<!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4; mso-font-charset:0; mso-generic-font-family:roman; mso-font-pitch:variable; mso-font-signature:-1610611985 1107304683 0 0 159 0;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4; mso-font-charset:0; mso-generic-font-family:swiss; mso-font-pitch:variable; mso-font-signature:-1610611985 1073750139 0 0 159 0;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {mso-style-unhide:no; mso-style-qformat:yes; mso-style-parent:""; margin-top:0cm; margin-right:0cm; margin-bottom:10.0pt; margin-left:0cm; line-height:115%; mso-pagination:widow-orphan; font-size:11.0pt; font-family:"Calibri","sans-serif"; mso-fareast-font-family:Calibri; mso-bidi-font-family:"Times New Roman"; mso-fareast-language:EN-US;} span.Bold {mso-style-name:"Bold\,b"; mso-style-unhide:no; font-weight:bold; mso-bidi-font-weight:normal;} .MsoChpDefault {mso-style-type:export-only; mso-default-props:yes; font-size:10.0pt; mso-ansi-font-size:10.0pt; mso-bidi-font-size:10.0pt; mso-ascii-font-family:Calibri; mso-fareast-font-family:Calibri; mso-hansi-font-family:Calibri;} @page Section1 {size:612.0pt 792.0pt; margin:70.85pt 3.0cm 70.85pt 3.0cm; mso-header-margin:35.4pt; mso-footer-margin:35.4pt; mso-paper-source:0;} div.Section1 {page:Section1;} -->
Hello Delli
I gonna try to explain in english
Im doing a lab with ocs 2007 SE no R2, and this is my esscenario, i have a DC with windows 2003 std sp2 and exchange 2003 in the same machine, the ip is 194.168.1.1/24 gw 194.168.1.1, and DNS 194.168.1.1 my test domain is homeip.net, in this server i have a CA internal , DNS, and the level functional is 2003, my DNS only have 2 zones: forward (homeip.net) and reverse, in other machine ip 194.168.1.3/24 gw 194.168.1.1, dns 194.168.1.1.
I installed IIS with the services coming in the guide from i downloaded from microsoft site i began to install OCS 2007 with windows 2003 std. to install ocs 2007 in this machine i did the follow, the firs steep was prepare the schema, next i prepare the forest, and the last step was prepare the domain, afther i selected deploy SE server in the page configuration wizard to deploy server click next, in the page Accept contract.... click next, in the page location files...... click next, in the page acconunt of service.... i put a user and password, click next, in the page acconunt of complements service.... i put a user and password, click next,in the Web Farm FQDNs page in the Internal web farm FQDN :
i write srvocs.homeip.net (name of my server) in External Web farm FQDN i write extweb.homeip.net, click next, On the Location for Database Files page, i accepted the default directories, click next to finish.
At Configure Server, click Run , On the Welcome to the Configure Pool/Server Wizard page, i click Next , On the Server or Pool to Configure page i selected srvocs.homeip.net, click next, On the SIP domains page, i verifed my SIPdomain (homeip.net), On the Client Logon Settings page, i selected Some or all clients will use DNS SRV records for automatic logon . click next , on the SIP Domains for Automatic Logon page, i select check box for the domains that will be supported by the server for automatic sign-in, and then click Next, On the External User Access Configuration page, i selec t Do not configure for external user access now, click next, On the Ready to Configure Server or Pool page, i review the settings, click next until finish.
