Troubleshooting blocked file transfers when Forefront Server for OCS returns no errors

This blog explains a problem with file transfers in Office Communications Server. The symptoms are that files are being blocked between two clients, but Forefront is not logging any incidents and no notifications are being generated.

In order to find out more details about what's happening, we first need to create diagnostics logging in Forefront. See below how to enable diagnostics logging

- Create following DWORD registry value, and set the value to 4:

  Path: [HKLM\Software\Wow6432Node\Microsoft\Forefront Server Security\Office Communications Server]

  Name: "DiagnosticLoggingLevel"

- Go to SETTINGSàGeneral Options in the Forefront Administrator UI and enable the “Additional IM” setting.

The following error pattern might be logged in the Forefront Programlog.txt (…\Microsoft Forefront Security\Office Communications Server\Data):

Tue Aug 18 09:18:21 2009 ( 4028- 7), "DIAGNOSTIC: Processing request | StandardMethod[Message] Method[MESSAGE] Call-ID[89a1897355c64d36b441631dbf203f8e] CSeq[3 MESSAGE] |"

Tue Aug 18 09:18:42 2009 ( 4028- 7), "EXCEPTION: ForefrontRTCProxy.exe.RtcProcessingWorkFlows.InterceptAndScanThread("<System.Object fsoTransactionObj>") - Exception setting up downloader for outbound connection to 10.242.0.91:6892" The system returned the following exception: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 10.242.0.91:6892

Tue Aug 18 09:18:42 2009 ( 4028- 7), "ERROR: ForefrontRTCProxy.exe.RtcProcessingWorkFlows.InterceptAndScanThread("<System.Object fsoTransactionObj>") - Failed to establish connection to file transfer sender."

Tue Aug 18 09:18:42 2009 ( 4028- 7), "DIAGNOSTIC: Terminated | StandardMethod[Message] Method[MESSAGE] Call-ID[89a1897355c64d36b441631dbf203f8e] CSeq[3 MESSAGE] |"

A network trace could indicate that the OCS server was trying to establish a connection on port 6892 to the client, but the client did not respond in any of these connection attempts to complete the TCP hand-shake:

9:18:20 AM 8/18/2009 393 3007571212 ForefrontRTCProxy.exe {TCP:31, IPv4:3} 10.145.2.83 10.242.0.91 4538 (0x11BA) 6892 (0x1AEC) TCP TCP:Flags=......S., SrcPort=4538, DstPort=6892, PayloadLen=0, Seq=3007571212, Ack=0, Win=64240 ( ) = 64240

9:18:23 AM 8/18/2009 487 3007571212 ForefrontRTCProxy.exe {TCP:31, IPv4:3} 10.145.2.83 10.242.0.91 4538 (0x11BA) 6892 (0x1AEC) TCP TCP:[SynReTransmit #393]Flags=......S., SrcPort=4538, DstPort=6892, PayloadLen=0, Seq=3007571212, Ack=0, Win=64240 ( ) = 64240

9:18:29 AM 8/18/2009 705 3007571212 ForefrontRTCProxy.exe {TCP:31, IPv4:3} 10.145.2.83 10.242.0.91 4538 (0x11BA) 6892 (0x1AEC) TCP TCP:[SynReTransmit #393]Flags=......S., SrcPort=4538, DstPort=6892, PayloadLen=0, Seq=3007571212, Ack=0, Win=64240 ( ) = 64240

You can use a tool such as Microsoft’s Network Monitor to create a network trace. This tool is easy to use, even if you’re new to it. Simply use the play and stop buttons to record/stop recording network traffic.

First we need to understand that the port range used to transfer files between 2 OCS clients is 6891 – 6900. Communication over these ports is only initiated when file transfers are taking place. That’s why running "netstat –nao" will only reveal which port Forefront is using, while the file transfer is in progress. Two minutes after the file transfer is completed, this port will be closed again.

So in order for file transfers to be successful, we need to ensure that the client machine is able to accept inbound connections on port range 6891 – 6900. In this example, the local firewall on the client machine was configured to block all incoming connections from the OCS server. Once the firewall rules were changed to allow this traffic, file transfers worked as expected between clients (via the Forefront for OCS server).

After resolving the issue, make sure to disable diagnostics logging again. See below how to enable diagnostics logging

- Edit following DWORD registry value, and set the value to 0:

  Path: [HKLM\Software\Wow6432Node\Microsoft\Forefront Server Security\Office Communications Server]

  Name: "DiagnosticLoggingLevel"

- Go to SETTINGSàGeneral Options in the Forefront Administrator UI and disable the “Additional IM” setting.

Kind regards,

Paul Gruner

Security Support Engineer

Applies to:

Microsoft Forefront Security for Office Communications Server, Version: 10.2.0308.0 and above.

Comments

  • Anonymous
    December 01, 2015
    Thanks for the great info. I really loved this. I would like to apprentice at the same time as you amend your web site, how could i subscribe for a blog site?
    For more info on showbox please refer below sites:
    http://showboxandroids.com/showbox-apk/
    http://showboxappandroid.com/
    Latest version of Showbox App download for all android smart phones and tablets. http://movieboxappdownloads.com/ - It’s just 2 MB file you can easily get it on your android device without much trouble. Showbox app was well designed application for android to watch movies and TV shows, Cartoons and many more such things on your smartphone.
    For showbox on iOS (iPhone/iPad), please read below articles:
    http://showboxappk.com/showbox-for-ipad-download/
    http://showboxappk.com/showbox-for-iphone/
    Showbox for PC articles:
    http://showboxandroids.com/showbox-for-pc/
    http://showboxappandroid.com/showbox-for-pc-download/
    http://showboxforpcs.com/
    There are countless for PC clients as it is essentially easy to understand, simple to introduce, gives continuous administration, effectively reasonable. it is accessible at completely free of expense i.e., there will be no establishment charges and after establishment it doesn't charge cash for watching films and recordings. Not simply watching, it likewise offers alternative to download recordings and motion pictures. The accompanying are the strides that are to be taken after to introduce Showbox application on Android. The above all else thing to be done is, go to the Security Settings on your Android telephone, Scroll down and tap on 'Obscure sources'.