Appendix B: Disabling IPSec
Microsoft Office Communications Server 2007 and Microsoft Office Communications Server 2007 R2 will reach end of support on January 9, 2018. To stay supported, you will need to upgrade. For more information, see Resources to help you upgrade your Office 2007 servers and clients.
For Enterprise networks where IPSec (see IETF RFC 4301-4309) has been deployed, IPSec must be disabled over the range of ports used for the delivery of audio, video and panorama video. The recommendation is motivated by the need to avoid any delay in the allocation of media ports due to IPSec negotiation.
The following table explains the recommended IPSec exception settings. For clients, see the minimum and maximum media port range section in the Microsoft Office Communications Server 2007 Technical Reference Guide for details about how to specify a range of ports to limit the extent of the IPSec exceptions that must be put in place in your network.
Table 110 Recommended IPSec Exceptions
Rule Name | Source IP | Destination IP | Protocol | Source Port | Dest Port | Filter Action |
---|---|---|---|---|---|---|
A/V Edge Server Internal Inbound |
Any |
A/V Edge Server Internal |
UDP & TCP |
Any |
Any |
Permit |
A/V Edge Server External Inbound |
Any |
A/V Edge Server External |
UDP & TCP |
Any |
Any |
Permit |
A/V Edge Server Internal Outbound |
A/V Edge Server Internal |
Any |
UDP & TCP |
Any |
Any |
Permit |
A/V Edge Server External Outbound |
A/V Edge Server External |
Any |
UDP & TCP |
Any |
Any |
Permit |
Mediation Server Inbound |
Any |
Mediation Server(s) |
UDP & TCP |
Any |
Any |
Permit |
Mediation Server Outbound |
Mediation Server(s) |
Any |
UDP & TCP |
Any |
Any |
Permit |
A/V Conferencing Inbound |
Any |
A/V Conferencing Servers |
UDP & TCP |
Any |
Any |
Permit |
A/V Conferencing Server Outbound |
A/V Conferencing Servers |
Any |
UDP & TCP |
Any |
Any |
Permit |
Exchange Inbound |
Any |
Exchange Unified Messaging |
UDP & TCP |
Any |
Any |
Permit |
Exchange Outbound |
Exchange Unified Messaging |
Any |
UDP & TCP |
Any |
Any |
Permit |
Clients |
Any |
Any |
UDP |
Specified Media Port Range |
Any |
Permit |