Mitel Forums - The Unofficial Source
Mitel Forums => Mitel Software Applications => Topic started by: sunspark on October 30, 2020, 07:46:45 PM
-
Hi guys,
We are using micollab client 7.3 legacy, and we want to use next gen (only in lan mode). Any help to set up this?
-
Read up on the client deployment profiles, that will have to be set correctly for your environment otherwise you're in for a lot of headaches. If you set that up correctly it's easy. You could also try out the web client while still running the 7.3 desktop if you're not sure.
-
I'm thinking you still need a valid certificate on the MiCollab even for LAN mode. You'll also need to make sure the FQDN resolves to the LAN address. You can run the legacy and next gen side by side so you should break anything that is currently working if you work on a test user and new deployment profile.
-
Ok I can install lets encrypt which is free. For fqdn, we use micollab.mycompagny.local already solved in lan mode Since when we install the client micollab 7.3 it asks for the address of the fqdn and not the ip. So if I understand I have to read the documentation for the deployment profiles?
-
Ok I can install lets encrypt which is free. For fqdn, we use micollab.mycompagny.local already solved in lan mode Since when we install the client micollab 7.3 it asks for the address of the fqdn and not the ip. So if I understand I have to read the documentation for the deployment profiles?
Yes, mostly because you need to make sure you have the right FQDN's for the MBG the clients will connect to, otherwise you'll be chasing down issues with client connections and SIP softphone registrations constantly.
-
We are using thembg (lan mode) who is in the micollab.
Should i change the mode? Do we need mbg to use nex gen in lan only?
-
MBG is always good. You do need a 3rd party certificate and .local won't ever work. If not using mobile cell client you should be able to get this working in server only mode. Could always switch to custom if an external ip address is pointed to it.
-
MBG is always good. You do need a 3rd party certificate and .local won't ever work. If not using mobile cell client you should be able to get this working in server only mode. Could always switch to custom if an external ip address is pointed to it.
No mobile client. Only pc client in lan mode. When i check deployment profil, im not able to Pass test 2 and 3 in diagnostic. Why. Local can't work? Im in the lan mode. And i use mbg who is in the micollab. Also im using let's encrypt cert. When i put the qr code in the micollab client im not able to authenticate
-
Let's Encrypt requires true resolvable domain name for certificate issue. Need port 80 opened from what I have seen
-
MBG is always good. You do need a 3rd party certificate and .local won't ever work. If not using mobile cell client you should be able to get this working in server only mode. Could always switch to custom if an external ip address is pointed to it.
No mobile client. Only pc client in lan mode. When i check deployment profil, im not able to Pass test 2 and 3 in diagnostic. Why. Local can't work? Im in the lan mode. And i use mbg who is in the micollab. Also im using let's encrypt cert. When i put the qr code in the micollab client im not able to authenticate
You will never pass test 2 and 3 for internal only - this requires public FQDN resolution. No worries for your intended use.
Like others have stated I don't believe you are able to use the Let's Encrypt cert. You need a true SSL cert and a name resolution to a real fqdn that matches the SSL cert. This is all needed even for internal only use. You won't need the MiCollab MBG at all with this nor a DMZ or another MBG for internal use.
-
MBG is always good. You do need a 3rd party certificate and .local won't ever work. If not using mobile cell client you should be able to get this working in server only mode. Could always switch to custom if an external ip address is pointed to it.
No mobile client. Only pc client in lan mode. When i check deployment profil, im not able to Pass test 2 and 3 in diagnostic. Why. Local can't work? Im in the lan mode. And i use mbg who is in the micollab. Also im using let's encrypt cert. When i put the qr code in the micollab client im not able to authenticate
You will never pass test 2 and 3 for internal only - this requires public FQDN resolution. No worries for your intended use.
Like others have stated I don't believe you are able to use the Let's Encrypt cert. You need a true SSL cert and a name resolution to a real fqdn that matches the SSL cert. This is all needed even for internal only use. You won't need the MiCollab MBG at all with this nor a DMZ or another MBG for internal use.
let's encrypt should work with name resolution ti real fqdn.
-
MBG is always good. You do need a 3rd party certificate and .local won't ever work. If not using mobile cell client you should be able to get this working in server only mode. Could always switch to custom if an external ip address is pointed to it.
No mobile client. Only pc client in lan mode. When i check deployment profil, im not able to Pass test 2 and 3 in diagnostic. Why. Local can't work? Im in the lan mode. And i use mbg who is in the micollab. Also im using let's encrypt cert. When i put the qr code in the micollab client im not able to authenticate
You will never pass test 2 and 3 for internal only - this requires public FQDN resolution. No worries for your intended use.
Like others have stated I don't believe you are able to use the Let's Encrypt cert. You need a true SSL cert and a name resolution to a real fqdn that matches the SSL cert. This is all needed even for internal only use. You won't need the MiCollab MBG at all with this nor a DMZ or another MBG for internal use.
let's encrypt should work with name resolution ti real fqdn.
I know Let's Encrypt is legit but I'm fairly positive that it won't work for next gen. Do what you want with that though.
-
MBG is always good. You do need a 3rd party certificate and .local won't ever work. If not using mobile cell client you should be able to get this working in server only mode. Could always switch to custom if an external ip address is pointed to it.
No mobile client. Only pc client in lan mode. When i check deployment profil, im not able to Pass test 2 and 3 in diagnostic. Why. Local can't work? Im in the lan mode. And i use mbg who is in the micollab. Also im using let's encrypt cert. When i put the qr code in the micollab client im not able to authenticate
You will never pass test 2 and 3 for internal only - this requires public FQDN resolution. No worries for your intended use.
Like others have stated I don't believe you are able to use the Let's Encrypt cert. You need a true SSL cert and a name resolution to a real fqdn that matches the SSL cert. This is all needed even for internal only use. You won't need the MiCollab MBG at all with this nor a DMZ or another MBG for internal use.
let's encrypt should work with name resolution ti real fqdn.
I know Let's Encrypt is legit but I'm fairly positive that it won't work for next gen. Do what you want with that though.
So in this case what is it for let's encrypt?
-
If MiCollab PC Client 9.1 is an example of "next gen", then yes it works fine with Letsencrypt certs.
-
FWIW, you will never get a certificate from Let's encrypt for the name host.domain.local, might be added as a SAN yo a true FQDN, never tried it. Think it is bad practise to use anything less that a true FQDN when installing MiCollab or MBG with web proxy
-
If MiCollab PC Client 9.1 is an example of "next gen", then yes it works fine with Letsencrypt certs.
Yes , all softphone after 7.3 are considered as a next gen.
with lets encrypt cert + fqdn micollab.mycompagny.com it's sure that it will work, this is what i'm trying to exeNEPhoneGuy
-
FWIW, you will never get a certificate from Let's encrypt for the name host.domain.local, might be added as a SAN yo a true FQDN, never tried it. Think it is bad practise to use anything less that a true FQDN when installing MiCollab or MBG with web proxy
i agree , but let encrypt cert + fqdn micollab.mycompagny.com and without MBG it will work in lan mode only.
-
Yes it should work, might need to make port 80 open for the certificate fro Let's Encrypt
-
Yes it should work, might need to make port 80 open for the certificate fro Let's Encrypt
Thank you for your advice
-
get the customer to create an internal ssl cert for it using the domain CA
generate a csr and put the server name in the alternate name filed ( will create a cert with the name listed twice)
then install the domain ca cert into the certificate authority trust
once thats done the internally created cert should install