Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Micollab with external MBG in DMZ 1

Status
Not open for further replies.

voipneerd

Vendor
Mar 12, 2012
161
SA
Hi All
I set up a Micollab with external MBG in DMZ. Noth MBG internal/External is in sync.
Add the internal Domain to the domain list on the external MBG
add the external MBG under client deployment MBG and It's connected successfully
Micollab clients can register with the Micollab server but there is No Audio at all
When I use the Teleworker analyzer from outside it's showing all ports are closed. I speak with the customer IT and he told me that all ports are open and it's blocked on the External MBG side. As I know ports required for teleworker and Micollab are open by default on MBG

Any thought's where to lock for troubleshooting this

Thanks in advance
 
DMZ setup is always tricky as NATing is involved.
99.9 % of the time, the issue will be firewall related for this setup.

You are correct when you said that the required ports have already been opened on the MBG end.
This depends on the mode in which the MBG is set-up of course.

When you said External MBG side, are you meaning the MBG within the DMZ network?
And Internal MBG is the MiCollab MBG in the LAN, and I will assume these to be clustered and in sync.

The fact that the MiCollab can register, means that certain ports are allowed - e.g. 36008
And because SIP registration uses the same ports for SIP RTP which is UDP 5060/5061, one can say that this is also open.
You can run a trace on the MBG in DMZ to check the direction of traffic.

I believe traffic in and out is not correct, possibly due to incorrect firewall routing or NAT.
I suppose you should ensure that the traffic rule "route in = route out" should be maintained during and after NAT.

In your MBG profile, try Custom Mode, and set the Set-side Streaming IP address as the Public IP from the DMZ.






Clever men learns what Wise men shares!
 
Double check your network settings. Use Custom Mode for your network profile, and put your external IP in the Set-site override address. Are you using UDP or TCP/TLS for your SIP connections? Try using TCP/TLS (port 5061), lots of stuff blocks UDP 5060 by default and can be a pain to get opened up.
 
Also ask if their firewall has SIP ALG enabled.... I have almost never seen that actually help any form of a SIP setup.

On the MBG make sure that the MiCollab Client connector is enabled under:
- Teleworking
- Application integration
- MiCollab Client

Finally make sure that there is a valid certificate on the MBG for your external DNS...

Best of luck!
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top