LCS Gateway Administration Guide Product Version 4.2 Document Version A November 2005 1899 Wynkoop Street, Suite 600 Denver, CO 80202 303-308-3231
Disclaimers Copyright 2005 Jabber, Inc. The information contained in this document is proprietary to Jabber, Inc. This information is considered confidential and is not to be disclosed to any outside parties without the express written consent of Jabber, Inc. This document is provided for informational purposes only, and the information herein is subject to change without notice. Jabber, Inc. does not provide any warranties covering and specifically disclaims any liability in connection with this document. Trademarks JABBER and the light bulb logo are either trademarks or registered trademarks of Jabber, Inc. All other trademarks are the property of their respective owners. Page ii
Table of Contents Chapter 1. Introduction... 5 System Requirements 5 LCS 5 XCP Server and IM Client 6 Memory 6 Ports 6 System Architecture 6 Chapter 2. Installing the LCS Gateway... 9 Chapter 3. Configuring the LCS Gateway... 11 Configuration Checklist 12 Add an S2S Connection Manager 12 Add the LCS Gateway to the S2SCP 13 Add a Rule to the S2SCP 16 Add an Open Port Component 17 Add the S2SCP ID as a Jabber Administrator 19 Publish SRV Records on your DNS Server 20 Chapter 4. Obtaining a Certificate and Public Key... 21 Generate a Certificate Request and a Private Key 22 Generate a Public Key 23 Obtain the Certificate from Your Certificate Authority 23 Convert the Certificate to PEM Format 24 Appendix A. Support for SIP/SIMPLE Standards... 25 Exceptions 26 Limitations 26 Appendix B. Configuring the LCS, SIMPLE, and AIM Gateways... 27 Appendix C. Known Issues... 31 Table of Contents Page iii
Page iv Table of Contents
Chapter 1 Introduction Thank you for purchasing the LCS Gateway, which allows the exchange of messages and presence between Jabber users and Live Communications Server (LCS) users. The gateway is sold separately, and requires separate licensing and installation. The LCS Gateway communicates using SIP/SIMPLE protocol standards and is completely transparent to Jabber users. LCS contacts are added to a user s roster in the same way that Jabber IM contacts are added, and their IDs are entered in the same format used by Jabber contacts; for example, jbrown@example.com. System Requirements This section lists the system requirements for running the LCS Gateway. LCS Both your LCS server and the LCS Access Proxy must be running LCS 2005 Service Pack 1. Enhanced federation must be enabled on the LCS server. The Jabber (XCP) domain must be configured as an authorized domain that is allowed to federate with the LCS server. Microsoft Office Communicator 2005 is the only supported client for LCS users. Chapter 1 Introduction Page 5
System Architecture XCP Server and IM Client The LCS Gateway runs with version 4.2 of the Jabber IM/XCP server and with version 3.1 of the Jabber Messenger client. Memory For the LCS Gateway, you should allow an extra 512 MB of memory above the 512 MB required for the XCP server. Ports Port 5269 must be accessible to the Internet if you want your Jabber IM/XCP server to communicate with other Jabber servers over the Internet. (This port is probably already configured in your system.) Port 5060 must be available for incoming SIP/SIMPLE over TCP traffic. Port 5061 (used by the LCS Gateway) must be available for incoming SIP/SIMPLE over TLS traffic. System Architecture The LCS Gateway uses Jabber, Inc. s server-to-server (S2S) technology, which allows XCP servers to communicate with XMPP and other servers that are located outside the firewall. The LCS Gateway consists of an S2S Connection Manager (S2SCM), which is configured with an S2S Command Processor and an LCS Director. The S2SCM is installed on the main Jabber server. Ports 5060 and 5061 must be available for traffic coming in through your firewall. If you anticipate a great deal of network traffic, you can run the S2SCM on a separate machine. Page 6
System Architecture Figure 1 illustrates how the LCS Gateway is deployed in a company-to-company scenario where a firewall is involved. cindy@example.com LCS 2005 Standard or Enterprise Server XMPP Client LCS Gateway Port 5269 S2S Connection Manager S2S Command Processor LCS Director Port 5060 Port 5061 LCS 2005 Access Proxy jane@company.com Jabber IM/XCP 4.2 Server example.com Firewall Figure 1. Company-to-company LCS Gateway architecture LCS Client Figure 2 illustrates an LCS Gateway deployment within the same company. cindy@example.com LCS 2005 Standard or Enterprise Server XMPP Client LCS Gateway S2S Connection Manager Jabber IM/XCP 4.2 Server example.com S2S Command Processor LCS Director LCS 2005 Access Proxy sally@example.com Figure 2. Intra-company LCS Gateway architecture LCS Client Chapter 1 Introduction Page 7
