-26   12:11:21,714"

Dec 26 14:11:21

tvcs: Event="Request Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Method="SUBSCRIBE"   Request-URI="sip:mmostafa@tele.med"   Level="3"   UTCTime="2011-12-26   12:11:21,712"

Dec 26 14:11:21

tvcs: Event="Message Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Num-bytes="998"   Level="4"   UTCTime="2011-12-26 12:11:21,712"

Dec 26 14:11:21

tvcs: Event="Message Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Num-bytes="587"   Level="4"   UTCTime="2011-12-26   12:11:21,643"

Dec 26 14:11:21

tvcs: Event="Response Sent"   Service="SIP"   Src-ip="10.29.10.43"   Src-port="5061"   Dst-ip="41.130.193.41"   Dst-port="59519"   Protocol="TLS"   Method="SUBSCRIBE"   To="sip:provisioning@tele.med"   Response-code="407"   Level="3"   UTCTime="2011-12-26   12:11:21,643"

Dec 26 14:11:21

tvcs: Event="Request Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Method="SUBSCRIBE"   Request-URI="sip:mmostafa@tele.med"   Level="3"   UTCTime="2011-12-26   12:11:21,642"

Dec 26 14:11:21

tvcs: Event="Message Received"   Service="SIP"   Src-ip="41.130.193.41"   Src-port="59519"   Dst-ip="10.29.10.43"   Dst-port="5061"   Protocol="TLS"   Num-bytes="661"   Level="4"   UTCTime="2011-12-26   12:11:21,642"

Can any one help me in understanding why this happens?

1 Accepted Solution

Accepted Solutions

awinter2
Level 7
Level 7

Hi Moemen,

there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.

In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.

You can also find more information on this in the VCS Administrator's guide for X7.0.

Regards

Andreas

View solution in original post

2 Replies 2

awinter2
Level 7
Level 7

Hi Moemen,

there are multiple threads on this forum which explains the requirements for deploying a VCS in a private DMZ, which you can find by searching for 'VCS Static NAT'.

In short, when deploying the VCS-E in a statically NAT'ed environment, it is required to have the 'Dual network interfaces' option key on the VCS-E, as this key unlocks the static NAT functionality of the VCS-E.

You can also find more information on this in the VCS Administrator's guide for X7.0.

Regards

Andreas

Thanks Andreas for your prompt answer.