Proxy configuration for 10.1.2 b2b with 10.1.3 ohs

Looking for documentation on configuring outbound proxy for b2b through an OHS instance. I found some docs showing mod_proxy configuration, but the doc also had mod_oc4j configuration instructions. Can anyone explain what functionality mod_oc4j would provide for an outbound https post? We're also concerned that mod_proxy may not send https connections properly. I believe we want to initiate ssl sessions at the b2b server, but not have any ssl authentication until the connection reaches the external endpoint beyond the proxy server. We've been referred to document B25761, but we're still seeking a bit more guidance.
TIA

Hello,
could you please clarify how to setup an SSL client authentification between two trading partners for B2B in reverse proxy configuration (using OHS)?
Are the necessary steps same as those specified in your previous post?
At the present time I have two trading partners communicating with each other using HTTPS + client certificate authentification. So far this setup works pretty well. Now I would like to move one of the trading partners behind a proxy (OHS) in our DMZ but I still want them to authorize against each other using client certificates.
What should I do to make the client certificate authentification work? Is B2B proxy configuration "smart enough" and as such already supports this scenario?
Thanks in advance,
Krystof Nemec

Similar Messages

  • Bypass automatic proxy configuration for some websites?

    Here's my problem, perhaps someone can help:
    I occassionally need to use my university's proxy server to access library materials, etc., through my off-campus connection. So I entered the .pac file (a url) in the Automatic Proxy Configuration box of System Preferences > Network. All well and good.
    The problem is, when I want to get more weather details from the weather widget for example, visiting a site like Accuweather.com throws up the login page for my proxy server. Having to enter my university id and password whenever I want to check the weather is guaranteed to drive me bananas.
    So is there any way to keep sites like Accuweather.com from demanding I log into my proxy server when there's no reason to, while still keeping my auto proxy configuration in place for when I really need to use it? Anything I can do in Safari about this?
    The other option seems to be to reserve one browser, configured with my university proxy, just for doing library research, etc., and another as a general surfing browser. I'd be happy to make Safari do general duty, and configure Camino to use the proxy server, but I can't seem to make this division work, since both use whatever's listed in Network Prefs. I can't tell one to use the proxy and the other not to, they're both controlled by this global pref.
    I think I might be able to specify the proxy locally in Firefox, and leave Safari w/o the proxy...But I much prefer the look and feel of Camino...
    Any ideas on how to get around this with Safari, or a combo of Safari and Camino?
    Thanks in advance for any tips.
    iBook G4 800Mhz 12"   Mac OS X (10.4.4)   Safari 2.0.3, Camino 1.0

    Okay, I found the "Bypass proxy settings for these Hosts & Domains" box right under my nose, in Network Prefs. It's explained in this kbase document,
    http://docs.info.apple.com/article.html?artnum=301534
    Getting closer...
    However, using the accuweather.com example, I tried entering the domain name and it still calls up the login in Safari. I even tried looking up the site's IP address and entering that in different forms:
    wwwa.accuweather.com
    207.242.93.24
    207.242.93.*
    Still no luck, it calls up the proxy server...

  • Auto-detect proxy settings for this network Not work with DHCP WPAD

    My Network browsing Internet Through TMG The DHCP Configure To Deploy WPAD with configuration it's work good with IE 8,9 and Google Chrome, but don't work with firefox, I Tired search for the Solution for this problem but all Solution To fail.
    the big problem is there are more PCs and laptops work with FireFox.And The laptops will be able to going out to another network with end users

    Hi conectionist,
    This is taken if there is a proxy set up in your network settings on your OS. If you would like to test there may be an add on:
    *[https://addons.mozilla.org/en-US/firefox/addon/smart-ip-connection-info/?src=search]
    Please feel free to search to find a better one if necessary.

  • No logs flowing in uio log of UIO Apache Proxy configured for OAAM 11gR2

    Hi,
    I had configured and tested the UIO proxy and OAAM deployment.
    Configured the UIO logging as per documentation.
    But the HTTP traffic logs are not flowing in uio.log; infact no logs are flowing in uio.log.
    This is very much required for me to write interceptors.
    UIO Proxy is configured on Apache Webserver running on Win 2008 R2
    Can you please let me know how uio logs are enabled ?
    THanks
    Karthik S

    Hi,
    I had configured and tested the UIO proxy and OAAM deployment.
    Configured the UIO logging as per documentation.
    But the HTTP traffic logs are not flowing in uio.log; infact no logs are flowing in uio.log.
    This is very much required for me to write interceptors.
    UIO Proxy is configured on Apache Webserver running on Win 2008 R2
    Can you please let me know how uio logs are enabled ?
    THanks
    Karthik S

  • Configuration for using N73 as modem with Infrared...

