Only 2 Clients Connect Through AP 1252

Hi,
I am configuring a 1252 in autonomous mode and that's the only AP in the network.
A very strange behavior is observed.
Although many clients can associate to this AP with no problem, only the first two associated devices can connect through this AP and access devices on the wired network. For 3rd associated device and above, they can only connect to and ping to AP but nothing beyond AP. In Windows the wireless icon would display "limited access" with an exclamation mark.
DHCP works fine though for all devices, and they can acquire the IP from DHCP server on a different segment.
I don't have too much experience with wireless so I am totally lost with no direction.
Please help and thank you very much.
configuration attached.

Problem solved. It has nothing to do with AP. The AP is connected to a ESW 540-8 port SW. This is SOHO SW is blocking the traffic. As soon as I moved AP to main switch, everything went smoothly.

Similar Messages

  • SSLServerSocket that only accepts client connections from localhost

    My end goal is to create an SSLServerSocket that will only accept client connections requested by localhost.
    I've tried creating a new SocketPermission:
    p1 = new SocketPermission("localhost:1024-65535", "listen,connect,accept")I am able to add it to a custom Policy's PermissionCollection, but it doesn't seem to work. I believe SecurityManager.checkAccept() only checks the host's name and not the client's...
    This following code works and illustrates what I'm trying to achieve, but I'd like it to happen before the socket is actually accepted:
    SSLSocket socket = (SSLSocket)m_sslServerSocket.accept();
    Strintg clientIP = socket.getSession().getPeerHost();
    if( !clientIP.equals( "127.0.0.1" ) & !clientIP.equals( InetAddress.getLocalHost().getHostAddress() )
        // reject connection
    }Any help is appreciated.
    Edited by: misterE on Oct 24, 2007 10:46 PM

    I'm not clear whether you are doing this Permission thing on the server side or the client side, and/or whether you have a SecurityManager installed.
    If the server only has SocketPermission("localhost:...", "listen,connect,accept") it should only accept connections from localhost, not from B. So I don't know why the first scenario worked.
    If the server only has this SocketPermission with some other hostname, it shouldn't be able to listen at any port. So I don't know why the first scenario worked.
    Unless there is no security manager installed.
    You can run it with -Djava.security.debug=access,failure to see what permission checks are being executed.
    BTW because connections are accepted by the TCP stack before permission checking takes place, as described above, the client won't get a ConnectionException if the permission is refused at the server: it will get most probably a SocketConnection: connection reset by peer when writing to the server.

  • Client connecting through firewall

    Hi
              We have two clustered servers.Our client is connecting through
              firewall NAT. When iam connect to first server the response is very slow and
              at the same time clustering is not working.If i stop the second server the
              response fast .
              The same configaration is working fine when my client is local.
              Can you explain the reason for this problem ?
              Presently iam using weblogic 6.1 version.
              Thank you
              

    OK I spoke too soon. The user looked like it was working but it was working because it matched another IAS policy further down the list. It seems as though the PIX refuses to use ms-chap of any sort. If I include the authentication type in the VPN policy conditions as ms-chap, it skips the VPN policy I am using to authenticate this. If I remove it, then it gives an invalid authentication type as if whatever the PIX is sending the IAS server does not understand as ms-chap.
    It seems like the PIX authentication is totally wrong for use with IAS. What else do I need to add to this configuration to gewt it to work with ms-chap of any kind? I really don't get it.

  • Client connecting through a proxy

    hi
    i'm new to RMI programming, i need to clear some things up
    . is RMI a standalone protocol like http or does it require another protocol so
    it can run over it ?
    . how does an RMI connection get through a proxy server, ie. if the client is behind a proxy server and the server is a known public host, can the client still get to the server, or does this have to be done in the proxy configuration?
    Is there certain types of proxy servers RMI can't go through or ( they won't let it pass through ) .
    i need those infos because i've been stuck with an RMI server deployed on the net and a client behind a web proxy, the same box ( IP ) hosting the RMI server also hosts a WEB server from which javaWS starts the application but this application exits at a certain point sayin it cannot find the RMI server.
    i didn't have the chance to test through a direct connection, but have tested
    in an intranet environment and it was workin great,
    thanks for any help

    . is RMI a standalone protocol like http or does it
    require another protocol so
    it can run over it ?The question doesn't make much sense. HTTP runs over TCP, and so does RMI. RMI also uses the Serialization protocol.
    how does an RMI connection get through a proxy
    server, ie. if the client is behind a proxy server
    and the server is a known public host, can the
    client still get to the server, or does this have to
    be done in the proxy configuration?http://java.sun.com/j2se/1.5.0/docs/guide/rmi/faq.html#firewallOut
    s there certain types of proxy servers RMI can't go
    through or ( they won't let it pass through ) .Java supports SOCKS and HTTP proxies.

