Solved

OCS External access

Posted on 2010-11-17
16
784 Views
Last Modified: 2013-11-29
Hi Team,
Office Communications Server 2007 R2 Standard Edition is deployed with the

Front End Server, Microsoft SQL Server, A/V Conferencing Server, Web Conferencing Server, and Web Components Server installed on a single physical computer.

I have 50 users on those 40 internal and 10 are external.

40 are able to connecing my OCS Server and able to do chat and conference.

now my plan is want to connect rest of the 10 external users to connect my ocs and do communicate with us.

I would like to know that what other services are reqire to achive this.

like ( Hardware,IPs,SSLs,Extra server ).

i want an step by step information to achive this.

Thanks in advance,

Regards, AKReddy
0
Comment
Question by:KBRaju
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 5
  • 4
  • 3
  • +3
16 Comments
 
LVL 24

Accepted Solution

by:
Awinish earned 112 total points
ID: 34154574
You will require Certificate to access OCS from outside along with natted IP.

Refer part 4.

http://www.shudnow.net/2009/01/05/office-communications-server-2007-r2-enterprise-deployment-part-1/
0
 

Assisted Solution

by:KBRaju
KBRaju earned 0 total points
ID: 34161575

Hi chris/awinish,
Thanks for helping me,

I would like to know do i need to setup Edge interface for External Access .

Regards,AKReddy
0
 
LVL 71

Assisted Solution

by:Chris Dent
Chris Dent earned 56 total points
ID: 34163222

I'm not an expert on this subject, but I am deploying my own OCS system at the moment and maybe I can help you out a bit.

Are you looking at implementing an Access Edge server as well? Or do you want people to access your current server?

Do you wish to enable auto-discovery for the Communicator client for external users? If so, what SIP domain did you choose? Private AD domain name?

Chris
0
NFR key for Veeam Backup for Microsoft Office 365

Veeam is happy to provide a free NFR license (for 1 year, up to 10 users). This license allows for the non‑production use of Veeam Backup for Microsoft Office 365 in your home lab without any feature limitations.

 
LVL 5

Assisted Solution

by:daveTechSearch
daveTechSearch earned 56 total points
ID: 34176101
Have you read through any particular documentation sets on the subject?

A couple of good links:
http://www.ocspedia.com/Edge_Srvr.htm
http://www.gilham.org/Blog/Lists/Posts/Post.aspx?List=aab85845%2D88d2%2D4091%2D8088%2Da6bbce0a4304&ID=709

Question:  How do your existing 10 external users access your environment?  Our external/home currently VPN in first, no additional setup required to access via VPN connection.  
0
 
LVL 24

Assisted Solution

by:Awinish
Awinish earned 112 total points
ID: 34178263
Edge will add security which will filter the traffic flow from inside out & vice versa.

0
 
LVL 13

Assisted Solution

by:AshwinRaj111
AshwinRaj111 earned 221 total points
ID: 34179856
Check the Document for Edge Server Deployment.

It has all the details for Deploying the Edge Server for Remote Connectivity.
0
 
LVL 13

Assisted Solution

by:AshwinRaj111
AshwinRaj111 earned 221 total points
ID: 34179858
0
 

Assisted Solution

by:KBRaju
KBRaju earned 0 total points
ID: 34185559
I am using Standard version of the OCS server 2007 R2, do i reqired Edge server deployment for external access. or  can i use front end server as my external server.

i need clarity on this.

Regards, AKReddy
0
 
LVL 13

Assisted Solution

by:AshwinRaj111
AshwinRaj111 earned 221 total points
ID: 34185729
Edge Server is always required for External Access wheter you use Standard or Enterprise Edition. Front End Server servers the connection for only internal Clients.

For Clients to connect to OCS Outside the Domain Edge Server is required.
0
 

Author Comment

by:KBRaju
ID: 34185746
Hi AshwinRaj,
Thanks for the information,
I could not installed Edge server on OCS, I will do one thing let me first install edge first then i ll get back to you if i reqired any help.

Regards,AKReddy
0
 
LVL 13

Assisted Solution

by:AshwinRaj111
AshwinRaj111 earned 221 total points
ID: 34185764
The Edge Server should be installed on a Work Station. That is the recommended way. Do not install any other Server Roles on the Front End Server. It is not recommended and would end up having Issues.

This includes Exchange Server as Well.

0
 
LVL 24

Expert Comment

by:Awinish
ID: 34189589
For best practices, edge role has to be installed on DMZ for providing secure server access which wil travel through Edge role for external access.

The edge role act as a filter for OCS server holding other roles.
0
 
LVL 15

Assisted Solution

by:Greg Besso
Greg Besso earned 55 total points
ID: 34243050
AK Reddy,

You need a dedicated server, with two or more network adapters. On this server, do NOT join to the domain, but leave in WORKGROUP. You will need to have one network adapter on the LAN, one directly connected to the internet.

Also, you need some "Reverse Proxy" server such as Microsoft ISA Server 2006/Forefront TMG installed in order to publish some of the OCS standard/pool IIS sites.

Plus you will need a combination of SSL certificates on the Reverse Proxy, and also on the EDGE server's WAN interface.

It is a somewhat complicated deployment, as the certificates are "tricky". But you can get it done if you are going to have these resources in place. If you do, continue the thread and people can get you up and running. Also to make the certificate part easier, you can use an internal CA server (your domain controller, etc) and manually configure the remote workstations, rather than purchase SSL certificates before you know which ones work.
0
 

Author Comment

by:KBRaju
ID: 34689035
no objection
0
 

Author Closing Comment

by:KBRaju
ID: 34741026
O K
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A project that enables an administrator to perform actions within a user session context not just at the time of login but any time later on day(s) or week(s) later.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
This tutorial will walk an individual through the process of configuring their Windows Server 2012 domain controller to synchronize its time with a trusted, external resource. Use Google, Bing, or other preferred search engine to locate trusted NTP …

739 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question