How to use audio/video in Sametime 8.5.x if you're behind the most basic of firewalls.
Category Sametime Firewall
As some of you may know, Epilio is basically a virtual organization, we do not have a need for a physical office with employees working from home or on-site at customer location. This has never proven an issue, as we can communicate very well using IM and online meetings. When we do need to have a physical meeting we'll often combine it with a dinner in a restaurant, rent a meeting room at a hotel or use a service like REGUS. So prior to Sametime 8.5 we would actually use Sametime meetings and p2p voice chat quite a bit, with the built in Sametime audio features. With Sametime 8.5.x IBM broke all that for us.
Our Sametime setup really wasn't anything complex, and our home networks are mainly pretty basic, running simple things like a $50 linksys router (unless you're one of our uber geeks who have along with their servers have a rack mounted firewalls in their house). We have our Servers running on VMWare ESXi servers out in the cloud, keeping our home electricity bills down, and not using up precious bandwidth when customers are uploading or downloading files. This all worked fine with Sametime 8.0.x but things changed in Sametime 8.5, Sametime 8.5 audio/video and media server is basically useless unless you are on the same network as the server. IM works fine, Meetings work fine, but audio/video just can't work in that configuration.
Personally I think IBM didn't really see this as an issue during the betas and during their own usage because they all access the IBM network over a VPN, guess what we, and many other companies don't do that. Fortunately since 8.5 shipped IBM has had feedback from many companies like my own where this just broke how they had Sametime deployed, so they are working on a fix for a future build. Ironically, 8.5 which was supposed to make us use Sametime more actually made us use Skype more which is never a good thing as users say things like "Hey this just works and it's free right?".
Anyway, this blog is titled how to use audio/video in Sametime 8.5.x so we must have solved it right, yes we did. I wanted a simple VPN to manage, that would still allow people access to their regular network and wouldn't pass all their network traffic through it. Many VPNs, you connect to it and then all your traffic goes through that VPN server, so I was looking for a quick simple solution that could do the job. The solution for me was LogMeIn Hamachi. LogMeIn Hamachi has a few virtual network type options, a mesh network, a hub and spoke network or a gateway network. It looked like Mesh would do what I needed. A mesh network allows you to see each others machine in the network directly with no firewall interaction, and gives each machine a virtual IP address.
I installed the Hamachi client on the sametime servers and on each machine that needed to access Mesh network . The small VPN client that loads shows you each of the other machines in the mesh network and their virtual IP Addresses. All I had to do was modify the hosts file to add the virtual IP addresses for the sametime community and sametime media server, and the client could then login and get audio/video services.
As some of you may know, Epilio is basically a virtual organization, we do not have a need for a physical office with employees working from home or on-site at customer location. This has never proven an issue, as we can communicate very well using IM and online meetings. When we do need to have a physical meeting we'll often combine it with a dinner in a restaurant, rent a meeting room at a hotel or use a service like REGUS. So prior to Sametime 8.5 we would actually use Sametime meetings and p2p voice chat quite a bit, with the built in Sametime audio features. With Sametime 8.5.x IBM broke all that for us.
Our Sametime setup really wasn't anything complex, and our home networks are mainly pretty basic, running simple things like a $50 linksys router (unless you're one of our uber geeks who have along with their servers have a rack mounted firewalls in their house). We have our Servers running on VMWare ESXi servers out in the cloud, keeping our home electricity bills down, and not using up precious bandwidth when customers are uploading or downloading files. This all worked fine with Sametime 8.0.x but things changed in Sametime 8.5, Sametime 8.5 audio/video and media server is basically useless unless you are on the same network as the server. IM works fine, Meetings work fine, but audio/video just can't work in that configuration.
Personally I think IBM didn't really see this as an issue during the betas and during their own usage because they all access the IBM network over a VPN, guess what we, and many other companies don't do that. Fortunately since 8.5 shipped IBM has had feedback from many companies like my own where this just broke how they had Sametime deployed, so they are working on a fix for a future build. Ironically, 8.5 which was supposed to make us use Sametime more actually made us use Skype more which is never a good thing as users say things like "Hey this just works and it's free right?".
Anyway, this blog is titled how to use audio/video in Sametime 8.5.x so we must have solved it right, yes we did. I wanted a simple VPN to manage, that would still allow people access to their regular network and wouldn't pass all their network traffic through it. Many VPNs, you connect to it and then all your traffic goes through that VPN server, so I was looking for a quick simple solution that could do the job. The solution for me was LogMeIn Hamachi. LogMeIn Hamachi has a few virtual network type options, a mesh network, a hub and spoke network or a gateway network. It looked like Mesh would do what I needed. A mesh network allows you to see each others machine in the network directly with no firewall interaction, and gives each machine a virtual IP address.
I installed the Hamachi client on the sametime servers and on each machine that needed to access Mesh network . The small VPN client that loads shows you each of the other machines in the mesh network and their virtual IP Addresses. All I had to do was modify the hosts file to add the virtual IP addresses for the sametime community and sametime media server, and the client could then login and get audio/video services.
Comments
-Tim E. Brown
Posted by Tim E. Brown At 12:18:57 PM On 12/02/2010 | - Website - |
Posted by Carl Tyler At 12:20:43 PM On 12/02/2010 | - Website - |
Posted by Pierre At 07:47:45 PM On 12/02/2010 | - Website - |
In the meantime good to hear about the workaround.
Posted by Rob Ingram At 05:00:58 PM On 12/07/2010 | - Website - |
Posted by Alexey Zimarev At 06:05:17 AM On 01/13/2011 | - Website - |