  • Flash drive only mounts when connected through USB hub

    I have a PNY 32gb USB 2.0 flash drive, when trying to connect the drive directly to my Mid 2012 MBP (specs attached) the drive never mounts, doesn't list in diskutil as an unmounted drive either, however when I plug the drive into a Micro Innovations USB Hub (old ~ 2002) the drive mounts (albeit slowly).
    On my iMac (Mid 2010 I7) the drive works perfectly in the machine or through Apple USB Keyboard.
    Any help?

    Is that the only USB drive that doesn't work with your MBP ?
    Everything else works fine?

  • Time caspule only works when connected through my dLink router first

    I have a dlink router that was always my network router in my home. I hooked up a time capusle from the lan output of the dlink into the internet input port on the time capsule and it works fine. The time capsule and dlink are both wifi hostpots. When I connect my time capsule from my modem direct without the dlink the LED will not turn green. WHy is this and how do I remedy this.
    Thanks
    Colin

    The easiest way is to "hard reset" the Time Capsule and reconfigure it using AirPort Utility.
    Make sure it is connected to the modem first. Remember to power down the modem before changing its connections.
    To "hard reset" the TC: make sure it's powered up, then press and hold its tiny reset button and keep it depressed for five to ten seconds, long enough for its LED to flash amber rapidly. Release the reset button. Then, the LED will glow amber steadily for about a minute. Then, it will flash amber, slowly, about once every second or two, waiting for you to configure it with AirPort Utility.
    This will not affect your backups. You might need to re-select the TC's backup disk in Time Machine's Preferences, but your existing backups will not be lost.
    Manuals:
    4th gen (802.11n) TC:
    http://manuals.info.apple.com/MANUALS/1000/MA1575/en_US/time_capsule_4th_gen_set up.pdf
    5th gen (802.11ac) TC:
    http://manuals.info.apple.com/MANUALS/1000/MA1645/en_US/airport_time_capsule_802 11ac_setup.pdf

  • How many clients can connect through cisco AP 1310 in wireless network ?

    I had setup wireless network with
    wlc4402,cisco AP 1310.1131 and 1242 and Cisco acs 4.1.My problem is only 30 clients connect through Cisco AP 1310 at a time.I can not connect more than 30 clients at a time.What is the issue in wireless network?please reply .
    Thanks and regards
    By
    D.Anbudurai

    WIRELESS > 802.11 > RRM
    How can do that setting ? Can you reply with
    some brief steps? And also I want to know how
    many clients can connect in wireless network at
    a time exactly through cisco aps?
    Thanks and regards
    d.anbudurai

  • Can't view a report connecting through ODBC(RDO)  to DB with InfoView (CMC)

    Environment :
    Crystal Reports machine :
    OS :
    Windows Server 2008 64-bit
    Crystal Reports Developer 2008 SP0
    Crystal Reports Server 2008
    DB Server:
    Windows Server 2003 32-bit
    SQL Server 2000 SP3
    What is going on:
    All the reports connecting through ODBC (RDO) to the database server work fine in the developer interface (I can preview them) but cannot be accessed if I try to view them in InfoView / CMC ("Please wait while the document is being processed" message box doesn't go away...).
    I have tried both the SQL Server driver 6.00.6001.1800 and SQL Server Native Client 10.0 2007.100.1600.22 with the same results.
    PS All the reports using OLE DB work just fine, I would prefer to have the ODBC option working through the web interface because I have a few hundreds report to change otherwise ...
    Virgil Rucsandescu

    Our solution is a php web application, but this is not relevant (in my opinion), and here it is why:
    The php code should show the reports by using the direct links given by InfoView
    (like http://dev-web:8080/CrystalReports/viewrpt.cwr?id=801&apsuser=user&apspassword=password).
    Actually in this moment these links are looking different because currently we're using C.R. 10 + C.R. Server 10, but we are planning to move to CR 2008 + CR Server 2008.
    So now I am testing how these direct links do work, they're actually working perfectly till now, but only if I connect through OLEDB to the DB server (SQL Server 2000). Any attempt to do it through the 2 ODBC drivers failed until now.
    And I don't want to think about changing the data source hundreds of reports (lot of them having subreports too) ...

