locked
Is it possible to use NAT on the internal NIC on the A/V Edge Server? RRS feed

  • Question

  • I know that the external NIC must be public routable and not NAT`ed.

     

     

    Is it possible to use NAT on the internal NIC on the A/V Edge Server?

     

    tore

    Tuesday, November 13, 2007 5:22 PM

All replies

  • Yes the internal interface can use a private IP address; that is recommended configuration as well.  Only the interface assigned to the A/V Edge Service requires a public IP address.

     

    Edit:  I see I misunderstood your question; I thought you were asking about using a private IP address on the internal interface.  The post below is correct regarding the usage of NAT between addresses on the internal interface of the Edge server and addresses on your internal front-end servers.

    Tuesday, November 13, 2007 6:40 PM
    Moderator
  • I have NAT on my Internal NIC, but when I run Valtidate A/V server on my Front End server it failes because he tries to access the Edge server ordinary internal NIC address instead of the NAT address.

     

    In the internal DNS I have created an a record thats point to the NAT adresse, and I can sucessfully run telnet against the NAT address on 5062 when I use FQDN

     

    Any clue why the validation not use the NAT address?

     

    tore

    Tuesday, November 13, 2007 7:05 PM
  • Hi,

     

    Here is what is wriiten in the Microsoft Office Communications Server 2007 Planning Guide, page 95:

    Note

    To conform to the requirement of a publicly routable IP address of the A/V Edge Server, the external firewall of the perimeter network must not act as a NAT (Network Address Translator) for this IP address.

    Additionally, the internal firewall must not act as a NAT for the internal IP address of the A/V Edge Server. The internal IP address of the A/V Edge Server must be fully routable from the internal network to the internal IP address of the A/V Edge Server.


    So, the short answer is: No, you cannot use NAT on the internal on the A/V Edge Server.

     

    You should ensure that the internal IP address of the A/V Edge is fully routable from the internal network and point the internal DNS record to that IP address.

     

    Hope, that info will be useful for you.

    Lubo.

    Monday, November 26, 2007 11:55 AM