Accessibility Skip to content
Article ID: 000042113
Last Modified Date: 12/09/2021
Access Level: Public

MGC 7.5: The SIP account cannot log on to a Live Communications Server 2005 server

When you try to connect a Microsoft Windows Messenger 5.0 real-time communications client or Microsoft Office Communicator to Microsoft Office Live Communications Server 2003 through a Transmission Control Protocol (TCP) connection, the connection does not work. When you try to connect to Live Communications Server through a NAT device, the NAT device translates the source IP address of the TCP packet from your IP device. However, the NAT device does not modify the IP address that is in the Contact header of the SIP packet. When Live Communications Server detects that the SIP client requests a response on an IP address that is different from the source IP address, Live Communications Server rejects the SIP client's REGISTER request. In this scenario, Live Communications Server returns a 400 Invalid Contact Information response. This response helps to prevent a malicious user from connecting to Live Communications Server as a different user. This issue occurs if you try to connect to Live Communications Server through one of the following devices:
  • A network address translation (NAT) device
  • A firewall device
  • A proxy device  
This issue occurs because of the way that the Session Initiation Protocol (SIP) client must communicate with the Live Communications Server computer. To complete the SIP connection, Live Communications Server must establish a connection back to the SIP client's listening address. To resolve this issue and to permit clients to connect to Live Communications Server through devices that perform network address translation, configure a Transport Layer Security (TLS) connection between the clients and Live Communications Server. To do this, follow these steps:
  1. Install a computer certificate on the Live Communications Server Home Server computer. For information about how to request a certificate, search on "Request a certificate" in the Help and Support Center for Microsoft Windows Server 2003.
  2. Start the Live Communications Server tool.
  3. Expand Servers, right-click the Home Server that you want to configure, and then clickProperties.
  4. Click the Connections tab, and thenclickAdd.
  5. In the Transport type list, clickTLS, and then clickChange Certificate. Note: If you have multiple Home Servers, you must leave the Authenticate remote server (TLS Mutual) check box selected.
  6. In the Select Certificate dialog box, click the computer certificate that you want to use, and then clickOK.
  7. Verify that 5061 appears in the Listen on this port box,clickOK, and then clickOK again.
  8. On the client computer, startWindows Messenger.
  9. On the Tools menu, clickOptions.
  10. Click the Accounts tab, and then under SIP Communications Service Account, clickAdvanced.
  11. Click Configure settings, clickTLS, and then type the fully qualified domain name of the Live Communications Server Home Server in the Server name or IP address box.
  12. ClickOK, and then clickOK again.
  13. If you receive the following message, clickOK:
    The changes you have made to your sign-in information won't take effect until the next time you sign in.
  14. If you are not already signed out of Windows Messenger, sign out and then sign back in to Windows Messenger.