Solved

OCS Edge Server

Posted on 2011-09-08
2
520 Views
Last Modified: 2012-05-12
We have a hybrid IP telephony system - integrated Nortel CS1k/OCS 2007 R2 environment which provides enterprise voice (VoIP) for our users. Mix of softphones/hardphones.

In our setup, we have an OCS Standard Edition server (which also has the Monitoring Server Role), a Mediation Server, an Application Proxy Server, a Unified Messaging Server and a CWA Server. They are all this side of the network, with a single TMG server facing the internet (holds CWA cert etc). We do not have an Edge Server or DMZ setup.

We are looking to enable the configuration for external web conferencing. So external users can join conferences (using Live Meeting).

The recommended MS configuration advises to have an Edge Server, in a DMZ. Is it possible to set this up in our existing configuration without negating security? (without having to setup a separate Edge Server, another Firewall and  a DMZ). Or even a compromise somewhere in the middle?

I know we can setup our existing OCS Server as the Edge Server but would expose it to the internet. Is it possible to do this but not have the OCS server directly internet facing and behind the TMG? And still be secure??

Many thanks

Steve
0
Comment
Question by:tebe155
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 12

Accepted Solution

by:
Jeff_Schertz earned 500 total points
ID: 36502473
You cannot deploy the Edge server role on any of the existing OCS servers, it must be installed on a dedicated server.

You also cannot provide external Web conferencinaccesses without the Edge server, simply forwarding traffic to the Front End server will not work.  Also you cannot publish the Edge server with TMG if you plan to use any Audio/VideDesktop Sharingng features externally as TMG does not support SNAT required for ICE media negotiation.

I suggest reading throsome som of these articles to understand what is and is not supported or possible with the OCS Edge Server configuration:
http://blog.schertz.name/2010/06/pointbridge-posts-ocs-edge-server/
0
 
LVL 3

Author Comment

by:tebe155
ID: 36502851
Hello Jeff,

Thanks for the information provided.

Can I quiz you further. Web Conferencing Server is configured on the OCS Std Ed server but obviously no Edge Server configured (see screendumps).

Is this why internal conferencing works via Outlook client and not externally?

And to sum up, we would need to install a dedicated Edge Server (internet facing) in a DMZ between TMG and another external firewall to get this working?

Cheers

Steve
     ocs 1 ocs 2
0

Featured Post

Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When you are trying to access the server, have you ever encountered "The terminal server has exceeded the maximum number of allowed connection" error?  or "The user is attempting to log on to a Terminal Server in Remote Administration mode, but the …
Skype is a P2P (Peer to Peer) instant messaging and VOIP (Voice over IP) service – as well as a whole lot more.
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

751 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question