| Author |
Message |
Jéjé
Guest
|
 Posted:
Tue Dec 28, 2004 1:13 am Post subject:
external users cannot send files to internal user (again) |
|
|
Hi,
does LCS 2005 provide a working solution to allow external users (outside my
ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this doesn't
works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small tests) this
option works fine.
I've read near all the documents available aroung LCS 2005 but nothing
works.
I've try direct access through the LCS access proxy or server publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to send
files!!!
any guide?
thanks.
Jerome. |
|
| Back to top |
|
 |
Jéjé
Guest
|
| Posted:
Tue Dec 28, 2004 2:24 am Post subject:
Re: external users cannot send files to internal user (again |
|
|
another point,
when an external user try (and fail) to send a file, the LCS log contain
this:
$$begin_record
LogType: security
Date: 20041227 202112
Text: Failed to verify the signature
Result-Code: 0xc3eb200a
$$end_record
"Jéjé" <willgart@BBBhotmailAAA.com> a écrit dans le message de news:
%23cAukgE7EHA.3076@TK2MSFTNGP15.phx.gbl...
| Quote: | Hi,
does LCS 2005 provide a working solution to allow external users (outside
my ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this
doesn't works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small tests) this
option works fine.
I've read near all the documents available aroung LCS 2005 but nothing
works.
I've try direct access through the LCS access proxy or server publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to send
files!!!
any guide?
thanks.
Jerome.
|
|
|
| Back to top |
|
|
TomL LCS Kid
Guest
|
| Posted:
Tue Dec 28, 2004 3:43 am Post subject:
Re: external users cannot send files to internal user (again |
|
|
The most important thing to know is that only an IM session uses LCS ports.
File Transfer, Audio/Video, Application Sharing are all peer to peer. An
initial invite will be made via the LCS server but from there it will be
workstation to workstation requiring other ports to be opened.
check out http://blogs.msdn.com/toml for a post on Messenger with Firewalls
and ports
TomL LCS Kid
"Jéjé" wrote:
| Quote: | another point,
when an external user try (and fail) to send a file, the LCS log contain
this:
$$begin_record
LogType: security
Date: 20041227 202112
Text: Failed to verify the signature
Result-Code: 0xc3eb200a
$$end_record
"Jéjé" <willgart@BBBhotmailAAA.com> a écrit dans le message de news:
%23cAukgE7EHA.3076@TK2MSFTNGP15.phx.gbl...
Hi,
does LCS 2005 provide a working solution to allow external users (outside
my ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this
doesn't works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small tests) this
option works fine.
I've read near all the documents available aroung LCS 2005 but nothing
works.
I've try direct access through the LCS access proxy or server publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to send
files!!!
any guide?
thanks.
Jerome.
|
|
|
| Back to top |
|
|
Jéjé
Guest
|
| Posted:
Tue Dec 28, 2004 4:54 am Post subject:
Re: external users cannot send files to internal user (again |
|
|
But does I have to add secondary connections in my protocol definition in
ISA?
Because I've try this without success.
"TomL LCS Kid" <TomLLCSKid@discussions.microsoft.com> a écrit dans le
message de news: 896AFD25-0032-4756-8CCE-C741F7B07C0C@microsoft.com...
| Quote: | The most important thing to know is that only an IM session uses LCS
ports.
File Transfer, Audio/Video, Application Sharing are all peer to peer. An
initial invite will be made via the LCS server but from there it will be
workstation to workstation requiring other ports to be opened.
check out http://blogs.msdn.com/toml for a post on Messenger with
Firewalls
and ports
TomL LCS Kid
"Jéjé" wrote:
another point,
when an external user try (and fail) to send a file, the LCS log contain
this:
$$begin_record
LogType: security
Date: 20041227 202112
Text: Failed to verify the signature
Result-Code: 0xc3eb200a
$$end_record
"Jéjé" <willgart@BBBhotmailAAA.com> a écrit dans le message de news:
%23cAukgE7EHA.3076@TK2MSFTNGP15.phx.gbl...
Hi,
does LCS 2005 provide a working solution to allow external users
(outside
my ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this
doesn't works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small tests)
this
option works fine.
I've read near all the documents available aroung LCS 2005 but nothing
works.
I've try direct access through the LCS access proxy or server
publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to send
files!!!
any guide?
thanks.
Jerome.
|
|
|
| Back to top |
|
|
Tom Laciano
Guest
|
| Posted:
Tue Dec 28, 2004 8:49 pm Post subject:
Re: external users cannot send files to internal user (again |
|
|
Jeje,
Sorry for overlooking that question. There has been released an ISA 2004
with LCS 2003 document:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/tls-isa.mspx
In the document is this statement however the document never discusses the
peer to peer applications.
12.
On the Secondary Connections page, in Do you want to use secondary
connections, select No, and then click Next.
I am checking on the status of an LCS 2005 with ISA 2004 document, no word
as of yet. I will investigate further the application impact with ISA also.
