Comments on: What Ports do I need to open on my Firewall? http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/ Microsoft Office Communications Server - Tips, Tricks, and Insight Thu, 26 Jan 2012 18:22:01 -0500 http://wordpress.org/?v=2.8.3 hourly 1 By: Curtis Johnstone http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-3038 Curtis Johnstone Wed, 21 Jul 2010 21:39:47 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-3038 Thanks for the reminder; I meant to post the results of looking into that. After a long drawn-out investigation :-), the problem turned out to be anti-virus software - specifically the Kaspersky Anti-Virus suite. The "Web Protection" feature was blocking the desktop sharing, but surprisingly no other OCS features. Adding "Communicator.exe" to the "Trusted Applications" in Kaspersky anti-virus fixed the issue. Also, surprisingly, just disabling Kaspersky did not seem to work (I don't understand why). Thanks for the reminder; I meant to post the results of looking into that.

After a long drawn-out investigation :-) , the problem turned out to be anti-virus software – specifically the Kaspersky Anti-Virus suite. The “Web Protection” feature was blocking the desktop sharing, but surprisingly no other OCS features. Adding “Communicator.exe” to the “Trusted Applications” in Kaspersky anti-virus fixed the issue. Also, surprisingly, just disabling Kaspersky did not seem to work (I don’t understand why).

]]> By: Emu http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-3035 Emu Wed, 21 Jul 2010 14:41:22 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-3035 I have the same problem as Thomas_K. Desktop Sharing within OC does not work for an authenticated internal user from his home office. Audio is working... Any results from the Thomas_K's environment? I have the same problem as Thomas_K. Desktop Sharing within OC does not work for an authenticated internal user from his home office. Audio is working…
Any results from the Thomas_K’s environment?

]]> By: No Audio and Video with external clients when OCS R2 EDGE is behind NAT « msunified.net http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-2328 No Audio and Video with external clients when OCS R2 EDGE is behind NAT « msunified.net Wed, 28 Apr 2010 20:32:10 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-2328 [...] Rick Varvel: http://blogs.technet.com/rickva/archive/2009/04/03/Configuring-A_2F00_V-Edge-Service-for-NAT.aspx Mino – The UC Guy: http://theucguy.wordpress.com/2009/03/04/the-ocs-2007-r2-edge-and-nat/ Elan Shudnow – Audio/Media Negotiation: http://msunified.net/2009/08/30/office-communications-server-2007-r2-audiomedia-negotiation/ Inside OCS – Ports required for OCS 2007 R2 EDGE: http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/ [...] [...] Rick Varvel: http://blogs.technet.com/rickva/archive/2009/04/03/Configuring-A_2F00_V-Edge-Service-for-NAT.aspx Mino – The UC Guy: http://theucguy.wordpress.com/2009/03/04/the-ocs-2007-r2-edge-and-nat/ Elan Shudnow – Audio/Media Negotiation: http://msunified.net/2009/08/30/office-communications-server-2007-r2-audiomedia-negotiation/ Inside OCS – Ports required for OCS 2007 R2 EDGE: http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/ [...]

]]> By: Curtis Johnstone http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-1261 Curtis Johnstone Wed, 09 Dec 2009 22:28:47 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-1261 Hi Thomas, I'll will try to help (Pro bono) - which involves many questions about your environment, etc.., so I'll start a dialog with you over email. Any interesting results can be posted back here. Also, you can take a look at the Microsoft "Office Communications Server and Client Troubleshooting and Support" page (http://technet.microsoft.com/en-us/office/ocs/dd450353.aspx) which includes contact information for Microsoft if you have ruled out basic configuration and environmental factors. Hi Thomas,
I’ll will try to help (Pro bono) – which involves many questions about your environment, etc.., so I’ll start a dialog with you over email. Any interesting results can be posted back here.

Also, you can take a look at the Microsoft “Office Communications Server and Client Troubleshooting and Support” page (http://technet.microsoft.com/en-us/office/ocs/dd450353.aspx) which includes contact information for Microsoft if you have ruled out basic configuration and environmental factors.

]]> By: Thomas_K http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-1250 Thomas_K Wed, 09 Dec 2009 11:44:12 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-1250 The user is a internal user connected via Internet to the Edge-Server. How should we proceed to get rid of the problem, any tipps? (or maybe we can hire you as consultant on a per hour basis?) Thanks in advance, Thomas The user is a internal user connected via Internet to the Edge-Server. How should we proceed to get rid of the problem, any tipps? (or maybe we can hire you as consultant on a per hour basis?)

