• ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
  • ×
    Information
    Windows update impacting certain printer icons and names. Microsoft is working on a solution.
    Click here to learn more
    Information
    Need Windows 11 help?
    Check documents on compatibility, FAQs, upgrade information and available fixes.
    Windows 11 Support Center.
  • post a message
Guidelines
The HP Community is where owners of HP products, like you, volunteer to help each other find solutions.
Locked

‎02-07-2013 01:35 PM

HP Recommended

In our network resides among others:

- VBP5300-ST25 on version 11.2.13

- VBP5300-E25 on version 11.2.13

- CMA4000/200 on version 6.2.1

- CMAD (PC/Mac) on version 5.2.4.29222

 

Question 1:

If would like to invite a (future) customer using CMAD and ports are closed to the outside at the customer's premises, will the three TCP443/5222/389 ports be sufficient? Is this only outbound? Or do I need them to open inbound ports as well?

 

Question 2:

We have a dozen customers using a Cisco router/firewall (SA500-series). Every time one of our colleagues  is on site (behind that particular router) the router tends to reboot.

After examining closer I found out that the reset only occurs when:

- The application closes (when forced) during a call

- The application closes (when forced) out of a call (but still registered)

- When the CMAD user signs out

- When CMAD is logged in and a VPN with that location is made and I log out of CMAD

BTW, this happens with the CMAD for PC and MAC but have not seen it rebooting with the mobile client yet.

 

Can anyone help me out?

Thanks,

Michael Rosoft

1 ACCEPTED SOLUTION

Accepted Solutions

‎02-14-2013 01:40 AM

HP Recommended

Hi Simon,

Thanks for your reply. As for your answers:

 

Question 1:

If would like to invite a (future) customer using CMAD and ports are closed to the outside at the customer's premises, will the three TCP443/5222/389 ports be sufficient? Is this only outbound? Or do I need them to open inbound ports as well?

Q1: please look at the VBP admin guide which has a break down of ports used. You have only mentioned the 3 ports used for Access Proxy feature. These ports are the destination ports for the other CMAD user. The source ports will be >1024 as determined by the TCP stack.

The VBP-ST is in our network and all necessary ports as discribed by the VBP admin guide are opened.

What I meant was: What ports need to be opened by the customer to let the customer register and login and make calls. To be a bit more specific: If every port in- and outbound is closed at the customers' site and the customers' firewall guy asks us: "Which ports need to be opened to use CMA Desktop", what will be my answer?

  

Question 2:

We have a dozen customers using a Cisco router/firewall (SA500-series). Every time one of our colleagues  is on site (behind that particular router) the router tends to reboot.

Q2: I would open a ticket with Cisco to see whay this is causing an exception in their product.

How do you know it is caused by an exeption in their product? For all they (Cisco) know is: It only reboots when using CMAD?!?

What I wanted to prevent is pointing fingers back and forth between manufacturers with the customer in the middle.

I will open tickets on both sides and sit in the middle.

 

Question 3:

When I add a local user (so not an AD user) I have to activate the user every morning I come to work, which is not the case when using AD users.

Why is the "enable user" box empty every time I log in a day later?

Q3: License days is there to remove CMAD who have not logged in for 30 days in your case. After this time, the CMAd cleint will get deleted from the device management in order t reclaim licenses. i would suspect in your case the account is being locked out dur to number of incorrect password attempts. check the jserver.log file and search for this particular user name.

I will check the log file, thanks for the tip!

 

Regards,

Michael 

View solution in original post

Was this reply helpful? Yes No
3 REPLIES 3

‎02-07-2013 02:08 PM

HP Recommended

Forgot one...

When I add a local user (so not an AD user) I have to activate the user every morning I come to work, which is not the case when using AD users. I have checked the threshold of holding on the the license and it is on 30 days.

Why is the "enable user" box empty every time I log in a day later?

Was this reply helpful? Yes No

‎02-09-2013 08:52 PM

HP Recommended

Mike,

 

Q1: please look at the VBP admin guide which has a break down of ports used. You have only mentioned the 3 ports used for Access Proxy feature. These ports are the destination ports for the other CMAD user. The source ports will be >1024 as determined by the TCP stack.

 

Q2: I would open a ticket with Cisco to see whay this is causing an exception in their product.

 

Q3: License days is there to remove CMAD who have not logged in for 30 days in your case. After this time, the CMAd cleint will get deleted from the device management in order t reclaim licenses. i would suspect in your case the account is being locked out dur to number of incorrect password attempts. check the jserver.log file and search for this particular user name.

 

S.

Was this reply helpful? Yes No

‎02-14-2013 01:40 AM

HP Recommended

Hi Simon,

Thanks for your reply. As for your answers:

 

Question 1:

If would like to invite a (future) customer using CMAD and ports are closed to the outside at the customer's premises, will the three TCP443/5222/389 ports be sufficient? Is this only outbound? Or do I need them to open inbound ports as well?

Q1: please look at the VBP admin guide which has a break down of ports used. You have only mentioned the 3 ports used for Access Proxy feature. These ports are the destination ports for the other CMAD user. The source ports will be >1024 as determined by the TCP stack.

The VBP-ST is in our network and all necessary ports as discribed by the VBP admin guide are opened.

What I meant was: What ports need to be opened by the customer to let the customer register and login and make calls. To be a bit more specific: If every port in- and outbound is closed at the customers' site and the customers' firewall guy asks us: "Which ports need to be opened to use CMA Desktop", what will be my answer?

  

Question 2:

We have a dozen customers using a Cisco router/firewall (SA500-series). Every time one of our colleagues  is on site (behind that particular router) the router tends to reboot.

Q2: I would open a ticket with Cisco to see whay this is causing an exception in their product.

How do you know it is caused by an exeption in their product? For all they (Cisco) know is: It only reboots when using CMAD?!?

What I wanted to prevent is pointing fingers back and forth between manufacturers with the customer in the middle.

I will open tickets on both sides and sit in the middle.

 

Question 3:

When I add a local user (so not an AD user) I have to activate the user every morning I come to work, which is not the case when using AD users.

Why is the "enable user" box empty every time I log in a day later?

Q3: License days is there to remove CMAD who have not logged in for 30 days in your case. After this time, the CMAd cleint will get deleted from the device management in order t reclaim licenses. i would suspect in your case the account is being locked out dur to number of incorrect password attempts. check the jserver.log file and search for this particular user name.

I will check the log file, thanks for the tip!

 

Regards,

Michael 

Was this reply helpful? Yes No
† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the Terms of Use and Rules of Participation.

Didn't find what you were looking for? Ask the community

† The opinions expressed above are the personal opinions of the authors, not of HP. By using this site, you accept the <a href="https://www8.hp.com/us/en/terms-of-use.html" class="udrlinesmall">Terms of Use</a> and <a href="/t5/custom/page/page-id/hp.rulespage" class="udrlinesmall"> Rules of Participation</a>.