On the Welcome to the Certificate Wizard page, click Next, On the Available Certificate Tasks page, click Create a new certificate , and then click Next . On the Delayed or Immediate Request page, click Send the request immediately to an online certification authority , and then click Next, On the Name and Security Settings page, i filled the blank spaces tha name of the cert is cerint i select 24 bit and mark like exportable and click next, i filled the organization information, click next, On the Your Server’s Subject Name page, In Subject Name i select srvocs.homeip.net, click, On the Geographical Information page i filled the blank spaces until finish. On the Certificates Wizard completed successfully page, click Assign, in the dialog box appears a take my cert and assing, and finish. This cert was assing to IIS in this server. On the Welcome to the Start Services Wizard page, click Next, i start the services. the next steps were run the validation and all was fine, and the next step was enable my users on ths srvocs.homeip.net server, i have 2 pc with MOC and Live meeting and its works fine, in my forwad lookup zone in my DC y setup the next host A and SRV record
HOST A srvocs ip 194.168.1.3, srv sipinternaltls._tcp port 5061 -> srvocs.homeip.net and sipinternal._tcp port 5061 -> srvocs.homeip.net
The next step was deploy EDGE server consolided topology, i did the next
I have a machine with w2k3 sp2 2 nick one internal 194.168.1.5/24 no GW, DNS 194.168.1.1 and one external 189.162.x.x/24 gw 189.162.x.x, DNS 189.162.x.x (this cominng from my ISP through adsl) Click Deploy Other Server Roles . Click Deploy Edge Server , click next, On the Welcome page, click Next . i accept the terms until finish, in the activate Edge Server , click Run to start the Activate Office Communications Server 2007 Wizard,
i active the 3 services ( Access Edge Server , Web Conferencing Edge Server , A/V Edge Server ) i created the account and click next, until finish. on the Deploy Edge Server page , On the Welcome page, click Next , and next again, On the Internal Interface page , In the Internal Interface IP Address box i select 194.168.1.5, In the FQDN for the internal interface i select ocsedge.homeip.net, On the External Interface page , For an Access Edge Server select 189.162.x.x port 5061 and sip.homeip.net, for Web Conferencing Edge the same ip and port 443 and conf.homeip.net, for A/V Edge Server the same ip and port 444 and av.homeip.net, on Enable Features on Access Edge Server page i marked all options, On the FQDN of the Internal Next Hop Server page , i select srvocs.homeip.net, On the Authorized Internal SIP Domains i select homeip.net, On the Authorized Internal Servers page , i select srvocs.homeip.net, and i click next until finish, then i back to the FE server (srvocs) an ran the Deploy SE server and select step 3 (configure server) i did click next on the welcome screen and then choose the FE server for the external connectivity (SRVOCS.HOMEIP.NET), click next and i leave the same sip domain, click next until to find external user access configuration page, and i select configure for external user access now, in the routing external SIP traffic i select Route directly to and from internal pool and servers, click next, in the trusted access edge servers and web conf.......... select srvedge.homeip.net click next, on the web conference edge server page, in the internal type srvedge.homeip.net in the external conf.homeip.net and click next, on the trusted A/V edge server page type srvedge.homeip.net port 5062 click next until finish. Then i back to the edge server and Set Up Certificates for the Internal Interfaces, i downloaded certint.p7b cert from my srvocs FE and paste in the srvedge and Deploy Edge Server page, next to Configure Certificates for the Edge Server ,click Run to start the Communications Certificate Wizard . On the Welcome page, click Next On the Available Certificate Tasks page, select Import a certificate chain from a .p7b file, and then click Next until finish, the next step was run again the wizard and i created and assing each cert for each services from my edge server until finish and then i started the services and my edge server is working, the next step i did was update my dns, i back to the srvpdc (domain controller) and on my DC in DNS forward zone i create host a 194.168.1.5 srvocs.homeip.net, 189.162.x.x for sip.homeip.net, conf.homeip.net and av.homeip.net, i created the next srv records sipfederationtls._tcp port 5061 -> sip.homeip.net, sip._tcp -> 443 sip.homeip.net, sip._tls port 443 -> sip.homeip.net, and that is all my configuration i want to know is it posible conect from outside ( internet) whitout firewall a create the invitation with one of my user and paste the invitation in word document and paste in a lap with Live meeting client and open the invitation but it dont conect and i dont know if is necesary i have a trial from isa server just in case.
Other thing if you see i just put my dns record into my forward zone from my DC i don't know if this is correct
Berna