    Hi,
    Can someone from Nokia explain us how to set-up a configuration to use N73 as modem via infrared or Bluetooth.
    The N73 manual refers to PC Suite manual, I followed this manual step by step but at the end it doesn't work.
    One thing also is that E61 menu refers to a "Connectivity -> Modem" option that is not available on Nokia N73 ?
    I tried to set-up a packet connection but it doesn't worked either ?
    I use PC Suite 6.81 (the latest version) and XP SP2.
    Thanks in advance for your help
    Emmanuel

    Hi,
    Sorry for not coming back earlier.
    I contacted Nokia support in France but they never came back to me.
    The N73 user manual is saying to follow the PC Suite manual instruction :
    "Detailed installation instructions can be found in the user guide for Nokia PC Suite.
    Tip! When using Nokia PC Suite for the first time, to
    connect your device to a compatible PC and to use
    Nokia PC Suite, use the Get Connected wizard available
    in Nokia PC Suite."
    I used the mentioned wizard and I got PC Suite connected to the phone by Infrared ok.
    Then I disconnect PC Suite and use the "Internet connection" wizard I get the following error message :
    "Network connection failed - Modem is used by another application or is badly configured".
    As suggested by the on line help I tried the following option :
    - Make sure that PC Suite is disconnected before trying to connect (I did and it didn't worked)
    - I changed the port used by the connection (and nothing changed)
    - I re-installed the modem driver and I even installed SP2 on my configuration (nothing changed)
    Somebody mentionned to me that I might have to create a Packet data connection, I did it but again it didn't changed anything.
    I'am now almost sure there is an issue using N73 as modem with Infrared.
    Worse saying also that my actual laptop configuration is working fine with a 6310i and that my N73 is working fine as a modem when used with USB cable.
    One interesting point also is that there is in E61 a "Connection->Modem" menu option that apparently is not existing in N73.
    Any new idea welcome
    Thank you and best regards
    Emmanuel

  • Wap (proxy) configurations for Midlet applications

    Hello,
    I developed MIDP application which need internet access suing http protocol. The application is a client for a web service.
    The application run perfectly on the emulator but it does not work on my mobile phone although my phone has internet access and I can browse the web without any problem.
    How can I tell the application about the settings of internet access??
    Thanks in advance,
    Motaz K. Saad
    http://motaz.saad.googlepages.com/

    Thanks much for the feedback. We're using the default settings on the HTTP rule we have set up for the portal on the ISA server. We'll be looking into the details of what the default rule settings are, however we did find a note in the Microsoft Knowledge base detailing with the ISA server screening high bits in URL strings for Outlook Web Access (OWA). This generates a similar error message. Here is the link to the detailed note on the Microsoft web site:
    http://support.microsoft.com/?scid=kb;en-us;837865
    Also,we are going to be applying the SP1 upgrade to the ISA server (released in March) to see if this might be some type of issue that may have been identified and corrected by the service pack. We'll see what happens with that.
    One area where we can recreate the problem at will is when we set up the system landscape configuration. We can navigate to a system configuration object, however when we attempt to right click to edit the object we get the error. There are other circumstances where we get errors but that is one that occurs for sure. Anyone have any idea as to what might be special about that type of transaction??
    Thanks again.
    Rich

  • Where do I access proxy configuration for Firefox 3.6 on a Mac OS?

    Before I updated to Firefox 3.6.13 I had my proxy manually configured. It seems the update erased my configuration, and now I cannot even find where to update the proxy. I am using a Mac OS. I've found this solution to change my proxy "Tools > Options > Advanced > Network > Settings" , however, when I go to "Tools", "option" is no longer an option.
    Tools only has "web search" "add ons" "personas" "downloads" "error console" "page info" "start private browsing" "clear recent history".
    Any information on how to find my proxy to change the setting would be great. Thanks

    On Mac use [http://kb.mozillazine.org/Menu_differences text Firefox > Preferences] instead of Tools > Options
    Firefox > Preferences > Advanced > Network > Settings
    See "Firefox connection settings" in [[Server not found]]