Tom
"Jéjé" <willgart@BBBhotmailAAA.com> wrote in message
news:eWhROcG7EHA.3840@tk2msftngp13.phx.gbl...
| Quote: | But does I have to add secondary connections in my protocol definition in
ISA?
Because I've try this without success.
"TomL LCS Kid" <TomLLCSKid@discussions.microsoft.com> a écrit dans le
message de news: 896AFD25-0032-4756-8CCE-C741F7B07C0C@microsoft.com...
The most important thing to know is that only an IM session uses LCS
ports.
File Transfer, Audio/Video, Application Sharing are all peer to peer. An
initial invite will be made via the LCS server but from there it will be
workstation to workstation requiring other ports to be opened.
check out http://blogs.msdn.com/toml for a post on Messenger with
Firewalls
and ports
TomL LCS Kid
"Jéjé" wrote:
another point,
when an external user try (and fail) to send a file, the LCS log contain
this:
$$begin_record
LogType: security
Date: 20041227 202112
Text: Failed to verify the signature
Result-Code: 0xc3eb200a
$$end_record
"Jéjé" <willgart@BBBhotmailAAA.com> a écrit dans le message de news:
%23cAukgE7EHA.3076@TK2MSFTNGP15.phx.gbl...
Hi,
does LCS 2005 provide a working solution to allow external users
(outside
my ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this
doesn't works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small tests)
this
option works fine.
I've read near all the documents available aroung LCS 2005 but nothing
works.
I've try direct access through the LCS access proxy or server
publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to send
files!!!
any guide?
thanks.
Jerome.
|
|
|
| Back to top |
|
|
Tom Laciano
Guest
|
| Posted:
Tue Dec 28, 2004 8:53 pm Post subject:
Re: external users cannot send files to internal user (again |
|
|
Jeje,
Much quicker than I anticipated, here is further info on ISA and LCS. I
don't believe much has changed with LCS 2005.
1) The LCS servers uses SIP for a number of things: to establish VoIP
sessions, to exchange IMs, to exchange presence, to sync your buddy list,
etc.
2) The media (voice, video, application sharing, file transfer) does not go
through the LCS server but rather is peer-to-peer
3) The ports used for media are either well known or can be limited to a
specific range using a GPO policy we provide
4) The ports used for SIP are well known (5061 for TLS, 5060 for TCP, 443
for HTTPS (tunnels))
We have a documented and supported mechanism for getting SIP through
firewalls, notably ISA:
http://www.microsoft.com/downloads/details.aspx?FamilyID=b714e88b-c2db-4709-a3f9-6a9d49a48db9&displaylang=en
This solution allows IM and presence to traverse the firewall, but not media
(such as VoIP)
By restricting the media ports to be essentially static through our GPO
policy, you can also create apporpriate rules on your firewall (ISA) to
allow media such as VoIP to traverse the firewall. The more difficult
problem is when the ports are dynamic and/or NATs are involved.
We also have partner solutions to handle the media traversal problem.
For example, Ingate:
http://office-system/solutionpreview.aspx?sid=2942&i=1&total=75&sort=8&fromprod=1
See http://officesystem/livecomm/partners.aspx for a more complete set of
our partner solutions for Live Communications Server
"Tom Laciano <MSFT>" <toml@online.microsoft.com> wrote in message
news:urAeMwO7EHA.1524@TK2MSFTNGP09.phx.gbl...
| Quote: | Jeje,
Sorry for overlooking that question. There has been released an ISA 2004
with LCS 2003 document:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/tls-isa.mspx
In the document is this statement however the document never discusses the
peer to peer applications.
12.
On the Secondary Connections page, in Do you want to use secondary
connections, select No, and then click Next.
I am checking on the status of an LCS 2005 with ISA 2004 document, no word
as of yet. I will investigate further the application impact with ISA
also.
Tom
"Jéjé" <willgart@BBBhotmailAAA.com> wrote in message
news:eWhROcG7EHA.3840@tk2msftngp13.phx.gbl...
But does I have to add secondary connections in my protocol definition in
ISA?
Because I've try this without success.
"TomL LCS Kid" <TomLLCSKid@discussions.microsoft.com> a écrit dans le
message de news: 896AFD25-0032-4756-8CCE-C741F7B07C0C@microsoft.com...
The most important thing to know is that only an IM session uses LCS
ports.
File Transfer, Audio/Video, Application Sharing are all peer to peer. An
initial invite will be made via the LCS server but from there it will be
workstation to workstation requiring other ports to be opened.
check out http://blogs.msdn.com/toml for a post on Messenger with
Firewalls
and ports
TomL LCS Kid
"Jéjé" wrote:
another point,
when an external user try (and fail) to send a file, the LCS log
contain
this:
$$begin_record
LogType: security
Date: 20041227 202112
Text: Failed to verify the signature
Result-Code: 0xc3eb200a
$$end_record
"Jéjé" <willgart@BBBhotmailAAA.com> a écrit dans le message de news:
%23cAukgE7EHA.3076@TK2MSFTNGP15.phx.gbl...
Hi,
does LCS 2005 provide a working solution to allow external users
(outside
my ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this
doesn't works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small tests)
this
option works fine.
