Step 2.3. Configure Firewalls
Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
Configuring firewalls includes configuring both of the following:
Internal firewall between the perimeter network and your internal network
External firewall between the perimeter network and the Internet
How you configure your firewalls is largely dependent on the specific firewalls you use in your organization, but each firewall also has common configuration requirements that are specific to Office Communications Server 2007. Follow the manufacturer's instructions for configuring each firewall, along with the information in this section, which describe the settings that must be configured on the two firewalls.
To conform to the requirement of a publicly routable IP address of the A/V Edge Server, the external firewall of the perimeter network must not act as a NAT (Network Address Translator) for this IP address.
Additionally, the internal firewall must not act as a NAT for the internal IP address of the A/V Edge Server. The internal IP address of the A/V Edge Server must be fully routable from the internal network to the internal IP address of the A/V Edge Server.
The following figure shows the default firewall ports for each server in the perimeter network.
Figure 7. Firewall ports for the perimeter network
.jpg "d9691310-42ea-4648-a485-7d350e30b3cc")
The following sections provide additional information about each port to be configured for each server role in each topology, as well as a mapping of the numbers in the previous figure to the respective port descriptions.
In the following tables, the direction for firewall policy rules that is indicated as outbound is defined as follows:
On the internal firewall, it corresponds to traffic from servers on the internal (private) network to the edge server in the perimeter network.
On the external firewall, it corresponds to traffic from the edge server in the perimeter network to the Internet.
Consolidated Edge Topology Firewall Policy Rules
The following tables explain the firewall policy rules that are required on each server in the perimeter network when you deploy edge servers in the consolidated edge topology.
The following describes the firewall policy to be configured for the reverse proxy.
Table 9 Firewall Settings for the Reverse Proxy
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for external user access to Web conferences) Remote Port: 443 TCP (HTTP(S)) Local IP: The internal IP address of the reverse proxy Remote IP: Any |
2 |
External |
Local Port: 443 TCP (HTTP(S)) Direction: Inbound Remote Port: Any Local IP address: The external IP address of the HTTP reverse proxy Remote IP: Any > [!NOTE] > If you want your users to be able to connect from inside your intranet to external conferences hosted by other companies, then you will also need to open port 443 outbound. |
1 |
The following table describes the firewall policy rules to be configured for the Access Edge Server.
Table 10 Firewall Settings for the Access Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for remote user access and federation) Remote Port: 5061 TCP (SIP/MTLS) Local IP address: The internal IP address of the Access Edge Server Remote IP: The IP address of the next hop server. If a Director is deployed, use the IP address of the Director or VIP of the load balancer, if the Directors are load balanced |
5 |
Internal |
Local Port: 5061 TCP (SIP/MTLS) Direction: Outbound (for remote user access and federation) Remote Port: Any Local IP address: The internal IP address of the Access Edge Server Remote IP: If no Director is deployed, you must use any IP address. If a Director is deployed, use the IP address of the Director or VIP of the load balancer, if the Directors are load balanced |
5 |
External |
Local Port: 5061 TCP (SIP/MTLS) Direction: Inbound/Outbound (federation) Remote Port: Any Local IP: The external IP address of the Access Edge Server Remote IP: Any IP address |
3 |
|
Local Port: 443 TCP (SIP/TLS) Direction: Inbound (for remote user access) Remote Port: Any Local IP: The external IP address of the Access Edge Server. Remote IP: Any IP address |
4 |
The following table describes the firewall policy rules to be configured for the Web Conferencing Edge Server.
Note
PSOM is the Microsoft proprietary protocol used for Web conferencing.
Table 11 Firewall Settings for the Web Conferencing Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 8057 TCP (PSOM/MTLS) Direction: Outbound (for traffic between internal Web Conferencing Servers and the Web Conferencing Edge Servers) Remote Port: Any Local IP: The internal IP address of the Web Conferencing Edge Server Remote IP: Any IP address |
7 |
External |
Local Port: 443 TCP (PSOM/TLS) Direction: Inbound (for access of remote, anonymous, and federated users to internal Web conferences) Remote Port: Any Local IP: The external IP address of the Web Conferencing Edge Server Remote IP: Any IP address |
6 |
The following table describes the firewall policy rules to be configured for the A/V Edge Server.