  • Error in proxy configuration for a WebService

    This is my first attempt at working with a WebService in Flash.
    The services, which are on a local machine work fine when I call them directly, i.e. with useProxy="false".
    However, when I attempt to call them through BlazeDS, setting useProxy="true", I get the following error as soon as the app loads. Seems I have not set up channels correctly, but I cannot figure out what I am doing wrong. The proxy-config file is at the end of this message.
    [RPC Fault faultString="[MessagingError message='Destination 'groupWS' either does not exist or the destination has no channels defined (and the application does not define any default channels.)']" faultCode="InvokeFailed" faultDetail="Unable to load WSDL. If currently online, please verify the URI and/or format of the WSDL (http://localhost:8080/idm-ws/idmsrvc/GroupDataWebService?wsdl)"]
        at mx.rpc.wsdl::WSDLLoader/faultHandler()[E:\dev\4.0.0\frameworks\projects\rpc\src\mx\rpc\ws dl\WSDLLoader.as:103]
        at flash.events::EventDispatcher/dispatchEventFunction()
        at flash.events::EventDispatcher/dispatchEvent()
        at HTTPOperation/http://www.adobe.com/2006/flex/mx/internal::dispatchRpcEvent()[E:\dev\4.0.0\frameworks\pro jects\rpc\src\mx\rpc\http\HTTPService.as:989]
        at Function/http://adobe.com/AS3/2006/builtin::apply()
        at mx.rpc::AsyncDispatcher/timerEventHandler()[E:\dev\4.0.0\frameworks\projects\rpc\src\mx\r pc\AsyncDispatcher.as:50]
        at flash.utils::Timer/_timerDispatch()
        at flash.utils::Timer/tick()
    MXML
            <s:WebService id="groupRO"
                          wsdl="http://localhost:8080/idm-ws/idmsrvc/GroupDataWebService?wsdl"
                          useProxy="true"
                          destination="groupWS"
                          result="serviceResult(event);"
                          showBusyCursor="true"/>
    proxy-config.xml
    <?xml version="1.0" encoding="UTF-8"?>
    <service id="proxy-service"
        class="flex.messaging.services.HTTPProxyService">
        <properties>
            <connection-manager>
                <max-total-connections>100</max-total-connections>
                <default-max-connections-per-host>2</default-max-connections-per-host>
            </connection-manager>
            <allow-lax-ssl>true</allow-lax-ssl>
        </properties>
        <adapters>
            <adapter-definition id="http-proxy" class="flex.messaging.services.http.HTTPProxyAdapter" default="true"/>
            <adapter-definition id="soap-proxy" class="flex.messaging.services.http.SOAPProxyAdapter"/>
        </adapters>
        <default-channels>
            <channel ref="my-amf"/>
        </default-channels>
        <destination id="DefaultHTTP">
        </destination>
        <destination id="groupWS">
            <properties>
                <wsdl>http://localhost:8080/idm-ws/idmsrvc/GroupDataWebService?wsdl</wsdl>
                <soap>http://localhost:8080/idm-ws/idmsrvc/*</soap>
            </properties>
            <adapter ref="soap-proxy"/>
        </destination>
    </service>
    Any help will me much appreciated.
    Thanks.
    cortlander