  • ConfigMgr Clients connection over direct access.

    My test client machine is running Windows 8.1 and connecting to network through Direct Access. I am running SCCM 2012 R2 on Windows Server 2012.
    Test Machine: NYWIN8
    SCCM Server: SCCM01
    Domain: demo.local
    I would like to understand how configmgr handles clients connecting through direct access. What all functionality is available for such clients?
    On my client machine is see following errors:
    FSPSTATEMESSAGE.LOG
    Failed in WinHttpSendRequest API, ErrorCode = 0x2ee7
    [CCMHTTP] ERROR: URL=HTTP://SCCM01.demo.local/SMS_FSP/.sms_fsp, Port=80, Options=480, Code=12007, Text=ERROR_WINHTTP_NAME_NOT_RESOLVED
    POLICYAGENT.LOG
    Policy
    http://SCCM01.demo.local/SMS_MP/.sms_pol?WRC10000.SHA256:BE60C5A54E508758261E6EDAE80AB21576A214309B9E1E19EE1D5A96C4508EC4 is not available.
    DATATRANSFERSERVICE.LOG
    DTS job {E6FAADEE-F22E-4E89-92EE-C2D9C10C3056} BITS job {9C444FAB-FD3C-4A6B-B8A4-81DA159E4E45} failed to download source file
    http://SCCM01.demo.local:80/SMS_MP/.sms_pol?WRC10000.SHA256:BE60C5A54E508758261E6EDAE80AB21576A214309B9E1E19EE1D5A96C4508EC4 to destination C:\Windows\CCM\Temp\{C9AA0DDC-BD37-442D-A00E-EE7404D47C12}.tmp with error 0x80190194
    DTS job {E6FAADEE-F22E-4E89-92EE-C2D9C10C3056} BITS job {9C444FAB-FD3C-4A6B-B8A4-81DA159E4E45} partially completed 0/1 with error 0x80190194 context 5
    Software Catalog Update Endpoint
    Failed to open portal registry key 'Software\Policies\Microsoft\CCM'. maybe haven't been created yet. Error 0x80070002
    WEDMTRACE.LOG
    No CCM Identification blob
    CAS.LOG
    The number of discovered DPs(including Branch DP and Multicast) is 0
    SMSCLIUI.LOG
    Failed to set DNSSuffix value to the registry.
    Are there any issues due to connecting using direct access?

