Author Topic: Unable ro register using internal wifi connection  (Read 1861 times)

Offline albertmiclat

  • New Member
  • *
  • Posts: 3
  • Country: sg
  • Karma: +0/-0
    • View Profile
Unable ro register using internal wifi connection
« on: September 12, 2018, 12:15:47 AM »
Hi All,

We have just implemented MiCollab service by Mitel on our environment. Using the Mitel MiCollab apps to Android we can successfully connect to the server and do normal in/outgoing calls using 4G/3G BUT for some reason, we are NOT able to connect to the server when we're using internal wifi connection it shows "Cannot connect to the server"

Using the Teleworker Network Analysis TCP port are showing closed when tapping wifi connection, but UDP ports are OK.

We are using Aruba System for our Wifi, also as per the Aruba Engineer no ports are being blocked/filtered on the Aruba Controller.

We are using PFsense for our firewall we are already verified we ALLOW ALL traffic from/to our wifi network.

I have attached the TNA results for both 4G and Wifi.

Any advice and recommendation will be greatly appreciated.

Thanks,
A
« Last Edit: September 12, 2018, 12:29:43 AM by albertmiclat »


Offline sarond

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1404
  • Country: au
  • Karma: +73/-0
    • View Profile
Re: Unable ro register using internal wifi connection
« Reply #1 on: September 12, 2018, 03:18:07 AM »
Just a bit of friendly advise, I would remove your images and obfuscate (make obscure) your public IP address.

What happens if you try a TNA test from the WiFi network to your public IP address, does it pass.

Offline acejavelin

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 4100
  • Country: us
  • Karma: +133/-0
  • High-tech, heavy metal redneck!
    • View Profile
    • Like what I do and wanna help out? Send me a donation!
Re: Unable ro register using internal wifi connection
« Reply #2 on: September 12, 2018, 11:02:21 AM »
Did you add the 10.26.200.0/xx network to the MSL server under Configuration - Networks so it has a route to that subnet? Any network that is not defined with a specific gateway or on the native subnet will attempt to use the public internet default gateway to connect to, causing a failure in most cases.
« Last Edit: September 12, 2018, 11:04:29 AM by acejavelin »

Offline albertmiclat

  • New Member
  • *
  • Posts: 3
  • Country: sg
  • Karma: +0/-0
    • View Profile
Re: Unable ro register using internal wifi connection
« Reply #3 on: September 12, 2018, 10:43:35 PM »
@sarond: noted thanks for the advice. When I used the public IP using Wifi network yes TNA is a pass. I'm thinking to point the internal DNS to point externally to the public IP instead of going thru 10.26.200.xx not sure if this will work though.

@acejavelin: Yes 10.26.0.0/16 is already configured on the trusted networks.

Offline sarond

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 1404
  • Country: au
  • Karma: +73/-0
    • View Profile
Re: Unable ro register using internal wifi connection
« Reply #4 on: September 12, 2018, 11:00:07 PM »
You could test by setting a static host entry on a PC first.

Offline albertmiclat

  • New Member
  • *
  • Posts: 3
  • Country: sg
  • Karma: +0/-0
    • View Profile
Re: Unable ro register using internal wifi connection
« Reply #5 on: September 14, 2018, 05:04:58 AM »
just to update managed to get Micollab apps using our wifi network by pointing the internal DNS entry to the public IP address.

but I still need to find out what causing the issue, I suspect some firewall rules overlapping reason why some ports cannot pass thru via wifi.

thanks ALL

Offline martyn

  • Hero Member
  • *****
  • Posts: 688
  • Country: au
  • Karma: +10/-0
    • View Profile
Re: Unable ro register using internal wifi connection
« Reply #6 on: September 18, 2018, 06:44:22 PM »
Just a bit of friendly advise, I would remove your images and obfuscate (make obscure) your public IP address.

What happens if you try a TNA test from the WiFi network to your public IP address, does it pass.
Another piece of advise would be to not allow server-manager access from all sources (especially all of the internet). Ideally this should be locked down to only trusted networks inside of the network, only to very specific IP addresses on the outside (like your VAR)


 

Sitemap 1 2 3 4 5 6 7 8 9 10