    Here is my proxy-config.xml which defines default channels:
    <?xml version="1.0" encoding="UTF-8"?>
    <service id="proxy-service" class="flex.messaging.services.HTTPProxyService">
        <properties>
            <connection-manager>
                <max-total-connections>100</max-total-connections>
                <default-max-connections-per-host>2</default-max-connections-per-host>
            </connection-manager>
            <allow-lax-ssl>true</allow-lax-ssl>
        </properties>
        <default-channels>
            <channel ref="my-http"/>
            <channel ref="my-amf"/>
        </default-channels>
        <adapters>
            <adapter-definition id="http-proxy" class="flex.messaging.services.http.HTTPProxyAdapter" default="true"/>
            <adapter-definition id="soap-proxy" class="flex.messaging.services.http.SOAPProxyAdapter"/>
        </adapters>
        <destination id="DefaultHTTP">
                        <properties>
                        </properties>
        </destination>
        <destination id="catalog">
                        <properties>
                                  <url>/{context.root}/testdrive-httpservice/catalog.jsp</url>
                        </properties>
        </destination>
        <destination id="ws-catalog">
            <properties>
                <wsdl>http://feeds.adobe.com/webservices/mxna2.cfc?wsdl</wsdl>
                <soap>*</soap>
            </properties>
            <adapter ref="soap-proxy"/>
        </destination>
    </service>
    And (partial/related)services-config.xml:
    <services-config>
        <services>
            <service class="flex.samples.DatabaseCheckService" id="hsqldb" />
            <service-include file-path="remoting-config.xml" />
            <service-include file-path="proxy-config.xml" />
            <service-include file-path="messaging-config.xml" />
                  <service class="flex.samples.runtimeconfig.EmployeeRuntimeRemotingDestination" id="runtime-employee-ro" />
            <default-channels>
               <channel ref="my-amf"/>
            </default-channels>
              </services>
        <channels>
            <channel-definition id="my-streaming-amf" class="mx.messaging.channels.StreamingAMFChannel">
                <endpoint url="http://{server.name}:{server.port}/{context.root}/messagebroker/streamingamf" class="flex.messaging.endpoints.StreamingAMFEndpoint"/>
            </channel-definition>
            <channel-definition id="my-amf" class="mx.messaging.channels.AMFChannel">
                <endpoint url="http://{server.name}:{server.port}/{context.root}/messagebroker/amf" class="flex.messaging.endpoints.AMFEndpoint"/>
                <properties>
                    <polling-enabled>false</polling-enabled>
                </properties>
            </channel-definition>
        </channels>
    </services-config>
    Any help would be greatly appreciated.

  • ABAP Proxy Configuration in PI 7.3

    Hi ,
    Can you please help me in configuring ABAP Proxy in PI 7.3. Please help me with detailed description.
    Thanks In Advance.
    Thanks & Regards
    Sreeram

    check [this|http://venkata-pagolu.blogspot.com/2011/08/proxy-configuration-for-pi-73-java-only.html].

  • Reverse Proxy Configuration - Apache as an SSL reverse-proxy

    Hi,
    We have EP 6.0 SP 14 installed with SSL configured.
    We are in need to open the application to internet.
    For the same we have set up a reverse proxy server (Apache as SSL
    Reverse Proxy).
    Our requirement is to open the application to the internet with
    web address https://abc.domain.com.
    The issue is we are able to access the application from internet only when
    https://abc.domain.com/irj/potal is typed.
    (ie.) Mapping is working fine for
    https://abc.domain.com/irj/portal to
    our EP Portal address https://abc2.domain.com:50001/irj/portal
    And not working for mapping https://abc.domain.com to our EP Portal
    address https://abc2.domain.com:50001/irj/portal
    We have been working on to resolve this issue for days together but have been really unsuccessful
    Kindly help us in resolving the same asap.
    Note : The references we used are:
    1. SAP's document:
    "Apache Reverse Proxy Configuration for J2ee 6.20 and 6.40 Web Applications"
    2. Weblogs:
    The Reverse Proxy Series -- Part 1: Introduction
    The Reverse Proxy Series -- Part 3: Apache as a reverse-proxy
    The Reverse Proxy Series -- Part 3.1: Apache as an SSL reverse-proxy
    Regards,
    venkat.

    Thanks much for the feedback. We're using the default settings on the HTTP rule we have set up for the portal on the ISA server. We'll be looking into the details of what the default rule settings are, however we did find a note in the Microsoft Knowledge base detailing with the ISA server screening high bits in URL strings for Outlook Web Access (OWA). This generates a similar error message. Here is the link to the detailed note on the Microsoft web site:
    http://support.microsoft.com/?scid=kb;en-us;837865
    Also,we are going to be applying the SP1 upgrade to the ISA server (released in March) to see if this might be some type of issue that may have been identified and corrected by the service pack. We'll see what happens with that.
    One area where we can recreate the problem at will is when we set up the system landscape configuration. We can navigate to a system configuration object, however when we attempt to right click to edit the object we get the error. There are other circumstances where we get errors but that is one that occurs for sure. Anyone have any idea as to what might be special about that type of transaction??
    Thanks again.
    Rich