I've read near all the documents available aroung LCS 2005 but
nothing
works.
I've try direct access through the LCS access proxy or server
publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to send
files!!!
any guide?
thanks.
Jerome.
|
|
|
| Back to top |
|
|
Jéjé
Guest
|
| Posted:
Tue Dec 28, 2004 10:09 pm Post subject:
Re: external users cannot send files to internal user (again |
|
|
well...
I'll try to restrict the ports used and I'll test again.
but I really don't understand why video & application sharing works fine and
file sharing not!!!
VoIP appear to works fine in my configuration with application like
pulver.communicator.
But I'm not focusing on VoIP for the moment.
thanks for your time.
"Tom Laciano <MSFT>" <toml@online.microsoft.com> a écrit dans le message de
news: O9WphyO7EHA.3756@TK2MSFTNGP14.phx.gbl...
| Quote: | Jeje,
Much quicker than I anticipated, here is further info on ISA and LCS. I
don't believe much has changed with LCS 2005.
1) The LCS servers uses SIP for a number of things: to establish VoIP
sessions, to exchange IMs, to exchange presence, to sync your buddy list,
etc.
2) The media (voice, video, application sharing, file transfer) does not
go through the LCS server but rather is peer-to-peer
3) The ports used for media are either well known or can be limited to a
specific range using a GPO policy we provide
4) The ports used for SIP are well known (5061 for TLS, 5060 for TCP, 443
for HTTPS (tunnels))
We have a documented and supported mechanism for getting SIP through
firewalls, notably ISA:
http://www.microsoft.com/downloads/details.aspx?FamilyID=b714e88b-c2db-4709-a3f9-6a9d49a48db9&displaylang=en
This solution allows IM and presence to traverse the firewall, but not
media (such as VoIP)
By restricting the media ports to be essentially static through our GPO
policy, you can also create apporpriate rules on your firewall (ISA) to
allow media such as VoIP to traverse the firewall. The more difficult
problem is when the ports are dynamic and/or NATs are involved.
We also have partner solutions to handle the media traversal problem.
For example, Ingate:
http://office-system/solutionpreview.aspx?sid=2942&i=1&total=75&sort=8&fromprod=1
See http://officesystem/livecomm/partners.aspx for a more complete set of
our partner solutions for Live Communications Server
"Tom Laciano <MSFT>" <toml@online.microsoft.com> wrote in message
news:urAeMwO7EHA.1524@TK2MSFTNGP09.phx.gbl...
Jeje,
Sorry for overlooking that question. There has been released an ISA 2004
with LCS 2003 document:
http://www.microsoft.com/technet/prodtechnol/isa/2004/plan/tls-isa.mspx
In the document is this statement however the document never discusses
the peer to peer applications.
12.
On the Secondary Connections page, in Do you want to use secondary
connections, select No, and then click Next.
I am checking on the status of an LCS 2005 with ISA 2004 document, no
word as of yet. I will investigate further the application impact with
ISA also.
Tom
"Jéjé" <willgart@BBBhotmailAAA.com> wrote in message
news:eWhROcG7EHA.3840@tk2msftngp13.phx.gbl...
But does I have to add secondary connections in my protocol definition
in ISA?
Because I've try this without success.
"TomL LCS Kid" <TomLLCSKid@discussions.microsoft.com> a écrit dans le
message de news: 896AFD25-0032-4756-8CCE-C741F7B07C0C@microsoft.com...
The most important thing to know is that only an IM session uses LCS
ports.
File Transfer, Audio/Video, Application Sharing are all peer to peer.
An
initial invite will be made via the LCS server but from there it will
be
workstation to workstation requiring other ports to be opened.
check out http://blogs.msdn.com/toml for a post on Messenger with
Firewalls
and ports
TomL LCS Kid
"Jéjé" wrote:
another point,
when an external user try (and fail) to send a file, the LCS log
contain
this:
$$begin_record
LogType: security
Date: 20041227 202112
Text: Failed to verify the signature
Result-Code: 0xc3eb200a
$$end_record
"Jéjé" <willgart@BBBhotmailAAA.com> a écrit dans le message de news:
%23cAukgE7EHA.3076@TK2MSFTNGP15.phx.gbl...
Hi,
does LCS 2005 provide a working solution to allow external users
(outside
my ISA Server 2000 firewall) to send file to my internal users?
I've try to install an Access Proxy at my ISA server level, but this
doesn't works.
internal users can send files to externals but not in the other way.
Other tools works fine (application sharing, whiteboard...)
I've not tested the voice and video but from what I see (small
tests) this
option works fine.
I've read near all the documents available aroung LCS 2005 but
nothing
works.
I've try direct access through the LCS access proxy or server
publishing
rule to the LCS server himself without success.
I don't see any errors in the ISA Log.
So I'm looking for a working solution to allow external users to
send
files!!!
any guide?
thanks.
Jerome.
|
|
|
| Back to top |
|
|
|
|
|
|
FAQ
Memberlist
Register
Profile
Log in to check your private messages
Log in