Home > Exchange and UC > using ASA and OCS video conferencing server

using ASA and OCS video conferencing server


During my attendance of OCS ignite tour training and some other OCS events, we have been informed that OCS edge video servers cannot be located behind a NAT device e.g. firewall, this is due to the fact the Video conferencing doesn’t work correctly with NATing, so the design was saying give the Edge NIC a real IP and place it directly on the internet.

I have been working a while with ASA and I have tested my configuration, you don’t need a NAT device in ASA (5520,5540) V7 or V8 (this is my testing so results could be true), the edge server could have a real IP on its NIC, and placed in the DMZ for example, in this case the ASA will filter the packets only as a firewall and will not do Natting, creating a DMZ for the edge server might be a hustle but this is not the case if you created sub interfaces.

This might be a tricky discussion when talking to Microsoft partner or consultant since this is not the case of ISA 2006, but you can do the above configuration safely on your ASA.

I am thinking about creating routing rule between the DMZ in ISA server and the internal/external network but I didn’t have the chance to test it, so this might do the trick instead of placing your video edge server naked in the desert.

Categories: Exchange and UC
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: