Mino – The UC Guy

Microsoft Unified Communications Blog

Posts Tagged ‘OCS Edge doesnt work from outside’

A/V edge server doesn’t work from outside, and external users have problem using audio/video

Posted by Mino on October 13, 2008

 AV edge server requires external interface  that has a public IP address that can route onto the Internet, This Edge interface requires that its traffic to and from its Edge interface be routed with no NAT applied.

you have to assign A/V external interface with a public IP address(no NAT) and connect to check the issue.
The Edge external adapter should have three (publicly routable) IP addresses — access, a/v, and web conf, and in that case, you should want default gateway on external interface pointing to your ISP

If the access, WebConferening Edge server have internal IP and using NAT
while A/V Edge server uses public routable IP address, it will rises
problems in this configuration. If we have defined two gateways in the
routing table, when internet request is coming, we unable to route it to
the correct gateway and it will cause problem. Thus we can only configure
one gateway in this configuration.

To workaround this issue, please either assign another two public IP
addresses for Access and Web Conferencing Edge servers, or install the A/V
Edge server in a separate server.

If the issue persists,  perform the following steps to test the issue:
1. Make sure necessary ports are open correctly
Policy Rules
Local Port: 443 TCP (STUN/TCP)
Direction: Inbound and outbound STUN/TCP media communications
Remote Port: Any
Local IP: The internal IP address of the A/V Edge Server
Remote IP: Any IP address

Local Port: 5062 TCP (SIP/MTLS)
Direction: Outbound (For authentication of A/V users)
Remote Port: Any
Local IP: The internal IP address of the A/V Edge Server.
Remote IP: Any IP Address

Local Port: 3478 UDP (STUN/UDP)
Direction: Outbound (for internal users to send media to external users)
Remote Port: Any
Local IP: The internal IP address of the A/V Edge Server
Remote IP: Any IP Address
Note: If you are using ISA Server as your firewall, you must configure the
rule for send/receive

Following ports should be opened for A/V edge server external interface.
Local Port: 443 TCP (STUN/TCP)
Direction: Inbound (for external users access to media and A/V sessions)
Remote Port: Any
Local IP: The external IP address of the A/V Edge Server
Remote IP: Any IP Address

Local Port Range: 50,000-59,999 TCP (RTP /TCP)
Direction: Inbound/Outbound (for media transfer)
Remote Port: Any
Local IP: The external IP address of the A/V Edge Server. This IP address
must be a publicly routable IP address.
Remote IP: Any IP Address

Local Port: 3478 UDP (STUN/UDP)
Direction: Inbound (for external users connecting to media or A/V sessions)
Remote Port: Any
Local IP: The external IP address of the A/V Edge Server
Remote IP: Any IP Address
Note: If you are using ISA Server as your firewall, you must configure the
rule for send/receive

Local Port Range:  50,000-59,999 UDP (RTP/UDP)
Direction: Inbound/Outbound (for media transfer)
Remote Port: Any
Local IP: The external IP address of the A/V Edge Server. This IP address
must be a publicly routable IP address.
Remote IP: Any IP Address

2. Check the global setting
a. On the Front End Server, open Office Communications Server 2007.
b. In the console tree, right-click the Forest node, click Properties, and
then click Global Properties.
c. Click the Edge Servers tab.
d. Check the A/V Edge Servers, the listed value is ocsedge2007 with port
5062.

Advertisements

Posted in A/V Edge Server, Common Errors, Consolidated Edge | Tagged: , , , , , , , , | 4 Comments »