System Architecture Page 8
Chapter 2 Installing the LCS Gateway This chapter describes how to install version 4.2 of the LCS Gateway product, which runs with version 4.2 of the Jabber IM/XCP server. The LCS Gateway must be installed in the $JABBER_HOME directory on your XCP server. If you anticipate a great deal of network traffic, you can also install the LCS Gateway and the XCP S2S package on another machine, perhaps located in your network s demilitarized zone (DMZ). You can then run the S2SCM from that machine. These instructions assume that the $JABBER_HOME environment variable has been set on your system. To install the LCS Gateway 1. On your XCP server, change to the $JABBER_HOME/bin directory. 2. Enter the following commands to stop the Jabber IM/XCP server and the Jabber IM/XCP Controller:./runjabber stop./runcontroller stop 3. Change to the directory where you downloaded the LCS Gateway installation package. 4. Depending on your operating system, enter one of the following commands. (The --prefix argument ensures that the package is installed into the Jabber IM/XCP server installation directory.)./xcp-lcsgw-installer-4.2.0.x-linux.bin --prefix=$jabber_home or./xcp-lcsgw-installer-4.2.0.x-solaris8.bin --prefix=$jabber_home Chapter 2 Installing the LCS Gateway Page 9
5. Change to the $JABBER_HOME/bin directory and enter the following command to restart the Controller:./runcontroller start 6. Log into the Jabber IM/XCP Controller and start the server. Page 10
Chapter 3 Configuring the LCS Gateway After you have installed the LCS Gateway, you must configure it using the Jabber IM/XCP Controller. When you configure the gateway, make sure that you use the Controller s Advanced configuration view; the gateway is an advanced XCP feature, and thus, uses advanced configuration options. If you are also running the SIMPLE Gateway, read Appendix B, Configuring the LCS, SIMPLE, and AIM Gateways in addition to following the instructions in this chapter. The appendix contains tips for configuring the gateways on the same XCP system. The following sections are provided in this chapter: Configuration Checklist Add an S2S Connection Manager Add the LCS Gateway to the S2SCP Add a Rule to the S2SCP Add an Open Port Component Add the S2SCP ID as a Jabber Administrator Publish SRV Records on your DNS Server Chapter 3 Configuring the LCS Gateway Page 11
Configuration Checklist Configuration Checklist The following table contains values that you will need to use as you configure the LCS Gateway. You can use the table to keep track of the values as you go along. Table 1. Configuration checklist Value needed during configuration Write the value here... S2S Command Processor s ID (for example, cm-2_s2scp-1) S2S Command Processor s Connection Type (accept or connect) S2S Command Processor s Component IP S2S Command Processor s Port S2S Command Processor s Password LCS Gateway s ID (for example, cm-2_s2scp-1_lcssd-1) XCP server s realm (To determine the server s realm, click the Edit link beside Core Router in the Router area on the Controller s main screen. The realm is the second configuration option on the Global Settings Configuration screen.) Add an S2S Connection Manager The LCS Gateway must be configured in a server-to-server Connection Manager (S2SCM). If you already have an S2SCM and this is the first gateway being configured, you can configure it within the existing S2SCM. Skip to the section, Add the LCS Gateway to the S2SCP on page 13. (Each additional gateway must be configured within its own S2SCM.) If you have installed and configured the SIMPLE Gateway and/or the AIM Gateway for Jabber, you must configure a new S2SCM for the LCS Gateway. See Appendix B for additional configuration instructions. Page 12
Add the LCS Gateway to the S2SCP To add an S2S Connection Manager 1. In the Components area in the Controller s main screen, click Go to add a new Connection Manager. Figure 3. Adding a Connection Manager 2. Configure the Connection Manager using the online help as needed. 3. Under Add a new command processor, select S2S Command Processor in the list and click Go. Figure 4. Adding an S2S Command Processor 4. Configure the S2S Command Processor using the online help as needed. We recommend that you use the default port number, 7334, which is the standard port used by Jabber, Inc. for an S2S Command Processor. Add the LCS Gateway to the S2SCP The LCS Gateway enables communication between the Jabber IM/XCP server and remote SIP connectors, and is used to exchange presence and IM messages between Jabber and LCS users. To add the LCS Gateway 1. In the Director Configuration area on the S2S Command Processor Configuration screen, select LCS Gateway in the list and click Go. Chapter 3 Configuring the LCS Gateway Page 13
