Are both internal users and external users configured with the same @host name, Do all @Hostname's resolve back to the correct address weather internal or external client?
If your external users are logging in as [EMAIL PROTECTED] then all of your internal users will also need to login as [EMAIL PROTECTED] (obviously the user names are going to differ) ALL users should have the same @Host If you are going to have users logging in from external and internal locations then all of the @Host portions MUST resolve back to the IP of the IIM Server (the IP Address of the router if using NAT) of the IIM Server If any of the users have a @hostname that another users client will not be able to resolve to the correct address then comunication will not be possible with that user A good example of this would be [EMAIL PROTECTED] ( since 192.168.0.1 is a private IP range the message can not be routed, the same holds true of a host name that would resolve to a private IP address ) Mike Barber Ipswitch, Inc ----- Original Message ----- From: "Greg Foulks" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Wednesday, February 05, 2003 5:33 PM Subject: RE: [IpswitchIM_Forum] Continued NAT problems > New development. I changed the IP in the NAT Gateway from the Firewall external IP to the External IP of the incoming connection to > the IM server. Now I can see the external user log in and see their status as online. I can receive external IM's however I am still > not able to send them an IM message either in return or a new IM message. > > Greg Foulks, MCP > NewFound Technologies, Inc. > http://www.nfti.com > Email: [EMAIL PROTECTED] > Voice: 614.318.5036 > Fax: 614.318.5005 > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Greg > Foulks > Sent: Wednesday, February 05, 2003 5:18 PM > To: [EMAIL PROTECTED] > Subject: RE: [IpswitchIM_Forum] Continued NAT problems > > > Yes the 210 address is in the NAT Gateway. Is this address suppose the firewall address or the external IP address for the IM > server? > > Greg Foulks, MCP > NewFound Technologies, Inc. > http://www.nfti.com > Email: [EMAIL PROTECTED] > Voice: 614.318.5036 > Fax: 614.318.5005 > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Peter > Mourfield > Sent: Wednesday, February 05, 2003 5:13 PM > To: [EMAIL PROTECTED] > Subject: RE: [IpswitchIM_Forum] Continued NAT problems > > > Have you put your external IP address '12.32.70.210' in the Nat Gateway host field in the Server Manager on the General tab? > > There is a help topic in the Ipswitch Server Manager Help that covers 'NAT Router Information' that may help you get up and running. > > Pete > Ipswitch, Inc > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Greg > Foulks > Sent: Wednesday, February 05, 2003 5:02 PM > To: [EMAIL PROTECTED] > Subject: [IpswitchIM_Forum] Continued NAT problems > > > Folks, > I am really having a hard time trying to get this IM stuff to work for our remote users. Here is my config and maybe someone can see > where it is I'm going wrong... > > Server is installed on 10.0.0.30 (Internal Machine behind a firewall) > > All internal users can log-in and send messages without any problems. > > The Firewall/NAT Gateway is 12.32.70.210 (Public) and 10.0.0.1 (Internal) > > > Something I notice on the client when trying to connect to the IM server that it tries to connect to it's internal address. Of > course that won't work. So I set up a filter that allowed inbound TCP 5177 on a public address. The firewall is configured to > forward those requests to the internal IM server. > > Now, I had to create a user xxx@external IP address on the internal IM server otherwise I was not able to authenticate. > > Okay so now the external user can connect and authenticate and I can see them internally on my client but they are showing as > gray(offline). > > The external user can send me a IM without any problems but I can't IM them back or send a new IM to the user. > > If I try to reply to a IM sent from the outside I get this error... > << Failed to forward message to [EMAIL PROTECTED] Failed to read protocol version. > An existing connection was forcibly closed by the remote host.. >> > > > If I try to send a new IM to the external user I get this error... > << User [EMAIL PROTECTED] is not a valid user. >> > > What am I doing wrong? > > Greg Foulks, MCP > NewFound Technologies, Inc. > http://www.nfti.com > Email: [EMAIL PROTECTED] > Voice: 614.318.5036 > Fax: 614.318.5005 > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Peter > Mourfield > Sent: Wednesday, February 05, 2003 4:25 PM > To: [EMAIL PROTECTED] > Subject: RE: [IpswitchIM_Forum] Recap the port issue and NAT Flag > > > IIM uses 2 ports. > > Clients connect to the Server on tcp 5177 (think of this as the control channel). Through this socket the client sends requests to > the server and the server acknowledges those requests. Also, Servers talk with other Servers on port 5177. > > The Server sends asynchronous data to the Client on tcp 5178 (think of this as the data channel). Data such as status information > and conversations travel over this socket. This is the default configuration of the Client (listening on 5178). Also, by default, > the Client does not maintain a socket that is always open to the server. When the Client is sending data, it A) opens a connection > to the server (who is listening on 5177) B) Sends its request C) waits for an acknowledgment from the server and D) closes the > socket. > With some network configurations Clients need to be configured to use persistent connections (i.e. maintaining an open socket to the > server all the time). This is when the NAT flag should be set on the Client. In this configuration, the Server does not talk to the > Client via port 5178. Instead it uses the persistent socket that was established when the Client logged on to the Server. > > Also, there is a Help Topic in the Server Help that further explains the NAT configuration issues. > > > Hope this helps, > Pete Mourfield > Ipswitch, Inc. > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Greg > Foulks > Sent: Wednesday, February 05, 2003 1:52 PM > To: [EMAIL PROTECTED] > Subject: [IpswitchIM_Forum] Recap the port issue and NAT Flag > > > Could someone recap the port issue and NAT flag? > > What ports must be opened on the firewall to allow for incoming and outgoing connections? > > The NAT flag- Do you enable it on a workstation that is outside the local lan? > > Thanks, > > Greg Foulks, MCP > NewFound Technologies, Inc. > http://www.nfti.com > Email: [EMAIL PROTECTED] > Voice: 614.318.5036 > Fax: 614.318.5005 > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]]On Behalf Of Terry L > Fritts > Sent: Wednesday, February 05, 2003 1:43 PM > To: Rick Leske > Subject: Re: [IpswitchIM_Forum] Clients on private network Server on > Internet network > > > Hello Rick, > > Wednesday, February 5, 2003 you wrote: > RL> Is there any truth to the dual ports? and if so do they just both use tcp > RL> only? > > Look at your log files and you'll know soon enough if you have the > issue. > > Here is an example from mine: > ------------------------- > 2/5/2003 9:07:25 AM ImServer Failed to push local presence to ... > Error=Failed to connect to 192.168.0.162 on port 5178 > ------------------------- > > I opened up 5178 outgoing from the IM server, 5177 incoming on my > workstation, set the Nat flag and it started working. TCP only. > > You don't need the nat flag on a workstation that connects directly to > the im server without natting but I guess that's obvious. > > Most of our clients have firewalls though and most nat so the nat > setting is a problem on install. > > Terry Fritts > Smart Business Solutions, Inc. > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/IpswitchIM_Forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/IpswitchIM_Forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/IpswitchIM_Forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > > > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html > List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ > Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp > To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/ipswitchim_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/Instant_Messenger/index.asp
