Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SBC Remote Workers Multi-Tenancy

Status
Not open for further replies.

mredha

Technical User
Feb 3, 2016
4
US
Hello Engineers,
I have a single SBC that is going to be used for Remote Workers for multiple customers using single public IP with multiple domain names (e.g. ipo-a.abc.com, ipo-b.abc.com). My problem is that only IPO-A Remote Workers are working fine but IPO-B Remote Workers are getting "Failed to retrieve XMPP account info from ipo-a.abc.com: Invalid user credentials". I have already configured relay services to relay XMPP ports based on customer's domain name but still SBC is forwarding all XMPP requests to the same IPO no matter what domain has been used in One-X mobile app.

Please let me know if you require any details. Your suggestions are much appreciated.

Regards,
 
So you have a SCN with users on each system?
One-X portal need a connection to all systems within a SCN and remote workers all login on the same One-X sever.
If it are independant systems then each system must have its own One-X portal server and their own unique URL to connect to.
 
Since SBC does a simple port forwarding of XMPP ports it is not able to route the packets based on the domain. It is only possible within a SCN with a single OneX Portal or if you have multiple public IPs.
 
What version of SBCE do you have? Domain based XMPP routing was introduced in 7.2.1.

XMPP for multiple IP Office instances
Avaya SBCE can:
[ul]
[li]Handle all XMPP traffic from different IP Office cloud instances on a single external public IP address.[/li]
[li]Route traffic in the core network based on the domain in the XMPP message or based on the configured domain.[/li]
[li]Support up to 50 next hop entries for a single external address.[/li]
[/ul]
 
Yes, we have SBC 7.2.1 and I followed the instructions listed in this document starting from page 89. I have a feeling that the issue is the SSL certificate because what I have done is that I used one of the IPOs as a CA (Certificate Authority) and from that CA I generated a client certificate for SBC. When I generated the client certificate I used "DNS:*.abc.com" as a wildcard SAN (Subject Alternative Name) and then I used this certificate for my Client and Server profiles in SBC. Could that be the reason? I could not find any document going through the steps of generating the common certificate for multiple tenants.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top