OCS Edge Server

We have a hybrid IP telephony system - integrated Nortel CS1k/OCS 2007 R2 environment which provides enterprise voice (VoIP) for our users. Mix of softphones/hardphones.

In our setup, we have an OCS Standard Edition server (which also has the Monitoring Server Role), a Mediation Server, an Application Proxy Server, a Unified Messaging Server and a CWA Server. They are all this side of the network, with a single TMG server facing the internet (holds CWA cert etc). We do not have an Edge Server or DMZ setup.

We are looking to enable the configuration for external web conferencing. So external users can join conferences (using Live Meeting).

The recommended MS configuration advises to have an Edge Server, in a DMZ. Is it possible to set this up in our existing configuration without negating security? (without having to setup a separate Edge Server, another Firewall and  a DMZ). Or even a compromise somewhere in the middle?

I know we can setup our existing OCS Server as the Edge Server but would expose it to the internet. Is it possible to do this but not have the OCS server directly internet facing and behind the TMG? And still be secure??

Many thanks

Steve
LVL 3
tebe155Asked:
Who is Participating?
 
Jeff_SchertzConnect With a Mentor Commented:
You cannot deploy the Edge server role on any of the existing OCS servers, it must be installed on a dedicated server.

You also cannot provide external Web conferencinaccesses without the Edge server, simply forwarding traffic to the Front End server will not work.  Also you cannot publish the Edge server with TMG if you plan to use any Audio/VideDesktop Sharingng features externally as TMG does not support SNAT required for ICE media negotiation.

I suggest reading throsome som of these articles to understand what is and is not supported or possible with the OCS Edge Server configuration:
http://blog.schertz.name/2010/06/pointbridge-posts-ocs-edge-server/
0
 
tebe155Author Commented:
Hello Jeff,

Thanks for the information provided.

Can I quiz you further. Web Conferencing Server is configured on the OCS Std Ed server but obviously no Edge Server configured (see screendumps).

Is this why internal conferencing works via Outlook client and not externally?

And to sum up, we would need to install a dedicated Edge Server (internet facing) in a DMZ between TMG and another external firewall to get this working?

Cheers

Steve
     ocs 1 ocs 2
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.