Table 12 Firewall Settings for the A/V Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 443 TCP (STUN/TCP) Direction: Outbound STUN/TCP media communications Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP address |
12 |
|
Local Port: 5062 TCP (SIP/MTLS) Direction: Outbound (For authentication of A/V users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server. Remote IP: Any IP Address |
13 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
14 |
External |
Local Port: 443 TCP (STUN/TCP) Direction: Inbound (for external users access to media and A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server Remote IP: Any IP Address |
8 |
|
Local Port Range: 50,000-59,999 TCP (RTP /TCP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address. Remote IP: Any IP Address |
9 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Inbound (for external users connecting to media or A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
10 |
|
Local Port Range: 50,000-59,999 UDP (RTP/UDP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address. Remote IP: Any IP Address |
11 |
Single-Site Edge Topology Firewall Policy Rules
The following tables explain the firewall policy rules required on each server in the perimeter network when you deploy edge servers in the single-site edge topology.
The following table describes the firewall policy to be configured for the reverse proxy.
Table 13 Firewall Settings for the Reverse Proxy
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for external user access to Web conferences) Remote Port: 443 TCP (SIP/TLS) Local IP: The internal IP address of the reverse proxy Remote IP: Any |
2 |
External |
Local Port: 443 TCP (HTTP(S)) Direction: Inbound Remote Port: Any Local IP address: The external IP address of the HTTP reverse proxy Remote IP: Any > [!NOTE] > If you want your users to be able to connect from inside your intranet to external conferences hosted by other companies, then you will also need to open port 443 outbound. |
1 |
The following table describes the firewall policy rules to be configured for the Access Edge Server.
Table 14 Firewall Settings for the Access Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for remote user access and federation) Remote Port: 5061 TCP (SIP/MTLS) Local IP address: The internal IP address of the Access Edge Server Remote IP: The IP address of the next hop server. If a Director is deployed, use the IP address of the Director or VIP of the load balancer, if the Directors are load balanced |
5 |
Internal |
Local Port: 5061 TCP (SIP/MTLS) Direction: Outbound (for remote user access and federation) Remote Port: Any Local IP address: The internal IP address of the Access Edge Server Remote IP: If no Director is deployed, you must use any IP address. If a Director is deployed, use the IP address of the Director or VIP of the load balancer, if the Directors are load balanced |
5 |
External |
Local Port: 5061 TCP (SIP/MTLS) Direction: Inbound/Outbound (federation) Remote Port: Any Local IP: The external IP address of the Access Edge Server Remote IP: Any IP address |
3 |
|
Local Port: 443 TCP (SIP/TLS) Direction: Inbound (for remote user access) Remote Port: Any Local IP: The external IP address of the Access Edge Server Remote IP: Any IP address |
4 |
The following table describes the firewall policy rules to be configured for the Web Conferencing Edge Server.
Note
PSOM is the Microsoft proprietary protocol used for Web conferencing.
Table 15 Firewall Settings for the Web Conferencing Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 8057 TCP (PSOM/MTLS) Direction: Outbound (for traffic between internal Web Conferencing Servers and the Web Conferencing Edge Servers) Remote Port: Any Local IP: The internal IP address of the Web Conferencing Edge Server Remote IP: Any IP address |
7 |
External |
Local Port: 443 TCP (PSOM/TLS) Direction: Inbound (for access of remote, anonymous, and federated users to internal Web conferences) Remote Port: Any Local IP: The external IP address of the Web Conferencing Edge Server Remote IP: Any IP address |
6 |
The following table describes the firewall policy rules to be configured for the A/V Edge Server.
Table 16 Firewall Settings for the A/V Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 443 TCP (STUN/TCP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP address |
12 |
|
Local Port: 5062 TCP (SIP/MTLS) Direction: Outbound (For A/V authentication of users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP Address |
13 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
14 |
External |
Local Port: 443 TCP (STUN/TCP) Direction: Inbound (for external users access to media and A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server Remote IP: Any IP Address |
8 |
|
Local Port Range: 50,000-59,999 TCP (RTP/TCP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
9 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Inbound (for external users connecting to media or A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
10 |
|
Local Port Range: 50,000-59,999 UDP (RTP/UDP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
11 |
Scaled Single-Site Edge Topology Firewall Policy Rules
The following tables explain the firewall policy rules required on each server in the perimeter network when you deploy edge servers in the single-site edge topology.
The following table describes the firewall policy to be configured for the reverse proxy.
Table 17 Firewall Settings for the Reverse Proxy
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for external user access to Web conferences) Remote Port: 443 TCP (HTTP(S)) Local IP: The internal IP address of the reverse proxy Remote IP: Any |
2 |
External |
Local Port: 443 TCP (HTTP(S)) Direction: Inbound Remote Port: Any Local IP address: The external IP address of the HTTP reverse proxy Remote IP: Any > [!NOTE] > If you want your users to be able to connect from inside your intranet to external conferences hosted by other companies, then you will also need to open port 443 outbound. |
1 |
The following table describes the firewall policy rules to be configured for the Access Edge Server.