    When I try to deploy any software (7-ZIP or Notepad++) to this client I get following error:
    The software change returned error code 0x87D00607(-2016410105).
    I can deploy same software fine to other machines connecting on LAN.
    Server Logs:
    Portlctl
    PORTALWEB's previous status was 0 (0 = Online, 1 = Failed, 4 = Undefined)
    PORTALWEBs http check returned hr=0, bFailed=0
    awbsctl
    AWEBSVCs http check returned hr=0, bFailed=0
    AWEBSVC's previous status was 0 (0 = Online, 1 = Failed, 4 = Undefined)
    Client Logs:
    CAS
    The number of discovered DPs(including Branch DP and Multicast) is 0
    CCMEVAL
    Client's current MP is http://SCCM01.DEMO.local and is accessible
    ClientLocation
    Current AD forest name is Demo.local, domain name is Demo.local
    Domain joined client is in Intranet
    Rotating assigned management point, new management point [1] is: SCCM01.demo.local (7958) with capabilities: <Capabilities SchemaVersion="1.0"><Property Name="SSLState" Value="0"/></Capabilities>
    Assigned MP changed from <SCCM01.demo.local> to <SCCM01.demo.local>.
    ContentTransferManager
    No data since 11/13/2013
    CTM job {F6085C09-4C39-489E-A6F6-2C268398B7F2} successfully processed download completion.
    DataTransfer
    DTS job {B227AB6E-6D0F-4709-B8C6-AA8B66CBBE2D} BITS job {AE61D01C-E251-45FA-8B2C-2E22DDD91016} failed to download source file
    http://SCCM01.demo.local:80/SMS_MP/.sms_pol?WRC10000.SHA256:BE60C5A54E508758261E6EDAE80AB21576A214309B9E1E19EE1D5A96C4508EC4 to destination C:\Windows\CCM\Temp\{22619283-47B1-445A-9262-C1FA54AD0F64}.tmp with error 0x80190194
    DTS job {B227AB6E-6D0F-4709-B8C6-AA8B66CBBE2D} BITS job {AE61D01C-E251-45FA-8B2C-2E22DDD91016} partially completed 0/1 with error 0x80190194 context 5
    Filebits
    BranchCache Is Not Enabled
    Failed to check PeerDistribution status. NOT able to do branch cache.
    FSPSTATEMESSAGE
    Failed in WinHttpSendRequest API, ErrorCode = 0x2ee7
    [CCMHTTP] ERROR: URL=HTTP://SCCM01.demo.local/SMS_FSP/.sms_fsp, Port=80, Options=480, Code=12007, Text=ERROR_WINHTTP_NAME_NOT_RESOLVED
    Successfully sent location services HTTP failure message.
    InternetProxy
    Failed to get proxy for url 'HTTP://SCCM01.demo.local/SMS_FSP/.sms_fsp'. Error 0x87d00215
    InventoryAgent
    Inventory: 9 Collection Task(s) failed.
    SCCLIENT
    Event maps to notification type = Application Enforcement Failed   (Microsoft.SoftwareCenter.Client.Data.WmiConnectionManager at EventWatcher_EventArrived)
    SMSCLIUI
    Failed to set DNSSuffix value to the registry.
    IPCONFIG /ALL from CLIENT:
    Windows IP Configuration
       Host Name . . . . . . . . . . . . : NYWIN8
       Primary Dns Suffix  . . . . . . . : demo.local
       Node Type . . . . . . . . . . . . : Hybrid
       IP Routing Enabled. . . . . . . . : No
       WINS Proxy Enabled. . . . . . . . : No
       DNS Suffix Search List. . . . . . : demo.local
       System Quarantine State . . . . . : Not Restricted
    Ethernet adapter vEthernet (Internal):
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #3
       Physical Address. . . . . . . . . : 00-15-5D-01-0B-07
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::d3f:4e51:c648:7b26%26(Preferred)
       Autoconfiguration IPv4 Address. . : 169.254.123.38(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.0.0
       Default Gateway . . . . . . . . . :
       DHCPv6 IAID . . . . . . . . . . . : 872420701
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-EA-A9-CE-E0-DB-55-D2-5E-59
       DNS Servers . . . . . . . . . . . : fec0:0:0:ffff::1%1
                                           fec0:0:0:ffff::2%1
                                           fec0:0:0:ffff::3%1
       NetBIOS over Tcpip. . . . . . . . : Enabled
    Ethernet adapter vEthernet (External):
       Connection-specific DNS Suffix  . : home
       Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #2
       Physical Address. . . . . . . . . : 84-A6-C8-AF-03-DE
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
       Link-local IPv6 Address . . . . . : fe80::9cb5:5132:1f47:e7c6%24(Preferred)
       IPv4 Address. . . . . . . . . . . : 192.168.1.5(Preferred)
       Subnet Mask . . . . . . . . . . . : 255.255.255.0
       Lease Obtained. . . . . . . . . . : Thursday, January 2, 2014 1:27:53 PM
       Lease Expires . . . . . . . . . . : Saturday, January 4, 2014 12:27:55 PM
       Default Gateway . . . . . . . . . : 192.168.1.1
       DHCP Server . . . . . . . . . . . : 192.168.1.1
       DHCPv6 IAID . . . . . . . . . . . : 730113736
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-EA-A9-CE-E0-DB-55-D2-5E-59
       DNS Servers . . . . . . . . . . . : 192.168.1.1
       NetBIOS over Tcpip. . . . . . . . : Enabled
    Wireless LAN adapter Local Area Connection* 3:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft Wi-Fi Direct Virtual Adapter
       Physical Address. . . . . . . . . : 84-A6-C8-AF-03-DF
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    Ethernet adapter Bluetooth Network Connection:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Bluetooth Device (Personal Area Network)
       Physical Address. . . . . . . . . : 84-A6-C8-AF-03-E2
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    Ethernet adapter Ethernet:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : home
       Description . . . . . . . . . . . : Realtek PCIe FE Family Controller
       Physical Address. . . . . . . . . : E0-DB-55-D2-5E-59
       DHCP Enabled. . . . . . . . . . . : Yes
       Autoconfiguration Enabled . . . . : Yes
    Tunnel adapter isatap.home:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . : home
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
    Tunnel adapter iphttpsinterface:
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : iphttpsinterface
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes
       IPv6 Address. . . . . . . . . . . : fd64:fc00:d17b:1000:e1a7:9cc8:c3c7:d819(Preferred)
       Temporary IPv6 Address. . . . . . : fd64:fc00:d17b:1000:c598:7f17:e286:369d(Preferred)
       Link-local IPv6 Address . . . . . : fe80::e1a7:9cc8:c3c7:d819%10(Preferred)
       Default Gateway . . . . . . . . . :
       DHCPv6 IAID . . . . . . . . . . . : 369098752
       DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-19-EA-A9-CE-E0-DB-55-D2-5E-59
       NetBIOS over Tcpip. . . . . . . . : Disabled
    Tunnel adapter isatap.{DC7D2C63-1506-49EC-A40F-AA4E56DE4001}:
       Media State . . . . . . . . . . . : Media disconnected
       Connection-specific DNS Suffix  . :
       Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
       Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
       DHCP Enabled. . . . . . . . . . . : No
       Autoconfiguration Enabled . . . . : Yes

