Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Micollab with external MBG in DMZ 1

Status
Not open for further replies.
voipneerd

voipneerd

Vendor
Mar 12, 2012
157
0
16
SA
Hi All
I set up a Micollab with external MBG in DMZ. Noth MBG internal/External is in sync.
Add the internal Domain to the domain list on the external MBG
add the external MBG under client deployment MBG and It's connected successfully
Micollab clients can register with the Micollab server but there is No Audio at all
When I use the Teleworker analyzer from outside it's showing all ports are closed. I speak with the customer IT and he told me that all ports are open and it's blocked on the External MBG side. As I know ports required for teleworker and Micollab are open by default on MBG

Any thought's where to lock for troubleshooting this

Thanks in advance
 
Sort by date Sort by votes
DMZ setup is always tricky as NATing is involved.
99.9 % of the time, the issue will be firewall related for this setup.

You are correct when you said that the required ports have already been opened on the MBG end.
This depends on the mode in which the MBG is set-up of course.

When you said External MBG side, are you meaning the MBG within the DMZ network?
And Internal MBG is the MiCollab MBG in the LAN, and I will assume these to be clustered and in sync.

The fact that the MiCollab can register, means that certain ports are allowed - e.g. 36008
And because SIP registration uses the same ports for SIP RTP which is UDP 5060/5061, one can say that this is also open.
You can run a trace on the MBG in DMZ to check the direction of traffic.

I believe traffic in and out is not correct, possibly due to incorrect firewall routing or NAT.
I suppose you should ensure that the traffic rule "route in = route out" should be maintained during and after NAT.

In your MBG profile, try Custom Mode, and set the Set-side Streaming IP address as the Public IP from the DMZ.






Clever men learns what Wise men shares!
 
Upvote 0 Downvote
Double check your network settings. Use Custom Mode for your network profile, and put your external IP in the Set-site override address. Are you using UDP or TCP/TLS for your SIP connections? Try using TCP/TLS (port 5061), lots of stuff blocks UDP 5060 by default and can be a pain to get opened up.
 
Upvote 0 Downvote
Also ask if their firewall has SIP ALG enabled.... I have almost never seen that actually help any form of a SIP setup.

On the MBG make sure that the MiCollab Client connector is enabled under:
- Teleworking
- Application integration
- MiCollab Client

Finally make sure that there is a valid certificate on the MBG for your external DNS...

Best of luck!
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

danramirez
  • Question
MiCollab/Teams Integration
Replies
1
Views
223
SXWizard
SXWizard
sebjenkins
  • Question
MiCollab audio issues with IVR
Replies
1
Views
182
Billz66
Billz66
SNJQuintin
  • Question
MiCollab Handoff Fails
Replies
8
Views
233
Lundah
Lundah
bojo3871
  • Question
MBG Teleworker license needed for SRC Recording?
Replies
2
Views
126
bojo3871
bojo3871
danramirez
  • Locked
  • Question
MiCollab Client for PC
Replies
3
Views
116
Billz66
Billz66

Part and Inventory Search

Sponsor

Back
Top