Thanks in advance,
Thomas

]]> By: Thomas_K http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-1030 Thomas_K Fri, 27 Nov 2009 08:04:17 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-1030 Its strange, on the remote client the Remote Desktop connects tries to establish and then just closes, without an error message. On the corporate side, it just says the the connection cannot be established. And one strange event log error message on the corporate client side: A SIP request made by Communicator failed in an unexpected manner (status code 80ef01e0). More information is contained in the following technical data: RequestUri: sip:xy@domain.xy From: sip:abc@domain.xy;tag=b4e60882bb To: sip:xy@domain.xy;tag=EF737F2074A2BC01A3E8CD2711672E73 Call-ID: a9d04e41440b4b7fab17e63113929f98 Content-type: application/sdp;call-type=im v=0 o=- 0 0 IN IP4 192.168.1.1 s=session c=IN IP4 192.168.1.1 t=0 0 m=message 5060 sip null a=accept-types:text/plain multipart/alternative image/gif text/rtf text/html application/x-ms-ink application/ms-imdn+xml text/x-msmsgsinvite Response Data: 480 Temporarily Unavailable ms-diagnostics: 2;reason="See response code and reason phrase";source="SERVER01.domain.local";AppUri="http://www.microsoft.com/LCS/DefaultRouting" Its strange, on the remote client the Remote Desktop connects tries to establish and then just closes, without an error message. On the corporate side, it just says the the connection cannot be established. And one strange event log error message on the corporate client side:

A SIP request made by Communicator failed in an unexpected manner (status code 80ef01e0). More information is contained in the following technical data:

RequestUri: sip:xy@domain.xy
From: sip:abc@domain.xy;tag=b4e60882bb
To: sip:xy@domain.xy;tag=EF737F2074A2BC01A3E8CD2711672E73
Call-ID: a9d04e41440b4b7fab17e63113929f98
Content-type: application/sdp;call-type=im

v=0
o=- 0 0 IN IP4 192.168.1.1
s=session
c=IN IP4 192.168.1.1
t=0 0
m=message 5060 sip null
a=accept-types:text/plain multipart/alternative image/gif text/rtf text/html application/x-ms-ink application/ms-imdn+xml text/x-msmsgsinvite

Response Data:

480 Temporarily Unavailable
ms-diagnostics: 2;reason=”See response code and reason phrase”;source=”SERVER01.domain.local”;AppUri=”http://www.microsoft.com/LCS/DefaultRouting”

]]> By: Curtis Johnstone http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-1021 Curtis Johnstone Thu, 26 Nov 2009 16:41:11 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-1021 Desktop Sharing uses the same communication path as the Edge A/V functionality (it uses the Remote Desktop Protocol (RDP) over SRTP), so if this is working there should be no additional ports to open for Desktop Sharing using Communicator. Also, if an external A/V session is working with the same external client, that eliminates a lot of potential firewall and certificate issues. Is the client (external) a authenticated internal user running externally? (e.g. not a PIC recipient) What error are they getting when they attempt to establish a desktop sharing session? Desktop Sharing uses the same communication path as the Edge A/V functionality (it uses the Remote Desktop Protocol (RDP) over SRTP), so if this is working there should be no additional ports to open for Desktop Sharing using Communicator. Also, if an external A/V session is working with the same external client, that eliminates a lot of potential firewall and certificate issues.

Is the client (external) a authenticated internal user running externally? (e.g. not a PIC recipient) What error are they getting when they attempt to establish a desktop sharing session?

]]> By: Thomas_K http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-1017 Thomas_K Thu, 26 Nov 2009 10:39:00 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-1017 Hi, do you know which ports are required for Desktop sharing via Communicator? We have a client, which is able to do Video/Audio from the internet via edge to internal clients but no Desktop sharing? Thanks in advance Hi,

do you know which ports are required for Desktop sharing via Communicator?
We have a client, which is able to do Video/Audio from the internet via edge to internal clients but no Desktop sharing?

Thanks in advance

]]> By: Curtis Johnstone http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-99 Curtis Johnstone Fri, 05 Sep 2008 17:18:52 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-99 No, unfortunately I have never worked with Checkpoint NGX. No, unfortunately I have never worked with Checkpoint NGX.

]]> By: Andrew_S http://blog.insideocs.com/2008/08/20/what-ports-do-i-need-to-open-on-my-firewall/comment-page-1/#comment-98 Andrew_S Thu, 04 Sep 2008 10:18:30 +0000 http://ocsbuzz.wordpress.com/?p=15#comment-98 HI Looking at the firewall requirmetns have you any experince of implementing this on checkpoint ngx. HI

Looking at the firewall requirmetns have you any experince of implementing this on checkpoint ngx.

]]>