  • Terminating a client connection - DBA topic

    Hello,
    Does anyone know how to terminate a client connection from the TimesTen data manager machine? It is easy to kill the server process when it services only one client connection. However, we have configured for the server to service multiple connections. If I kill the server process, it will also terminate all connections that it services.
    - Senthil.

    Hi,
    From your description, I recommend you follow the steps below for troubleshooting:
    1. Recover Navigation Pane configuration file by running the outlook.exe /resetnavpane command.
    2. Repair your Outlook PST file using Inbox Repair tool.
    If the issue persists, it is recommended to create a new profile and check the result.
    Hope this can be helpful.
    Best regards,
    Amy Wang
    TechNet Community Support

  • How can I know which clients are connected to my network through express and which are connected through extreme?

    I have an airport express extending, through wireless, a network provided by an airport extreme. How can I know which clients are connected to my network through express and which are connected through extreme?
    Here you can see both routers:
    I would expect to some clients connected to the express, other than the extreme. And that's all I see: only the airport extreme appears as client of the airport express.
    Below, one can see the summary of the config for both routers.
    Would somebody explain it?
    Thanks,
    Marcelo
    Message was edited by: Marcelão

    please disregard this answer.
    Message was edited by: Marcelão

  • Only able to connect to internet through Broadband DSL one computer at a time.

    Hi,
    I am using Verizon Broadband DSL, and have used it for a few years.
    Equipment:
    Westell Versalink Model 327W
    Linksys Wireless-G Broadband Router Model WRT54G
    I have a desktop (running Windows XP), and 2 laptops (1 XP, 1 Vista) that are connected wirelessly. Until recently all 3 computers have been working fine, connecting to the internet on the wireless network.
    The problem is this: When any one of the computers is connected to the internet through the DSL none of the others computers is able to connect – I see the message “Connecting through WAN miniport (PPOE)…”, i.e. I am only able to connect to the internet 1 computer at a time.
    As soon as I disconnect from the ‘connected’ computer (desktop or laptop) I am immediately able to successfully connect to the internet on either of the other 2 computers.
    I’ve tried resetting everything – no luck.
    I don’t recall having changed any of the settings and am baffled.
    Any thoughts as to the problem?
    Thanks in advance for any help.
    Charlie
    PS. I haven't called the Verizon DSL Tech Support team yet...but I will soon. I figured on asking here first.
    Solved!
    Go to Solution.

