locked
How to configure ISA 2006 network relationship to support OCS Edge Server A/V Role RRS feed

  • Question

  •  

    Hi,

    I am from a UC Team in a company, we have some problems between ISA 2006 and OCS Consolidated Edge Server. Internally voice, video, live meeting and IM works fine. Externally voice, video and IM works fine too. We have some problems with live meeting for the external users. Here is our topology:


    http://i34.tinypic.com/1ilbbm.jpg

    The question are:

    1) Is ISA 2006 capable to support this topology, meaning it can do all this with ISA?
    2) EDGE Server external NICs are connected to ISA DMZ NIC?
    3) Is ISA 2006 capable to route (not NAT) the traffic from its external interface to A/V role interface?.  (We don´t know how to do this in ISA).
    4) Wich is the network relationship between ISA 2006 DMZ and Edge Server Roles DMZ?.

    Thanks a lot.


    Greetings

    Navegador2002
    Wednesday, September 10, 2008 7:22 PM

Answers

All replies

  • This whitepaper on designing permeter network for OCS is a must read and will likely address your questions:

    http://www.microsoft.com/downloads/thankyou.aspx?familyId=e4a8d703-e41a-47d9-b9dd-2799f894af92&displayLang=en

    Thursday, September 11, 2008 12:36 AM
  • Thursday, September 11, 2008 3:48 PM
  • 1) Yes.

    2) It works. You can also configure ISA with 4 interfaces (external, external DMZ, internal DMZ, internal) or use 2 ISA servers. The internal Edge interface connect to internal LAN works but it is more secure to connect it to a DMZ. For external DMZ you need some public ip adresses (a public ip subnet). For internal DMZ you can use private ip addresses

    3) Yes. You need a public ip for external a/v edge interface. For external webconf edge and access edge interface you can use NAT or also public ip addresses.

    4) Relation = Route

     

    Read the documents refered in other replies.

     

    yours sincerely

    Joerg Bachmann

     

    Friday, September 12, 2008 8:23 AM
  •  

    Thanks everyone for responding!
     
    The problem with live meeting was solved. I could do this looking and looking and looking again the firewall rules of ISA along with the EDGE SERVER network interfaces configuration.
     
    Thanks again!!!
    Friday, September 12, 2008 1:20 PM