  • Shop configuration for internal users

    Hi SDN,
    We are using ecommerce 7.0 for SAP ECC 6.0.
    I've seen at the shopadmin that there is a possibility to configure an eshop for internal users. There its possible to create a scenario "B2B For Internal Users".
    So in my point of view. I have to define a b2b configuration at XCM. And then i should see that new scenario after login.
    But that works abolutely not. The shop with scenario "B2B For Internal Users" is not displayed. I only see all the configurations of type "Internet Sales B2B".
    Why?? both this scenarios are B2B scenarios. So both has to been displayed?
    How to configure a shop for internal users?
    One more point which i understand not... Why is this configuration for internal users a B2B scenario and not a BOB?
    The internal user has to select the customer...so thats the same like a BOB shop??
    Please explain me that things What im understanding wrong here?
    Thanks and best regards,
    Toni

    Hi SDN,
    We are using ecommerce 7.0 for SAP ECC 6.0.
    I've seen at the shopadmin that there is a possibility to configure an eshop for internal users. There its possible to create a scenario "B2B For Internal Users".
    So in my point of view. I have to define a b2b configuration at XCM. And then i should see that new scenario after login.
    But that works abolutely not. The shop with scenario "B2B For Internal Users" is not displayed. I only see all the configurations of type "Internet Sales B2B".
    Why?? both this scenarios are B2B scenarios. So both has to been displayed?
    How to configure a shop for internal users?
    One more point which i understand not... Why is this configuration for internal users a B2B scenario and not a BOB?
    The internal user has to select the customer...so thats the same like a BOB shop??
    Please explain me that things What im understanding wrong here?
    Thanks and best regards,
    Toni

  • B2B with Firewall configuration for Outgoing messages

    Hi,
    We have put B2B midtier within Intranet. We have firewall configuration for our network.
    When B2B sends the business message to remote trading partner.The connection first hits the firewall. Inorder to pass through the firewall what ports do we need to open on firewall ..?
    Any suggestions..?
    Thakls

    Hello Praveen,
    Please use B2B in the rever proxy configuration with OHS. Pleae refer to 5.5 Configuring Reverse Proxies and Load Balancers in the Oracle® HTTP Server Administrator's Guide 10g Release 2 (10.1.2)
    In tip.properties pleae give proxy host and port (10.60.15.24 and port 4085) and restart the B2B server and follow above document for configuring OHS in reverse proxy mode by changing the http.conf
    Please let me know.
    Rgds,Ramesh

  • Error in Proxy configuration with SLM

    > Hello Experts,
    >
    > I am encountring some problems when configuring SLM with Solution Manager 7.01 SP06. I have applied all the settings required for SLM and described on the How-To documentation. I have also read all the forums regarding this issue, but nothing helpful. This issue is the configuration of the proxy settings. We are using SNC for our Saprouter, so I assume that I have to use also the sapserv3 for SLM configuration, with the port 8080.
    >
    > I have added also these entries on Web Service Container in VA:
    > Proxy Host: sapserv3
    > Proxy Port: 8080
    > Exclude List: myhost.mydomain
    > And Save
    >
    > When I execute the configuration check with the transaction "/n/tmwflow/mopzcfg", I have these errors:
    >
    >  <description>Check Proxy settings for download</description>
    > + <config-path>
    > <entry>Configuration path: SDT/SDT|cod-zeus|PS1/SDTExecutionService/DOWNLOAD</entry>
    >  </config-path>
    > - <input>
    >  <entry>Proxy use: true</entry>
    >  <entry>Proxy host: sapserv3</entry>
    >  <entry>Proxy port: 8080</entry>
    >  <entry>Use proxy authentication: false</entry>
    >  <entry>Check HTTP connection to: http://www.sap.com/index.epx</entry>
    >  </input>
    > - <output>
    > <entry>Test Result: FAILED</entry>
    >  </output>
    >- <error>
    >- <MESSAGE>
    >  <ID>java.net.UnknownHostException: BAEx.Failed</ID>
    >  <CREATOR>SLM: java.net.PlainSocketImpl: Line: 201</CREATOR>
    >  <TEXT>www.sap.com</TEXT>
    >  </MESSAGE>
    >  </error>
    >  </CheckResult>
    > - <CheckResult status="FAILED">
    >  <description>Check Proxy settings for web services</description>
    > - <config-path>
    >  <entry>Configuration path: WebServicessAddOn/HTTPProxy</entry>
    >  </config-path>
    > - <input>
    >  <entry>Proxy use: true</entry>
    >  <entry>Proxy host: sapserv3</entry>
    >  <entry>Proxy port: 8080</entry>
    >  <entry>Check HTTP connection to: http://www.sap.com/index.epx</entry>
    >  <entry>Set Proxy-Authorization</entry>
    >  </input>
    > - <output>
    >  <entry>Proxy user:</entry>
    >  <entry>Test Result: FAILED</entry>
    >  </output>
    >- <error>
    >- <MESSAGE>
    >  <ID>java.net.UnknownHostException: BAEx.Failed</ID>
    >  <CREATOR>SLM: java.net.PlainSocketImpl: Line: 201</CREATOR>
    >  <TEXT>www.sap.com</TEXT>
    >  </MESSAGE>
    >  </error>
    >  </CheckResult>
    > - <CheckResult status="FAILED">
    >  <description>Check SMP user and SP web service</description>
    >
    >  Configuration path: SDT/SDT|host|sid/SDTExecutionService/DOWNLOAD
    >
    > please tell me what should I do. Thank you
    Edited by: sapmoo on May 7, 2010 11:59 AM