Table 18 Firewall Settings for the Access Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for remote user access and federation) Remote Port: 5061 TCP (SIP/MTLS) Local IP address: The internal IP address of the Access Edge Server Remote IP: The IP address of the next hop server. If a Director is deployed, use the IP address of the Director or VIP of the load balancer, if the Directors are load balanced |
5 |
Internal |
Local Port: 5061 TCP (SIP/MTLS) Direction: Outbound (for remote user access and federation) Remote Port: Any Local IP address: The internal IP address of the Access Edge Server Remote IP: If no Director is deployed, you must use any IP address. If a Director is deployed, use the IP address of the Director or VIP of the load balancer, if the Directors are load balanced |
5 |
|
||
External |
Local Port: 5061 TCP (SIP/MTLS) Direction: Inbound/Outbound (federation) Remote Port: Any Local IP: The VIP address used by the Access Edge Server array on the external load balancer. Remote IP: Any IP address |
3 |
|
Local Port: 443 TCP (SIP/TLS) Direction: Inbound (for remote user access) Remote Port: Any Local IP: The VIP address used by the Access Edge Server array on the external load balancer. Remote IP: Any IP address |
4 |
The following table describes the firewall policy rules to be configured for the Web Conferencing Edge Server.
Note
PSOM is the Microsoft proprietary protocol used for Web conferencing.
Table 19 Firewall Settings for the Web Conferencing Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 8057 TCP (PSOM/MTLS) Direction: Outbound (for traffic between internal Web Conferencing Servers and the Web Conferencing Edge Servers) Remote Port: Any Local IP: The internal IP addresses of the Web Conferencing Edge Servers Remote IP: Any IP address |
7 |
External |
Local Port: 443 TCP (PSOM/TLS) Direction: Inbound (for access of remote, anonymous, and federated users to internal Web conferences) Remote Port: Any Local IP: The VIP address used by the Web Conferencing Edge Server array on the external load balancer Remote IP: Any IP address |
6 |
The following table describes the firewall policy rules to be configured for the A/V Edge Server.
Table 20 Firewall Settings for the A/V Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 443 TCP (STUN/TCP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The VIP address used by the A/V Edge Server array on the internal load balancer Remote IP: Any IP address |
12 |
|
Local Port: 5062 TCP (SIP/MTLS) Direction: Outbound (For A/V authentication of users) Remote Port: Any Local IP: The VIP address used by the A/V Edge Server array on the internal load balancer Remote IP: Any IP Address |
13 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server and the VIP address used by the A/V Edge Server array on the internal load balancer Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive |
14 |
External |
Local Port: 443 TCP (STUN/TCP) Direction: Inbound (for external users access to media and A/V sessions) Remote Port: Any Local IP: The VIP address used by the A/V Edge Server array on the external load balancer Remote IP: Any IP Address |
8 |
|
Local Port Range: 50,000-59,999 TCP (RTP/TCP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
9 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Inbound (for external users connecting to media or A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server and the VIP address used by the A/V Edge Server array on the external load balancer Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
10 |
|
Local Port Range: 50,000-59,999 UDP (RTP/UDP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
11 |
Multiple-Site Edge Topology Firewall Policy Rules for the Remote Site with One or More Standalone Web Conferencing Edge Servers and a Single A/V Edge Server
The following tables explain the firewall policy rules required on each server in the perimeter network in the remote site when you deploy edge servers in the multiple edge site topology. The firewall policy rules that are required in the central data center are the same as those required in the scaled single-site topology described in the previous section. Because the users in the remote site use the Access Edge Server in the central site, there is no table for the Access Edge Server in this section.
The following table describes the firewall policy to be configured for the reverse proxy.
Table 21 Firewall Settings for the Reverse Proxy
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for external user access to Web conferences) Remote Port: 443 TCP (HTTP(S)) Local IP: The internal IP address of the reverse proxy in the remote site Remote IP: Any |
2 |
External |
Local Port: 443 TCP (HTTP(S)) Direction: Inbound Remote Port: Any Local IP address: The external IP address of the HTTP reverse proxy in the remote site Remote IP: Any > [!NOTE] > If you want your users to be able to connect from inside your intranet to external conferences hosted by other companies, then you will also need to open port 443 outbound. |
1 |
The following table describes the firewall policy rules to be configured for the Web Conferencing Edge Server.
Note
PSOM is the Microsoft proprietary protocol used for Web conferencing.
