Hi,

We've been using LCS internally on our network for over a year now. We recently decided it would be nice for some of our external users to communicate with the office using LCS through PocketPC devices and/or Office Communicator installed at home. So we deployed an Access Proxy.

I used our internal CA to setup our internal certificates (using the template generated from the reskit) and I acquired a test certificate from Thawte (also tried a verisign test certificate) for the external edge of our Access Proxy. Our PocketPC devices work wonderfully using Mobile Communicator. At first our external access worked great too. I don't know what I did but now I can only login to the Access Proxy with the PocketPC devices, my Office Communicator (and Windows Messenger 5.1) client from home gets the following error.

"There was a problem verifying the certificate from the server. Please contact your network administrator."

I ran LCSDiag on both the LCS2005se server and the Access Proxy and no errors came back. I loaded the reskit at home and tried the "diagnostic client" tool in LCSDiag and everything came back AOK, but yet when I tried to sign in with an actual client I still get the above error.

I don't know what I could have possibly changed to cause this error to suddenly appear, but I need to fix this. It's not a root ca problem, my home computer trusts the test certificate and even trusts my internal CA (even though when I had it working it only trusted the test certificate ca).

Could it be a port being blocked by our corporate firewall??? I'm pretty sure the firewall has 5061 and 443 open to the external edge of the server.

I tried backtracking my steps to see if I could figure it out and the only thing I did was setup IIS on the Access Proxy machine so I could have the global address book accessible to external Communicator users. Could that have done something?

Any help here would be appreciated.