    CharlieJ wrote:
    The problem is this: When any one of the computers is connected to the internet through the DSL none of the others computers is able to connect – I see the message “Connecting through WAN miniport (PPOE)…”, i.e. I am only able to connect to the internet 1 computer at a time.
    As soon as I disconnect from the ‘connected’ computer (desktop or laptop) I am immediately able to successfully connect to the internet on either of the other 2 computers.
    I’ve tried resetting everything – no luck.
    I don’t recall having changed any of the settings and am baffled.
    Any thoughts as to the problem?
    Thanks in advance for any help.
    Charlie
    PS. I haven't called the Verizon DSL Tech Support team yet...but I will soon. I figured on asking here first.
    Ok.
    #1 You must get to the network control panel on your computer.
    One of the ways, for Windows XP is:
    a) Go to Start -> Control Panel -> Network Connections
    b) The screen will look like steps 5 and 6, on http://portforward.com/networking/static-xp.htm
    For Windows Vista:
    a) Go to the globe icon (start button) -> Control Panel -> Network and Sharing Center -> Manage Network Connections.
    b) The screen will look like steps 5, 6, and 7, on
    http://portforward.com/networking/static-vista.htm
    #2 Right click on the WAN miniport (PPPOE), and remove the check mark that says Set as Default Connection.
    ^^
    If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

  • I need to scan wirelessly from a MAC (OS 1.7 or higher) through Adobe Acrobat Pro X (or higher).  Have discovered that all in one printers say they are MAC compatible but will only scan when connected with a USB cable.  Would prefer a laser, color, all in

    I need to scan wirelessly from a MAC (OS 1.7 or higher) through Adobe Acrobat Pro X (or higher).  Have discovered that all in one printers say they are MAC compatible but will only scan when connected with a USB cable.  Would prefer a laser, color, all in one.  Does anyone have printer suggestions that you know will scan wirelessly?

    Great information.  
    -------------How do I give Kudos? | How do I mark a post as Solved? --------------------------------------------------------

  • Certificate error when Lync client login through VPN connection

    Hello,
    I am using the certificates from internal cert authority on Lync 2013 frontend servers and on edge server internal network. Edge external is using a third part certificate.
    The users always use MS VPN connection when work remotely. We have multiple subnets in the company so "use default gateway on remote network" is enabled for routing.
    When the users try to log in Lync client from non-domain joined computers while on VPN, they can't log in and get certificate error. It is hard to import the internal certificate on the computers.
    What change do I need to do to the Lync certificates? Thanks

    You have a few options:
    1) You could attempt to hardcode the client so that it always connects through the edge.  This can be done through tools->options->personal->advanced->manual configuration (but you may have to hardcode the FQDN in your hosts file so it doesn't
    attempt to resolve via internal DNS).  This may not work since your firewall may not be too happy with "internal" traffic leaving and coming back through the edge.
    2) Write a script that helps automate the certificate installation and try to walk users through it.
    3) Bite the bullet and use a third party certificate on the internal servers.
    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
    SWC Unified Communications

  • Configure OWA to require a client ssl certificate only for external connection

    Hello.
    At now i migrated OWA client from Exchange 2003 to Exchange 2010 and faced with a problem.
    I want to then external client (somebody like user from home PC) connect to Outlook Web App, client certificate will be required.
    But then client connect (somebody from work PC) to internal Outlook Web App Url, Integrate Windows Auth will be used and client ssl certificate not required.
    Is it possible? Or i need to enable Outlook Anywhere?

    Hi,
    Base on my konwledge, I don't think it is possible.
    When you install Exchange 2003, only one Default Web Site in Internet Information Services (IIS). if you change the authentication method and enable SSL on OWA, client ssl certificate always be required whether it's external or internal.
    I recommend you refer to the following articles:
    http://www.msexchange.org/articles-tutorials/exchange-server-2003/mobility-client-access/Securing-Exchange-Server-2003-Outlook-Web-Access-Chapter5.html
    http://www.msexchange.org/articles-tutorials/exchange-server-2003/security-message-hygiene/SSL_Enabling_OWA_2003.html
    Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft.
    Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
    Thanks.
    Niko Cheng
    TechNet Community Support

Maybe you are looking for