Step 4.4. Connect Your Internal Servers with Your Edge Servers

  • Article

Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.

To connect your internal servers to your edge servers and configure the internal servers to route outbound traffic to the edge servers, you need to run the Configure Server Wizard or Configure Pool Wizard on each server or pool in your organization, as well as on the Director (if you deployed a Director, as recommended).

Before You Begin

When you created your Enterprise pools and Standard Edition servers, you had the option to configure an external Web farm FQDN on the Web Farm FQDNs page in the Create Pool wizard or the Deploy Server wizard. If you did not configure this URL when you ran these wizards, you need to manually configure these settings in WMI. For more information, see Appendix E: Manually Configuring the External Web Farm FQDN on Internal Standard Edition Servers or Pools.

Configure a Director

When you run the Configure Pool or Server Wizard and configure external access on a Director, you configure the following settings:

  • Add your Director as the next hop server through which all external SIP traffic is routed. This setting is configured on the Federation tab in Global Properties.

  • Add your Access Edge Server to the authorized Access Edge Server list on the Edge Server tab in Global Properties.

  • Override the "next hop" setting that is used globally by internal serves and pools so that the Director routes all outbound traffic directly to the Access Edge Server. This setting is configured at the pool or Standard Edition server level on the Federation tab of the pool or Standard Edition server that you use as the Director.

To configure your Director for external user access

  1. Log on to your Director with an account that is a member of the RtcUniversalServerAdmins group.

  2. Start the Deployment Wizard by doing one of the following:

    • If you have the Office Communications Server 2007 installation CD, insert the CD. If Setup does not start automatically, from the Start menu, click Run, type \Setup\I386\Setup.exe, and then click OK.

    • If the Office Communications Server 2007 files reside on a network share, go to the \Setup\I386 folder, and then double-click Setup.exe.

  3. Do one of the following:

    • On a Standard Edition server, click Deploy Standard Edition Server.

    • On an Enterprise Edition server, click Deploy Pool in a Consolidated Topology or Deploy Pool in an Expanded Topology.

  4. At Configure Server, click Run.

  5. On the Welcome to the Configure Pool/Server Wizard page, click Next.

  6. On the Server or Pool to Configure page, select the server from the list, and then click Next.

  7. Accept the default settings until you reach the External User Access Configuration page.

  8. On the External User Access Configuration page, click Configure for external user access now, and then click Next.

    2ac86481-c32b-4ed7-81a4-f9db805e48d3

  9. On the Route External SIP Traffic page, click Route traffic through a Director, and then click Use this pool or server as the Director for routing external traffic.

  10. Click Next.

  11. On the Trusted Access Edge and Web Conferencing Edge Servers page, enter the internal FQDNs required for your Access Edge Server and Web Conferencing Edge Server and click Add after each. The FQDNs that you enter on this page are added to the list of authorized Access Edge and Web Conferencing Edge Servers on the Edge Server tab in Global Properties. Select from the following options:

    • If you are using an array of Access Edge Servers and Web Conferencing Edge Servers or an Access Edge Server array, type the FQDN of the VIP of the internal load balancer.

    • If you are using an array of Access Edge Servers, type the FQDN of the VIP of the internal load balancer.

    • If you are using an array of only Web Conferencing Edge Servers, type the FQDN of the certificate used on the internal interface of the Web Conferencing Edge Server array.

  12. Under Specify the Access Edge Server that internal servers will use to route traffic, select the FQDN of the Access Edge Server to which you want all outbound traffic routed from your internal servers. If your Access Edge Servers are load balanced, use the FQDN of the VIP on the internal load balancer used by your Access Edge Servers.

  13. Click Next.

  14. On the Web Conferencing Edge Server page, click Next. You configure each internal server and pool to route to the appropriate Web Conferencing Edge Server. Directors do not route Web Conferencing traffic.

  15. On the Trusted A/V Edge Servers page, enter the internal FQDN of each A/V Edge Server authorized to connect to your internal servers. The FQDNs that you enter on this page are added to the list of authorized A/V Edge Servers on the Edge Server tab in Global Properties.

  16. On the A/V Edge Server Used by This Server or Pool page, click Next. You configure each internal server and pool to route to the appropriate A/V Edge Server. Directors do not route A/V traffic.

  17. On the Ready to Configure Server or Pool page, review the settings that you specified, and then click Next to configure the Standard Edition server.

