I created a WMS server behind the ISA 2004 standard filewall and eventually desire to publish some live broadcast content. Everything works well internally but fails whenever the user attempts to access the media from an external IP. I simplified the scenario and am now just trying to get at one of the sample files on the default WMS publishing point. industrial.wmv
Can anyone tell me what I'm missing in this particular scenario? I've noted all of the pertinent information below.
The internal URL which works is mms://192.168.1.16/industrial.wmv (can replace the ip address with the server name). The external URL which doesn't work is: mms://rkline.net/industrial.wmv
What Happens: 1. Loading video file from Internal Workstation file using the URL mms://192.168.1.16/industrial.wmv works fine. i.e. staying within the Internal network. 2. Going through the ISA server mms://rkline.net/industrial.wmv fails. The trace shows the appropriate “rtsp Server - rkline.net” rule being invoked. It is immediately followed by 0x80074e24 (WSA_RWS_CONNECTION_KILLED or FWX_E_CONNECTION_KILLED). 3. Trace File: http://rkline.net/shared/WmsPub-External.xls
WMS Setup 1. The WMS is the same box as WWW and FTP servers (192.168.1.16 -- dsol-w03-05). 2. WWW and FTP servers work just fine through ISA 2004. 3. The WMS HTTP Server Control Protocol is disabled. 4. The WMS RTSP Server Control Protocol is enabled and using the default port (554) 5. The WMS MMS Server Control Protocol is enabled and using the default port (1755) 6. Web publishing rule “rtsp Server - rkline.net” allows RTSP – Server traffic from all Networks into the WMS server.
ISA Setup: 1. ISA 2004 Standard on Windows 2003 Server 2. Multi-homed with two enabled NICs (Internal and External) 3. ISA 2004 is the Internal network’s gateway and sole router to the External World 4. SecureNAT is used. The servers have statically assigned private IP addresses
rtsp Server – rkline.net publishing rule: 1. Allows = RTPS – Server traffic 2. From = Anywhere 3. To = 192.168.1.16 (WMS Server) 4. Networks = All Networks 5. .WMV added to Video Content Types
Thank you for replying. I've enabled an Unrestricted Internet Access rule for the RTSP/MMS server. There is no change either in symptoms or in the log capture.
Unless I completely misunderstand the concept, then the server is a SecureNat client. The server has a private IP address (192.168.1.16) and the ISA 2004 server provides IP translation and routing of RTSP/MMS from the public external to the private internal. The log destination IP address column indicates the correct server IP.
A similar Server publishing rule works for http to that same internal address.
Back onto this.... No real change in status. Perhaps view it from another aspect?
What kinda things would break Web Media through ISA 2004 server publishing? 1. ISA relaying to the wrong IP or port. 2. Web Media configured to require authentication which will never happen. 3. ??
No, I've never resolved this. The question was never a critical point to planning and I've not looked at it for awhile.
I also posted this issue on Microsoft's forum and the Expert-Exchange sites without much luck.
In general, I've not found much literature dealing with the WMS and ISA 2004 combination. The basic assumption (or most common experience) seems to be that getting the products to work together just isn't usually much of a big deal.
One article (found on this site?) stated that both RTSP and MMS server protocols needed to be allowed.
In all fairness, it is very possible that I've goofed up the basic ISA 2004 installation and that this problem is a side-effect symptom rather than a stand-alone issue. I've not had the opportunity to study either product in much more than a cursory fashion. But it's hard to tell.... Everything else seems to work (proxies, web server, Exchange OWA, FTP and SQL server). The latter is used very sparingly and only after a manual enabling.
We're getting ready to use Windows Media Server behind ISA 2004 and would like to know if you resolved this.
Dr. Tom: is there any tutorial on setting up ISA 2004 <-> WMS ?
Hi A,
The problem I have is that I'm not sure how to setup a WMS server. If someone would provide me with a step by step for that, I'll provide a step by step for publishing the site using ISA.
If someone wants to do this, send the Word .doc with the steps to tshinder@tacteam.net
Found at least part of the answer (at least in my environment). I am only interested in MMS and RTSP, not HTTP. I haven't completed testing yet but at least I can view industrial.wmv from an external machine.
I found three keys: 1. Create two server publishing rules (MMS Server and RTSP Server) 2. For each rule, locate the Traffic/Properties/Parameters dialog box. Uncheck the application filter which allows secondary connections to be edited. 3. Apply the rules found at http://www.microsoft.com/windows/windowsmedia/forpros/serve/firewall.aspx#Unicast
Notes: I am unfamiliar with all of the ramifications of disabling the Application filter. Research is ongoing. Of course, the MMS server is also a web server so the web server publishing rule and listener are also to be remembered..
Interesting. I'm reading this with interest. Someday I'll figure out how to make a Windows Media Server so that I can test the ISA Firewall configuration.
found this thread while trying to configure WMS to be published and accessed from external network.
my WMS was installed with default configurations.
on the ISA, i created a rule using the "create new server publishing rule" wizard to publish MMS from external network to the internal WMS server. when i tried to connect to the WMS from an external client using mms://<mydomain>/industrial.wmv i keep getting errors on media player.
after adding a new rule to publish RSTP, media player can connect and play the video file.
the 2 ISA rules are all created with the default configuration.
hope this helps whoever need to publish WMS through ISA2004
I keep banging my head also...I have tried everything, fom the hot fixes to disapbling the application filters...still no luck. The logging shows no drops or denied connections. What I see is:
Initiation connection from client to server port 554 Initiation connection form server to client 1146 (changes)
During this time, the meda player shows "buffering" w/no time status. Strangely, it shows the acual time length of the media file
closed connection from server to client closed connection from client to server
Media player errors with unable to connect with the protocol..ect
I should have posted a long time ago, since minutes after my posting......I have gotten it working!!
It seems to be with media player 9. Under otions/network, there are the streaming protocols to use....I went through all 1 by 1.......TCP worked for me, but not with UDP selected also. This was great, but I can't ask my all clients to adjust ther media player settings...sooooo I disabled MMS sever protocol on the media server, leaving only RTSP. Now media play can connect with the defaults.
I guess this must say that my MMS server publishing rule has something wrong, but I redone them so many times.......
Of course, I am not sure if this will work with media play 8 & below, but I have read something about "protocol rollover" that should allow it to work.
|
My Subscription |
My Forums |
Address Book |
Member List |
Search |
FAQ |
Ticket List |
Log Out
Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> Unable to acccess Windows Media Server content published behind ISA 2004 
Unable to acccess Windows Media Server content publishe... - 
New Messages
No New Messages
Hot Topic w/ New Messages
Hot Topic w/o New Messages
Locked w/ New Messages
Locked w/o New Messages
Post New Thread