Add the LCS Gateway to the S2SCP LCS Gateway displays in the list only when you have installed the LCS Gateway. Figure 5. Adding the LCS Gateway Director The LCS Gateway Configuration screen is shown in the following figure. Figure 6. Configuring the LCS Gateway 2. Change the LCS Gateway configuration as needed. The parameters are described in the following table. Table 2. LCS Gateway parameter descriptions Field IP address of external interface Description The IP address of the external TCP interface on which this director listens for connections from LCS 2005 Access Proxies. By default, this is set to the IP address of the system on which the Jabber IM/XCP server is installed. Page 14
Add the LCS Gateway to the S2SCP Field Description Port Threads to use for establishing outgoing connections Interval (in seconds) to check and remove pending connections Interval (in seconds) to timeout SIP requests Interval (in seconds) to timeout Client requests Default Presence subscription duration (in seconds) Minimum Presence subscription duration (in seconds) Enable sip stack logging Directory path where certificates are stored TLS Host TLS Port Domain used for TLS certificate The port number on which this director listens for connections from LCS 2005 Access Proxies. Note: If you have the SIMPLE Gateway installed (which also uses port 5060), use port 8060 for the LCS Gateway. The number of threads used for communicating with LCS 2005 Access Proxies. The number of seconds to wait for the connection to an LCS 2005 Access Proxy to go through. The connection attempt times out after this time has passed. The number of seconds to wait for SIP requests to be acknowledged by an LCS 2005 Access Proxy. Requests time out after this time interval has passed. The number of seconds to wait for an authorization or other request sent to Jabber Messenger. The default number of seconds that presence subscriptions to LCS users last. The lower this number is, the more time the LCS Gateway will spend refreshing subscriptions. The minimum number of seconds allowed for the duration of presence subscriptions from LCS users. Select Yes only if you want to enable additional output from the SIP stack. The logs are written to syslog. Use this flag with caution; enabling it can impact server performance. Enter the path to the directory in which you store the certificates and public keys that are used when connecting to the LCS network; for example: $JABBER_HOME/certs/sip/ For more information about certificates and public keys, see Chapter 4. Enter the IP address where the LCS Gateway listens for TLS connections from LCS 2005 Access Proxies. Leave the default setting of 5061. This is the port used by the TLS server. Enter the SIP/SIMPLE domain to which LCS 2005 Access Proxies will connect; for example: example.com. Chapter 3 Configuring the LCS Gateway Page 15
Add a Rule to the S2SCP 3. When you have finished configuring the LCS Gateway, click Submit to save your changes. You are returned to the S2S Command Processor Configuration screen. Add a Rule to the S2SCP You must add a new rule to the S2S Command Processor for the LCS Gateway. The S2SCP configuration includes three XMPP rules by default. If you want to use your S2SCM only for the LCS Gateway from Jabber, click the Remove link beside each rule before adding the new rule. To add a rule 1. In the S2S Command Processor Configuration screen, scroll to the Outgoing connection attempt rules area and click Go to add a rule. Figure 7. Adding the LCS Gateway rule 2. In the Rule Configuration screen, enter the information described below: Figure 8. Configuring the LCS Gateway rule - For Director ID, enter the ID of the LCS Gateway (for example, cm-2_s2scp1_lcssd-1). - For DNS SRV lookup to use, enter the following value: _sip._tls Page 16
Add an Open Port Component The LCS network DNS server publishes SRV records with this prefix for their LCS 2005 Access Proxies. 3. Click Submit to save your changes. You are returned to the S2S Command Processor Configuration screen. 4. Click Submit again on the S2S Command Processor Configuration screen and on the Connection Manager Configuration screen to save your configuration. Add an Open Port Component You must add an Open Port to allow the S2S Connection Manager to connect to the router. If you are using a previously-configured S2SCM for the LCS Gateway, it should already have an Open Port. Skip to Publish SRV Records on your DNS Server on page 20. To add an Open Port component 1. In the Components area in the Controller s main screen, select Open Port in the list, and click Go. Figure 9. Adding an Open Port The prompt shown in the following figure displays. Figure 10. Naming the Open Port Chapter 3 Configuring the LCS Gateway Page 17