  18. When the files have been installed and the wizard has completed, verify that the View the log when you click Finish check box is selected, and then click Finish.

  19. In the log file, verify that <Success> appears under the Execution Result column. Look for <Success> Execution Result at the end of each task to verify Standard Edition server configuration completed successfully. Close the log window when you finish.

Configure Other Internal Servers and Pools for External User Access

Use the following procedure to configure your internal servers or pools for external access. The procedure will vary slightly depending on whether you use a Director.

To connect your internal server with your edge servers

  1. Log on to your internal Standard Edition server or Enterprise pool with an account that is a member of the RtcUniversalServerAdmins group.

  2. Start the Deployment Wizard by doing one of the following:

    • If you have the Office Communications Server 2007 installation CD, insert the CD. If Setup does not start automatically, from the Start menu, click Run, type \Setup\I386\Setup.exe, and then click OK.

    • If the Office Communications Server 2007 files reside on a network share, go to the \Setup\I386 folder, and then double-click Setup.exe.

  3. Do one of the following:

    • On a Standard Edition server, click Deploy Standard Edition Server.

    • On an Enterprise Edition server, click Deploy Pool in a Consolidated Topology or Deploy Pool in an Expanded Topology.

  4. Next to Configure Server or Configure Pool, click Run to start the Pool/Server Configuration Wizard.

  5. On the Welcome page, click Next.

  6. On the Server or Pool to Configure page, in the list, click the pool or server that you want to configure, and then click Next.

  7. Continue through the wizard, specifying the settings that are appropriate to your pool or server configuration, until you reach the External User Access page.

  8. On the External User Access Configuration page, click Configure for external user access now.

  9. On the Routing External SIP Traffic page, do one of the following:

    • If you plan to route all traffic sent to and from the edge servers through a Director, click Route traffic through a Director and, if this is the Director, select the Use this pool or server as the Director for routing external traffic check box, click Next, and then perform the remaining steps in this procedure.

    • If you do not plan to route all traffic sent to and from the edge servers through a Director, click Route directly to and from internal pools and servers.

  10. Click Next.

  11. On the Trusted Access Edge and Web Conferencing Edge Servers page, if you are using a Director and have run the wizard on the Director to configure external user access, these entries on this page are not displayed, so proceed to step 13. If you do not use a Director, you must enter the internal FQDNs required for your Access Edge Server and Web Conferencing Edge Server and click Add after each. The FQDNs that you enter on this page are added to the list of authorized Access Edge and Web Conferencing Edge Servers on the Edge Server tab in Global Properties. Select from the following options:

    • If you are using an array of Access Edge Servers and Web Conferencing Edge Servers or an Access Edge Server array, type the FQDN of the VIP of the internal load balancer.

    • If you are using an array of Access Edge Servers, type the FQDN of the VIP of the internal load balancer.

    • If you are using an array of only Web Conferencing Edge Servers, type the FQDN of the certificate used on the internal interface of the Web Conferencing Edge Server array.

  12. Under Specify the Access Edge Server that internal servers will use to route traffic, if you are using a Director, you do not need to specify the edge server. If you are not using a Director, select the FQDN of the Access Edge Server to which you want all outbound traffic routed from your internal servers. If you are using an Access Edge Server array, enter the FQDN of the VIP used by the Access Edge Server on the internal load balancer.

  13. Click Next.

  14. On the Web Conferencing Edge Server page, do the following:

    • In Internal FQDN, type the FQDN of each internal interface that will be used by internal servers to connect to the Web Conferencing Edge Server, clicking Add after typing each FQDN.

    • In External FQDN, type the FQDN of each external interface that will be used by external users to connect to the Web Conferencing Edge Server, clicking Add after typing each FQDN.

  15. Click Next.

  16. On the Trusted A/V Edge Servers page, type the FQDN of the internal interface that will be used to connect to the A/V Edge Server in the FQDN box, type the port number to be used for the internal interface in the Port box, and then click Add. Repeat for each FQDN to be used. Servers are added to list of authorized A/V Edge Servers on the Edge Server tab in Global Properties.

  17. On the A/V Edge Server Used by This Server or Pool page, type the FQDN of the internal interface of the A/V Edge Server that this server or pool will use for A/V authentication. This FQDN is added to the A/V Properties at the "pool" level for an Enterprise pool or Standard Edition server.

  18. Click Next.

  19. On the Ready to Configure Server or Pool page, review the settings that you selected, and then click Next.

  20. On the completion page, click Finish.