Table 22 Firewall Settings for the Web Conferencing Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 8057 TCP (PSOM/MTLS) Direction: Outbound (for traffic between internal Web Conferencing Servers and the Web Conferencing Edge Servers) Remote Port: Any Local IP: The internal IP address of each Web Conferencing Edge Servers in the remote site Remote IP: Any IP address |
7 |
External |
Local Port: 443 TCP (PSOM/TLS) Direction: Inbound (for access of remote, anonymous, and federated users to internal Web conferences) Remote Port: Any Local IP: The external IP address of each Web Conferencing Edge Server in the remote site Remote IP: Any IP address |
6 |
The following table describes the firewall policy rules to be configured for the A/V Edge Server.
Table 23 Firewall Settings for the A/V Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 443 TCP (STUN/TCP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server in the remote site Remote IP: Any IP address |
12 |
|
Local Port: 5062 TCP (SIP/MTLS) Direction: Outbound (For A/V authentication of users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server in the remote site. Remote IP: Any IP Address |
13 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server in the remotes site. Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
14 |
External |
Local Port: 443 TCP (STUN/TCP) Direction: Inbound (for external users access to media and A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server in the remote site Remote IP: Any IP Address |
8 |
|
Local Port Range: 50,000-59,999 TCP (RTP /TCP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server in the remote site. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
9 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Inbound (for external users connecting to media or A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server in the remote site. Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
10 |
|
Local Port Range: 50,000-59,999 UDP (RTP/UDP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
11 |
Scaled Remote-site Edge Topology Firewall Policy Rules
The following tables explain the firewall policy rules required on each server in the perimeter network when you deploy edge servers in a scaled remote-site edge topology.
The following table describes the firewall policy to be configured for the reverse proxy.
Table 24 Firewall Settings for the Reverse Proxy
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: Any Direction: Inbound (for external user access to Web conferences) Remote Port: 443 TCP (SIP/TLS) Local IP: The internal IP address of the reverse proxy Remote IP: Any |
2 |
External |
Local Port: 443 TCP (HTTP(S)) Direction: Inbound Remote Port: Any Local IP address: The external IP address of the HTTP reverse proxy Remote IP: Any > [!NOTE] > If you want your users to be able to connect from inside your intranet to external conferences hosted by other companies, then you will also need to open port 443 outbound. |
1 |
The following table describes the firewall policy rules to be configured for the Web Conferencing Edge Server.
Note
PSOM is the Microsoft proprietary protocol used for Web conferencing.
Table 25 Firewall Settings for the Web Conferencing Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 8057 TCP (PSOM/MTLS) Direction: Outbound (for traffic between internal Web Conferencing Servers and the Web Conferencing Edge Servers) Remote Port: Any Local IP: The internal IP addresses of the Web Conferencing Edge Servers Remote IP: Any IP address |
7 |
External |
Local Port: 443 TCP (PSOM/TLS) Direction: Inbound (for access of remote, anonymous, and federated users to internal Web conferences) Remote Port: Any Local IP: The VIP address used by the Web Conferencing Edge Server array on the external load balancer Remote IP: Any IP address |
6 |
The following table describes the firewall policy rules to be configured for the A/V Edge Server.
Table 26 Firewall Settings for the A/V Edge Server
| Firewall | Policy Rules | Figure Mapping |
|---|---|---|
Internal |
Local Port: 443 TCP (STUN/TCP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The VIP address used by the A/V Edge Server array on the internal load balancer Remote IP: Any IP address |
12 |
|
Local Port: 5062 TCP (SIP/MTLS) Direction: Outbound (For A/V authentication of users) Remote Port: Any Local IP: The VIP address used by the A/V Edge Server array on the internal load balancer Remote IP: Any IP Address |
13 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Outbound (for internal users to send media to external users) Remote Port: Any Local IP: The internal IP address of the A/V Edge Server and the VIP address used by the A/V Edge Server array on the internal load balancer Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
14 |
External |
Local Port: 443 TCP (STUN/TCP) Direction: Inbound (for external users access to media and A/V sessions) Remote Port: Any Local IP: The VIP address used by the A/V Edge Server array on the external load balancer Remote IP: Any IP Address |
8 |
|
Local Port Range: 50,000-59,999 TCP (RTP/TCP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
9 |
|
Local Port: 3478 UDP (STUN/UDP) Direction: Inbound (for external users connecting to media or A/V sessions) Remote Port: Any Local IP: The external IP address of the A/V Edge Server and the VIP address used by the A/V Edge Server array on the external load balancer Remote IP: Any IP Address > [!NOTE] > If you are using ISA Server as your firewall, you must configure the rule for send/receive. |
10 |
|
Local Port Range: 50,000-59,999 UDP (RTP/UDP) Direction: Inbound/Outbound (for media transfer) Remote Port: Any Local IP: The external IP address of the A/V Edge Server. This IP address must be a publicly routable IP address Remote IP: Any IP Address |
11 |