XCLN: Error 502 When Logging on to Instant Messaging Home Server by Way of the Instant Messaging Router (272017)



The information in this article applies to:

  • Microsoft Exchange 2000 Server

This article was previously published under Q272017

SYMPTOMS

Clients that attempt to log on to their Instant Messaging home server through an Instant Messaging router with a Firewall Topology Module (FTM) defined within the organization, are continually prompted for authentication credentials. In addition, a 502 error is generated on the Internet Information Services (IIS) protocol log of the Instant Messaging router each time a client attempts to authenticate.

CAUSE

If the initiating client's Internet Protocol (IP) address is outside of the administrator-defined IP range within the FTM, authentication through the Instant Messaging router will not occur. This behavior occurs because the client's IP address is placed into its authentication hash. When the Instant Messaging router determines that the client cannot connect directly with the Instant Messaging home server, because its IP address falls outside of the FTM, it attempts to gateway the authentication request. Because the IP address being used is that of the Instant Messaging router instead of the Instant Messaging client, the authentication hash credentials are different, which causes authentication to stop responding.

RESOLUTION

To resolve this behavior, the client must have a direct connection to its Instant Messaging home server for successful authentication to occur.

STATUS

This behavior is by design.

MORE INFORMATION

The IIS protocol log can usually be found in the following location:

x:\Winnt\System32\LogFiles\W3SVC1 (Default Web site)

Review the appropriate log file for the existence of the 502 error, which is written at the end of the Instant Messaging SUBSCRIBE entry.

Note: The IIS protocol logs are created with the (exyymmdd) yearmonthday format.

Modification Type:MinorLast Reviewed:4/25/2005
Keywords:kbprb KB272017