OCS Consolidated A/V not working RRS feed

  • Question



    We have implemented "OCS consolidated" edge server.  It has two two ethernet cards one connected to firewall and another is connected to our inside network. As per the consolidated topology given by Microsoft. Firewall outside is connected to internet.

    Three DNS records are published on Public DNS which points to accessedge@domainname.com , confedge@domainname.com and last is avedge@domainname.com  with addressas follows

    1. access@domainname.com ----> PUB_Address_1 ----->  NATed in F/w to ---> Private_Address_1

    2. confedge@domainname.com ---> PUB_Address_2 --->  NATed in F/W to ---> Private_Address_1

    3. avedge@domainname.com    ------> PUB_Address_3 --> Directly forwarded to ---> EdgeServer


    EDGE server ethernet card one, connected to firewall is in the series of Private_Address.( all three address configured on this card : Private_Address_1, Private_Address_2,PUB_Address_3 )


    Deafult Gateway  of this card is Firewall inteface IP address in the Private_Address_ range. Proble is comign for the Third IP address Which is PUB_Address_3 we are not able to give Default gateway for this card. This should be publically routeable ip address as per Microsoft.



    EDGE server ethernet card two connected to internal network is ( internal_IP_Addresss_1) this subnet is the same as that of OCS server. ( this card and OCS server are in the same subnet.)


    When tried to initiate a call from internal user to external user we found that internal user is generating a packet for the IP address of the  user who is havign a public IP address. ( we have used protocol analyser for this). It shoud send these packets to OCS edge server and the OCS edge server should sen it the the user which is on outside world.


    Same thing took place whe we tried to initate a call from outside user to a internal user, it generated a packets to IP address of internal user notebook. (That is to  my notebook Private IP) which will definitely not work.


    Has anyone implemented the consolidated topology OCS edge server,

    Please share how have you implemented the IP addressing sceheme so that you will be able to make a voice call from internal user to outside user. Also please let me know what firewall rules are added for OCS.

    When two users are outside call is working ok.

    TEXT is working fine for all the three  cases -- inside to inside ,  inside to outside and also outside to outside.



    Pls. share your experience.

    Thanks in advance.

    subodh bapat







    Wednesday, October 1, 2008 5:54 AM

All replies

  • I have a similar installation but with separate network interface for A/V. In my case it only works woth two (!) default gateways: 1 pointing to DMZ and one pointing to our internet gateway (public address). In addition I have disabled "dead gateway detection" - you will find more about that using a search engine.



    Wednesday, October 1, 2008 11:23 AM
  • You'll need to add a third interface to that server for a supported configuration, as you can't put both private and public IP addresses in different IP subnetworks on the same physical interface. Ideally you should have the three interfaces configured as such:

    1. Internal Edge with internal or perimeter private IP address
    2. Access Edge and Webconf Edge with perimeter private IP addresses
    3. A/V Edge with external public IP address

    I'd suggest reading through this blog and the linked Microsoft articles (especially the Perimeter Network whitepaper): http://blogs.pointbridge.com/Blogs/schertz_jeff/Pages/Post.aspx?_ID=33


    Dead Gateway Detection is discussed, but the supported configuration is not to have a default gateway on multiple adapters as well. Typically a persistent static route is added to to handle traffic for the third A/V interface

    Wednesday, October 1, 2008 12:31 PM
  • Hi,

    Thanks for your update

    Our server has two ethernet cards: 1. /24 and another i2. /24.


    1. Poins to Firewall : default gateway : with total 3  ip address configured on the same card

    those are ,  and PUB_ADDRESS_1 ( this is used for avedge.domainname.com).

    With this PUB_ADDRESS_1 we are not able to give default gateway. ( obvious reason the subnet is different ).


    2. This card points to our internal network of 24 series. Address of OCS server is in the same subnet.

    OCS server is


    I am trying to draw the diagram :


                                          firewall ip:                    OCS server :


    ---( outside internet) ---| firewall | ---------------| EDGE-SERVER| --------------------|OCS server| users : / 24 subnet


                               first card of edge :              edge server:

                 same card secondary add :      

                 same card third address : PUB_ADDRESS_1


    User laptop tries to communicate the outside user IP address , why? Dont understand.

    It is like this "

    notebook address /24 , destination address: example) which is poublic IP address of outside user insted of sending the traffic to EDGE server.


    Please share your experience

    Thanks in advance






    Wednesday, October 1, 2008 12:34 PM
  •  Jeff Schertz wrote:

    Dead Gateway Detection is discussed, but the supported configuration is not to have a default gateway on multiple adapters as well. Typically a persistent static route is added to to handle traffic for the third A/V interface


    Jeff - could you give me an example for such a static route? I'm not sure how to differentiate between those different kinds of traffic.




    Wednesday, October 1, 2008 1:15 PM