Add an Open Port Component 2. Enter the ID of the S2S Command Processor; for example, cm-2_s2scp-1. 3. Click OK. The Open Port Configuration screen displays. The upper portion of the screen is shown in the following figure. Figure 11. Configuring the Open Port 4. Change the Open Port s Description to something like S2SCM Open Port. 5. In the Router Connection Information area, do the following: - Specify the opposite connection type than the one used for the S2SCP; for example, if you used connect for the S2SCP, you must use accept for the Open Port. - Specify the same Component IP, Port, and Password for the Open Port that you used for the S2SCP. See Table 1, Configuration checklist, on page 12 for your values. 6. Scroll down to the Service Component area, and enter an asterisk (*) in the Host Filters text field as shown in the following figure. Figure 12. Configuring host filters 7. Click Submit to save your changes to the Open Port. You are returned to the Controller s main screen. Page 18
Add the S2SCP ID as a Jabber Administrator Add the S2SCP ID as a Jabber Administrator You must add the ID of the S2S Command Processor as a Jabber administrator in the JSM configuration screen. This is necessary to push presence and roster subscriptions to the LCS network. To add a Jabber administrator 1. In the Router area on the Controller s main screen, click the Edit link beside jsm. The Jabber Session Manager Configuration screen displays. Figure 13. Editing the Jabber Session Manager 2. In the Optional Modules section, make sure that the checkbox beside mod_admin is checked. 3. Scroll down to the Jabber Administrators option, and enter the ID of the S2S Command Processor, including the realm; for example: cm-2_s2scp-1.jabber. Figure 14. Adding a Jabber Administrator Jabber is the default realm used during XCP server installation. To determine the realm for this server installation, click Edit beside Core Router in the Router area on the Controller s main screen. The realm is the second entry. 4. Scroll to the bottom of the JSM Configuration screen, and click Submit to save your configuration. Chapter 3 Configuring the LCS Gateway Page 19
Publish SRV Records on your DNS Server Publish SRV Records on your DNS Server In order for the LCS 2005 Access Proxies to communicate with your LCS Gateway, SRV records must be published on your DNS server. Example SRV records for the LCS Gateway are shown below: _sip._tcp.example.com IN SRV 1 0 5060 lcsgw _sip._tls.example.com IN SRV 1 0 5061 lcsgw lcsgw IN A 127.0.0.1 The SRV record maps the LCS Gateway domain name to the IP address where the LCS Gateway is going to run. Page 20
Chapter 4 Obtaining a Certificate and Public Key The connection between the LCS Gateway and the LCS 2005 Access Proxy must be mutual TLS. Certificates are presented by both sides as part of the TLS handshake. This chapter explains one way of generating a certificate request and a public key; however, you can use any method of your choice. Regardless of the method you choose, you must obtain a certificate and a public key, and place them in the $JABBER_HOME/certs/sip directory on the XCP server For the LCS Gateway, you can use a self-signed certificate if you want; you do not have to use a third-party CA. The certificate must conform to RFC 3280 certificate standards and include both server and client authentication EKU flags. The following sections are provided: Generate a Certificate Request and a Private Key Generate a Public Key Obtain the Certificate from Your Certificate Authority Convert the Certificate to PEM Format Chapter 4 Obtaining a Certificate and Public Key Page 21
Generate a Certificate Request and a Private Key Generate a Certificate Request and a Private Key The instructions in this section describe how to generate a certificate request and a private key using OpenSSL. You can use another method if preferred. To generate a certificate request and a private key using OpenSSL 1. Execute the following command on the system where you installed the LCS Gateway. $ openssl req -new -out lcsgw.csr 2. When you are prompted for the PEM pass phrase, enter any password. Confirm the password at the next prompt. 3. Answer the prompts described in the following table. Prompt Country Name (2 letter code) [AU]: State of Province Name (full name) [Some-State]: Locality Name (eg, city) []: Organization Name (eg, company) [Internet Widgits Pty Ltd]: Organizational Unit Name (eg, section) []: Common Name (eg, YOUR name) []: Email Address []: A challenge password []: An optional company name []: Response Enter the 2-letter code for your country; for example, US Enter the name of your state or province; for example, Colorado Enter the name of your city; for example, Denver Enter the name of your company; for example, Example Inc Enter the name of your organization; for example, Product Development Enter the LCS Gateway domain; for example, lcsgw.example.com Enter your email address; for example, rjones@example.com Caution! Do not enter anything at this prompt. Press ENTER to leave it blank. This prompt is optional. You can enter an optional company name or press ENTER to leave it blank. After you have answered the prompts, the following files are created: privkey.pem (the private key) lcsgw.csr (the certificate request) Page 22
