Hi there,
I have read through the MS deployment guides and this forum, but am still not sure if my intended deployment is supported. Any clarification will be appeciated!
I have a working internal OCS 2007 setup. I have also deployed a single consolidated Edge server. The internal Edge server interface is on the internal network where the OCS front-end sits. The external side of the OCS has only one interface on a DMZ interface which connects to the Internet-facing firewall. The question is -
1. Can I assign all three the edge roles to a single physical interface.
2. Then assign three private DMZ IPs to the single interface, one for each role.
3. Then have three static NATs with three public routable IPs natted to the DMZ IP of each role? This will be configured on the firewall.
So on the firewall the static NAT entries will look like this - (BTW, these are not my real addresses
10.10.10.1 - 194..42.22.1 - AV role
10.10.10.2 - 194..42.22.2 - Access role
10.10.10.3 - 194..42.22.3 - Conference role
I then also have trusted public certs for each role and there is an A-record for each public IP address / server role. Will I have problems with the certs installed on the Edge server reporting their private IPs?
Thanks so long,
Walt.
Supported Edge server topology
