Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Remote Equinox (IX Workplace)

Status
Not open for further replies.
shermosillo

shermosillo

Vendor
Jun 15, 2012
77
US
I am attempting to get remote IX Workplace apps connected thru SBC to IPO. I have followed the document. Connection from the app is failing. I can telnet to the FQDN on port 5061 and get packet captures from the SBC. If I attempt to connect with the app ( I don't get any packet captures from the SBC. My understanding is that the app needs to retrieve the 46xxsettings.txt file from the IPO. I believe I need port 443 open on the firewall and that should forward to the SBC, correct?
 
Sort by date Sort by votes
First thing that stands out is connection to the SBC is port 222 and shouldn't be allowed from the B1 interface. That would laugh in the face of the security it is trying to deploy. No kind of mnanagemtn should work from the B1.

There are docs on the Avaya site on how to configure ASBCE. It is a mine field though.

IX needs 5060/5061 (or other SIP port), 443 and RTP pors.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
Application relay for ports 80 and 443 to the IP Office.

Stuck in a never ending cycle of file copying.
 
Upvote 0 Downvote
Thanks for the response. So, I am looking at the SBC document and I found the info on Reverse Proxy for File Server. On the Listen IP setting, it states "The IP address must be different from the IP address used for SIP signaling and media interface". Do i need to use a different B interface? That doesn't sound correct?
 
Upvote 0 Downvote
B1 public facing SIP, either behind a firewall or direct
A1 Internal SIP to the IPO
M1 for management

B1 and A1 HAVE to be on different subnets, avaya actually want all 3 on different networks!

Are you trying to do everything on 1 interface? It would explain why you can manage it from the internet. Might as well forget the SBC and just stick the public IP on the IPO if you are!



Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
B1 and A1 are on different interfaces. B1 interface is behind firewall. A1 is on the LAN with the IPO. I can't manage it from the internet. Not sure where they came from? I have SIP trunking working on the SBC/IPO. I am now trying to get IX Workplace client working using the SBC
 
Upvote 0 Downvote
Sorry, you said you could telnet the FQDN. I assumed you meant the public FQDN! My bad been a long day!!

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
Follow the guides on the knowledgebase. The hardest thing is getting the cert in the way Avaya want it, and that changes from R7 to R8 also!!

Sslshopper is a good site to check your cert.

Jamie Green

[bold]A[/bold]vaya [bold]R[/bold]egistered [bold]S[/bold]pecialist [bold]E[/bold]ngineer
 
Upvote 0 Downvote
At this point my IX Workplace client is failing to connect. If I telnet to the FQDN using ports 443, 411, and 5061, I see packets in the packet capture from the SBC. So I know the ports on the firewall are being forwarded. If i attempt to connect the client, I do not see any traffic on the packet capture from the SBC. For the URL, I am using I set up Application Relays on the SBC for HTTP ports 443 and 411. The relays were setup under Device Specific Settings>DMZ Services>Relay Services. I was not getting any traffic on ports 443 and 411 when telnetting until I added these relays.
 
Upvote 0 Downvote
jaime77, no problem. i was just telnetting to check the ports to see if the SBC was seeing the packets. The telnet was failing but i was able to capture the packets to verify ports were open on the firewall.
 
Upvote 0 Downvote
If there is an issue with the Certificate, i should still see packets on the packet capture from the SBC, correct when attempting to connect the IX Workplace app, correct?
 
Upvote 0 Downvote
To get the settings file you need to setup the Application Relay. The SBCE is a SIP security application.
All protocols other than sip need to go through the application relay settings.

 
Upvote 0 Downvote
Travis,

I have created an application relay for 443 and 411. I have the Service Type as HTTP. This should be the only ports i need correct?
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

dsm600rr
  • Locked
  • Question
IX Workplace, SMS?
Replies
0
Views
125
dsm600rr
dsm600rr
teletechman
  • Locked
  • Question
IX Workplace
Replies
1
Views
139
Westi
Westi
NYSTECH
  • Locked
  • Question
IX Workplace and Desk Phones RTP issue 2
Replies
3
Views
220
NYSTECH
NYSTECH
dsm600rr
  • Locked
  • Question
IX Workplace - "Your messages may not be up to date"
Replies
4
Views
235
sizbut
sizbut
William C290
  • Question
Avaya SBCE & Workplace / TLS
Replies
3
Views
333
derfloh
derfloh

Part and Inventory Search

Sponsor

Back
Top