Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Save to My Library
Look up keyword
Like this
0 of .
Results for:
No results containing your search query
P. 1
Windows Live EDU Firewall IPs Troubleshoot WITH Full IPs

Windows Live EDU Firewall IPs Troubleshoot WITH Full IPs

Ratings: (0)|Views: 282 |Likes:

More info:

Published by: Roberto Júnior Guedes Rodrigues on Nov 26, 2009
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as DOC, PDF, TXT or read online from Scribd
See more
See less





MIIS Firewall IPs
In order to secure transactions between your institution and the Windows Live provisioning system,Microsoft will need to add your schools MIIS server source IP to the permit list on our networkfirewall.The IP address that you give us must be a dedicated static internet addressable IP address. Routingyour MIIS Server through a dedicated firewall/proxy server is acceptable.Run the tests below BEFORE giving us your IP address to be sure that your network is properlyconfigured. It is difficult for us to troubleshoot network routing issues in your own equipment.Once you have configured your IP and run the tests below, send your IP to ed-desk@microsoft.comwith the email title being “MIIS/Firewall IP for MAv2 - <university name>”. Once we get this IP fromyou, we put it in our systems on our side. We will send you email to ask you to test it when the IP isadded to our permit list.
Setting up and Testing the MIIS/Firewall IPs
The IP addresses you give us must be
Static - DHCP assigned IP addresses will not work
Internet routable - 10.x.x.x and 192.168.x.x addresses handed out by most internal routerscannot be used on the internet.
Dedicated to Windows Live calls - Due to the nature of the data we host for our partners, wewould prefer that the source IP(s) provided are dedicated to calls to the Windows Liveprovisioning system. This is to prevent connectivity from other services that you may proxyfrom the same source IP that are unrelated to the Windows Live provisioning functionality.Giving us the general firewall or proxy server of your institution may result in your access toour provisioning server being turned off. If there is other non Windows Live traffic going over this IP address to the server IP we give you, your IP may be locked out without notice.
Open over port 443 (https) and port 80 (http) - You will need to allow two way communicationsover these ports.
Once you have your MIIS server and IP rules setup, run the following tests BEFORE sending us your IP address.
From your MIIS server,go to this web site below. Your server’s IP address as seen on theInternet will be displayed. It’s the IP that our servers will see. If it’s not what you expected, thenresolve this issue. If may be showing the IP address of your router, proxy server or generalnetwork firewall. If this URL does not work for you, this is a list of other web sites that will showyour IP address near the end of this document.http://www.mediacollege.com/internet/utilities/show-ip.shtmlIf you cannot view this web page, then you probably do not have port 80 open. As a result, thetelnet test over port 80 in a later step will probably fail as well. Reconfigure your network to allowaccess over port 80 and rerun this test.If the URL above does not work, you can use these alternate web sites to test your IP.
From your MIIS server , go to the URL above again. The IP address should be consistentwhenever you visit this site, regardless of reboots. If the IP address changes, then reconfigureyour network and retest this step.
From your MIIS server , open up a command window to run the following commands.
Confirm ability to telnet over port 443.
Success will appear as a blank screen as shown above.Failure will give you an error message such as shown above.Wait for 2 minutes for the connection to either go through or fail.www.microsoft.comallowstelnet connection over port 443 regardless of your IP address. If the connection fails, then youdo not have the proper connectivity over port 443. Reconfigure your network until this testworks 
Confirm network connectivity and test ability to telnet over port 80. Open another commandwindow and type
telnet www.microsoft.com80.
You will obtain the same success or failureindications as for port 443.
If all these tests pass, submit your IP address toed-desk@microsoft.comas indicated in theinstructions above.We will send you notification when we’ve loaded your IP into our system. Then you will run telnettest again to the IP address that we send you. It will be of the form Type
>>telnet 443
If connectivity to this new succeeds, notify us that it’s succeeded ated-desk@microsoft.com. YOU ARE DONE! You are ready to move to the next step.
If connectivity fails, perform the following checks. Remember that we have over 100 other universities already working in our system. Most problems can be traced to either fat-fingering IPs during the transfer process or problems on the university side.

Activity (4)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
tbeske liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->