Generate a Public Key Generate a Public Key The following instructions describe how to generate a public key using OpenSSL. You can use another method if preferred. To generate a public key using OpenSSL 1. Execute the following command on the system where you installed the LCS Gateway: openssl rsa -in privkey.pem -out domain_key_lcs.gateway.domain.pem where LCS.Gateway.domain is the domain name for the LCS Gateway; for example: lcsgw.example.com. 2. When you are prompted for a password, enter the password you used in Step 2 in the previous section. The domain_key_lcs.gateway.domain.pem file is generated. Obtain the Certificate from Your Certificate Authority The steps in this section may vary depending on the process you use to request and retrieve a certificate from your CA. Do the following 1. Submit the certificate request file to your CA. 2. When the CA has granted your certificate, save it as a binary file. This certificate file is in DER format. You must convert it to PEM format as described in the following section. Chapter 4 Obtaining a Certificate and Public Key Page 23
Convert the Certificate to PEM Format Convert the Certificate to PEM Format These instructions describe how to save the certificate file in PEM format using OpenSSL. You can use another method if preferred. To convert the certificate file using OpenSSL 1. In the directory that contains the certificate file, execute the following command: openssl x509 -in certfile.crt -inform DER -out domain_cert_lcs.gateway.domain.pem This command converts the certificate file from DER to PEM format and creates the domain_cert_lcs.gateway.domain.pem file. 2. Copy the following files to the $JABBER_HOME/certs/sip directory. domain_key_lcs.gateway.domain.pem domain_cert_lcs.gateway.domain.pem Page 24
Appendix A Support for SIP/SIMPLE Standards The LCS Gateway supports the following SIP/SIMPLE standards: Standard RFC Description SIP Core 3261 SIP: Session Initiation Protocol, June 2002 3263 Session Initiation Protocol (SIP): Locating SIP Servers, June 2002 3265 Session Initiation Protocol (SIP): Specific Event Notification, June 2002 SIMPLE 3428 Session Initiation Protocol (SIP) Extension for Instant Messaging, December 2002 3856 A Presence Event Package for the Session Initiation Protocol (SIP), August 2004 IMPP 3859 Common Profile for Presence (CPP), August 2004 3860 Common Profile for Instant Messaging (CPIM), August 2004 3861 Address Resolution for Instant Messaging and Presence, August 2004 3862 Common Presence and Instant Messaging (CPIM): Message Format, August 2004 3863 Presence Information Data Format (PIDF), August 2004 Appendix A Support for SIP/SIMPLE Standards Page 25
Exceptions Exceptions The LCS Gateway supports the standards mentioned in the table with the following exceptions: Supports sip: prefix for SIP/SIMPLE users, but does not support sips: Does not authenticate SIP/SIMPLE users Limitations SIMPLE imposes the following limitations for setting up subscriptions: Subscriptions must be set up on both sides. The LCS user is added to the XMPP user s roster, and then the XMPP user is added to the LCS user s roster. When a Jabber user removes an LCS contact (or vice versa), the user is not automatically removed from the contact s roster. Unlike XMPP, SIP/SIMPLE does not facilitate the automatic removal of contacts from both rosters. LCS-to-XMPP subscriptions are refreshed every hour. When the XMPP server is restarted, LCS users may not see XMPP users presence for a maximum of the subscription interval that has been set up on the LCS IM server (until the next refresh occurs). Page 26
Appendix B Configuring the LCS, SIMPLE, and AIM Gateways This appendix briefly describes how to configure the LCS, SIMPLE, and AIM Gateways when you have two or all three of them installed and running on your XCP system. The information below supplements the instructions provided in Chapter 3, Configuring the LCS Gateway ; however, it is not meant to be used in place of them. No two gateways may be configured within the same S2S Connection Manager (S2SCM). However, if you already have an S2SCM that you are using for communicating with other Jabber XCP servers (XMPP S2S), you can configure the first gateway within this S2SCM. Each additional gateway must be configured in its own S2SCM. Following is an example configuration where all three gateways are installed on the same XCP system. To configure the SIMPLE Gateway 1. Using the XCP Controller, add a Connection Manager 2. Add an S2S Command Processor (The S2SCP has XMPP Incoming and Outgoing directors configured by default.) 3. Add a SIMPLE Server Director. 4. In the SIMPLE Server Director Configuration screen, specify 5060 for the TCP Port and 5060 for the UDP Port, and click Submit to save your configuration. Page 27