    is Done...
    I have changed the 8001 Port, by 50100... :S
    this is my First Client with both instances in a same Server than I have to use this port... always I have used 800 + number of Instance...
    Regards

  • Idoc Communication Configurations and Proxy Runtime Configurations for PI

    We have a fresh PI 7.1 system, fresh ECC6 system, and an existing 4.6C system.
    is there any blog/doc with step-by-step instructioins/screenshots for following tasks:
    1. Configuring Abap proxy runtime between ECC6 and PI 7.1 Systems, for using sproxy from ECC6.
    2. Configuring for IDOC communication between ECC6 and PI 7.1
    3. Configuring for IDOC communication between 4.6C system and PI 7.1
    It involves creating of sm59 rfc destination creations, usage of idoc related transactions on PI system and the other system.. I searched on sdn/forum, but it seems to be addressing specific issues faced.
    Pls suggest any step-by-step instructions docs/blogs available.
    thanks in advance.
    Madhu.

    Madhu,
    Refer the links below:
    1. /people/vijaya.kumari2/blog/2006/01/26/how-do-you-activate-abap-proxies
    2& 3 :
    https://wiki.sdn.sap.com/wiki/display/XI/SAPR3%28Idocs%29ToXI--Steps+Summarized
    http://www.riyaz.net/blog/xipi-settings-in-r3-partner-system-to-receive-idocs/
    /people/swaroopa.vishwanath/blog/2007/01/22/ale-configuration-for-pushing-idocs-from-sap-to-xi
    https://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/877c0d53-0801-0010-3bb0-e38d5ecd352c&overridelayout=true
    http://www.riyaz.net/blog/beginners-guide-to-ale-and-idocs-a-step-by-step-approach/
    Also, I  think u hv just started learning XI ..so following link might help:
    http://wiki.sdn.sap.com/wiki/display/NWTech/QAforPI-Onestopforall%28Part-1%29

  • 502 - Web server received an invalid response while acting as a gateway or proxy server. There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream cont

    I am getting error while accessing url of lyncweb.domain.com, dialin.domain.com and meet.domain.com pointing to RP server.
    502 - Web server received an invalid response while acting as a gateway or proxy server.
    There is a problem with the page you are looking for, and it cannot be displayed. When the Web server (while acting as a gateway or proxy) contacted the upstream content server, it received an invalid response from the content server.
    Regards, Ganesh, MCTS, MCP, ITILV2 This posting is provided with no warranties and confers no rights. Please remember to click Mark as Answer and Vote as Helpful on posts that help you. This can be beneficial to other community members reading the thread.

