powered by Jive Software

Openfire 3.7.1 & Server-To-Server problems/questions

We have been using Openfire as an IM platform for several years now and have been very pleased with it. We are now looking to expand our IM offerings by using FastPath to allow customers to talk with our service department. In addition, we are looking to make a server publicly available for internal users who cannot get VPN access.

In my lab environment, (VMWare Server 2.0.2 on Windows Server 2003 x64) I’m using LinuxMint LXDE machines as my test servers and client stations. I am using the tar.gz version of Openfire, not the .DEB . I’ve got two servers and two client stations. There are two users each on the servers.

Users on the same server can see each other just fine. Everything functions as normal. I’ve turned on Server-To-Server and put in the host names and it appears to be working. (I’ve got the names hard coded into the /etc/hosts file). Here are my problems:

-Users on Server B cannot search for users on Server A (which is what I want). However they can be added if the user knows the Jabber ID of the person they are looking for (which is fine). However when the clients update their rosters, one of the two always appears offline yet the chat works perfectly. Have I dont something wrong?

-Users who have accounts on Server A but can only get to Server B are unable to connect. Does the Server-To-Server not allow users to connect this way?

-OTR doesn’t work with S2S clients. Not sure if that is by design or if its related to the weirdness I’m seeing with user presence.

My boss doesn’t want us to use a single server that we’d put out in the DMZ. He was hoping there would be a way we could use multiple servers so the DMZ server is for “road warriors” and customers. The plan would be to set the internal server up for internal users with LDAP/AD. Deploy the DMZ server and turn on Server-To-Server so they can talk to each other.

Is this an incorrect approach?

Related questions (one of which was one I asked LOL):

I’m going to re-read these and see if I can come up with a working solution.

Too bad you can’t use one server. Open up the XMPP and Tomcat ports on the firewall and redirect accordingly. All done.

I agree. The issue that I have here is my boss feels the DMZ is more an “internet user” zone than “multipurpose”. My initial thought was to just move them both out into the DMZ and problem solves. Corporate clients connect to the corporate server and external clients connect to the “client” server. S2S between them.

So right now, I’m trying to come up with a solution that lets me have my corporate IM server “internal” and have an external server that customers/clients can connect to and chat with support techs inside.

Ultimately we want to deploy FastPath with it. Since we’ve been using the software for so long I’m almost tempted to have my company just pay someone to come up with the solution.

Ever since I upgraded from 3.6.4 to newest version the S2S functionality has never seem the same. The fact of the users show as offline is just one of them. The file transfer is another. Sometimes it works, most of the time it does not.

I was hoping for a new version to repair it all.

Good luck,