5. In the S2S Command Processor Configuration screen, add an Outgoing Connection Attempt Rule and do the following: - For Director ID, enter the SIMPLE Server Director s ID; for example: cm-2_s2scp-1_simplesd-1. - For DNS SRV lookup to use, enter the following: _sip._tcp 6. Click Submit on each screen until you are returned to the Controller s main screen. 7. Add an Open Port component as described starting on page 17, specifying an asterisk (*) in the Host Filters field. Submit your configuration. Each gateway that you configure requires an open port component. However, only one of the open ports can have an asterisk in the Host Filters field. The other gateways open ports must list specific hosts. To configure the LCS Gateway 1. Using the XCP Controller, add a Connection Manager 2. Add an S2S Command Processor. 3. In the S2S Command Processor configuration screen, remove the XMPP Incoming and Outgoing directors (xmppsoutd-1 and xmppsind-1) and the corresponding Outgoing Connection Attempt Rules. 4. Under Director Configuration, select LCS Gateway in the drop-down list, and click Go. 5. In the LCS Gateway Configuration screen: - Specify 9060 for the TCP Port. This port is not used for communication. - Specify 8061 for the TLS Port. The SRV record, _sip._tls, should point to this port. - Click Submit to save your configuration. 6. In the S2S Command Processor Configuration screen, add an Outgoing Connection Attempt Rule and do the following: - For Director ID, enter the LSC Gateway s ID; for example: cm-3_s2scp-1_lcssd-1 - For DNS SRV lookup to use, enter the following: _sip._tls Page 28
7. Click Submit on each screen until you return to the Controller s main screen. 8. Add an Open Port component: - When prompted for the Open Port s ID, enter the ID of the S2SCP; for example: cm-3_s2scp-1 - In the OpenPort Configuration screen, specify the opposite connection type than the one used for the S2SCP; for example, if you used connect for the S2SCP, you must use accept for the Open Port. - Specify the same Component IP, Port, and Password for the Open Port that you used for the S2SCP. - In the Host Filters field, enter the LCS hostname; for example: lcs.example.com - Submit your configuration. To configure the AIM Gateway from Jabber 1. Using the XCP Controller, add a Connection Manager 2. Add an S2S Command Processor. 3. In the S2S Command Processor configuration screen, remove the XMPP Incoming and Outgoing directors (xmppsoutd-1 and xmppsind-1) and the corresponding Outgoing Connection Attempt Rules. 4. Under Director Configuration, select AIM Gateway from Jabber in the drop-down list, and click Go. 5. In the AIM Gateway from Jabber Configuration screen: - Specify 8060 for the TCP Port. This port is not used for communication. - Specify 5061 for the TLS Port. The SRV record, _sip._tls, should point to this port. - Click Submit to save your configuration. 6. In the S2S Command Processor Configuration screen, add an Outgoing Connection Attempt Rule and do the following: - For Director ID, enter the AIM Gateway from Jabber s ID; for example: cm-4_s2scp-1_aolsd-1 - For DNS SRV lookup to use, enter the following: _SIPfederationTLS._TCP Page 29
7. Click Submit on each screen until you return to the Controller s main screen. 8. Add an Open Port component: - When prompted for the Open Port s ID, enter the ID of the S2SCP; for example: cm-3_s2scp-1 - In the OpenPort Configuration screen, specify the opposite connection type than the one used for the S2SCP; for example, if you used connect for the S2SCP, you must use accept for the Open Port. - Specify the same Component IP, Port, and Password for the Open Port that you used for the S2SCP. - In the Host Filters field, enter the AOL hostname; for example: aol.com - Submit your configuration. Page 30
Appendix C Known Issues This appendix describes the issues that are know to exist with version 4.2 of the LCS Gateway. Issue Number Description 19599 If you configure multiple gateways, each gateway must be configured in its own Connection Manager. 19600 When users who have subscribed to each other through the gateway unsubscribe, each user must unsubscribe from the other to completely remove the subscription. Appendix C Known Issues Page 31
Page 32