    When i try with https://lyncfrontend.domain.local:4443 and https://lyncfrontend.domain.com:4443 both opens but when i open the external domain name i get certificate .
    ARR version installed is 3.0
    To throw more light on the configuration:
    Lync 2013 implemented, internal domain name is : domain.local and external domain name is : domain.com
    All servers in VMs are with 4 core processor, 24gb ram, 1TB drive.
    Frontend : Windows 2012r2 with Lync 2012 Standard Edition - 1 No (192.168.10.100)
    Edge : Windows 2012 with Lync 2012 Std - 1 No 
    (192.168.11.101 DMZ) in workgroup
    ISS ARR Reverse Proxy 3.0 : Windows 2012 with ARR and IIS configured. (192.168.11.102)
    Certificate : Internal Domain root CA for internal and External (Digicert).
    Internal Network : 192.168.10.x /24
    External Network (DMZ) : 192.168.11.x /24
    Public Firewall NAT to DMZ ip for firewall and RP server. So having two public IP facing external network.
    Edge has : sip.domain.com, webconf.domain.com, av.domain.com
    IIS ARR RP server has : lyncdiscover.domain.com, lyncweb.domain.com, meet.domain.com, dialin.domain.com
    Have created SRV record in public : _sip.tls.domain.com >5061>sip.domain.com, _sipfederationtls._tcp.domain.com>5061>sip.domain.com, _xmpp-server._tcp.domain.com>5269>sip.domain.com
    Installed frontend server using MS Lync server 2013 step by step for anyone by Matt Landis, Lync MVP.
    Internal AD Integrated DNS pointing Front-end
    Type of Record FQDN
    IP Description 
    A sip.domain.com
    192.168.10.100 Address internal Front End  or Director for internal network clients 
    A admin.domain.com
    192.168.10.100 URL Administration pool
    A DialIn.domain.com
    192.168.10.100 URL Access to Dial In 
    A meet.domain.com
    192.168.10.100 URL of Web services meeting
    A lyncdiscoverinternal.domain.com
    192.168.10.100 Register for Lync AutoDiscover service to internal users
    A lyncdiscover.domain.com
    192.168.10.100 Register for Lync AutoDiscover service to external users  
    SRV Service: _sipinternaltls Protocol: _tcp Port: 5061
    sip.domain.com Record pointer services to internal customer connections using TLS 
    External DNS pointing Edge & Proxy
    Type of Record FQDN
    IP Endpoint
    A sip.domain.com
    x.x.x.100 Edge
    A webconf.domain.com
    x.x.x.100 Edge
    A av.domain.com
    x.x.x.100 Edge
    SRV _sip._tls.domain.com
    sip.domain.com: 443 Edge
    SRV _sipfederationtls._tcp.domain.com
    sip.domain.com:5061 Edge
    A Meet.domain.com
    x.x.x.110 Reverse Proxy
    A Dialin.domain.com
    x.x.x.110 Reverse Proxy
    A lyncdiscover.domain.com
    x.x.x.110 Reverse Proxy
    A lyncweb.domain.com
    x.x.x.110 Reverse Proxy
    In IIS ARR proxy server following server farms are added and configured as per link ttp://y0av.me/2013/07/22/lync2013_iisarr/
    In proxy server had setup only following server farm : While running remote connectivity web service test : meet, dialin, lyncdiscover and lyncweb.
    The client inside works fine internally and through vpn. Login with external client also working fine. But we are getting error in MRCA as follows.
    a) While testing remote connectivity for lync getting error : The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
    Certificate was installed properly.
    b) For remote web test under Lync throws error : A Web exception occurred because an HTTP 502 - BadGateway response was received from IIS7.
    HTTP Response Headers:
    Content-Length: 1477
    Content-Type: text/html
    Date: Wed, 14 May 2014 10:03:40 GMT
    Server: Microsoft-IIS/8.0
    Elapsed Time: 1300 ms.
    Regards, Ganesh, MCTS, MCP, ITILV2 This posting is provided with no warranties and confers no rights. Please remember to click Mark as Answer and Vote as Helpful on posts that help you. This can be beneficial to other community members reading the thread.

Maybe you are looking for

  • How do I determine what operating system I can install on my older IMAC?

    I need to update my operating system but cannot determine which one my mac will support

  • No parameter view when running "Format Payment Instructions" conc prog

    Hello everyone. When submitting the Format Payment Instructions program (when making a payment) I am not asked for any parameters. Previously the program would ask for parameters. Does anyone have any idea why this is happening and what to do about i

  • CE portal vs regular portal

    Hi, CE 7.1 comes with a simplified portal. The CE portal cannot be used as the main portal, a FPN has to be set up between the main 7.0 and the CE 7.1 portal. This makes sense now, when 7.1 runs on JEE5, but when there will be a generally available E

  • Japanese email encoding setting possible?

    In Japan, the traditional encoding for mail transport has been JIS encoding. And the traditional encoding for web content has been ShiftJIS. Typically a site would receive the email in JIS, convert to ShiftJIS and store the contents in the database.

  • Unable to access a share - beachball...

    Colleague has raised an issue - he is unable to access a shared folder on our server. He does Command K, enters ip number of server, clicks connect, enters name and password Gets a window offering volumes to mount - as soon as he clicks on one gets '