Using Microsoft Exchange 2000 Conferencing Server Over the Internet

Article
02/20/2014

Archived content. No warranty is made as to technical accuracy. Content may contain URLs that were valid when originally published, but now link to sites or pages that no longer exist.

Published: August 1, 2001 | Updated : March 4, 2002

Introduction

This step-by-step guide provides instructions for configuring Microsoft® Exchange 2000 Conferencing Server to host attendees connecting over the Internet. This guide describes the process of configuring conferencing resources for Internet attendance. It also discusses bandwidth and firewall considerations.

Overview

This paper assumes that you have installed and configured Microsoft Exchange 2000 Server and installed Exchange Conferencing Server. This paper also assumes that your Exchange deployment runs and functions properly.

Before you deploy Exchange Conferencing Server, you should have an understanding of administration concepts for Microsoft Windows® 2000 Server (or Windows 2000 Advanced Server) and Exchange. This paper assumes you are familiar with these technologies.

For information about each of these Microsoft products, see the online documentation for each product, Microsoft Windows 2000 Server Resource Kit, or the Microsoft.com Web site.

Conferencing Terminology Review

Familiarity with various Exchange 2000 Server and Exchange 2000 Conferencing Server components and terms enhances your understanding of this paper.

Table 1 lists and describes these components.

Table 1 Conferencing Server components and descriptions

Component	Description
Conference Management Service	Conference Management Service coordinates and manages conferencing technologies and resources, and tracks and controls access to conferences.
Conference Technology Provider	Conference Technology Provider is the back-end service supporting the online meeting. Microsoft provides two Conference Technology Providers within Exchange 2000 Conferencing Server, Data Conferencing Provider and Video Conferencing Provider.
Data Conferencing Provider	Data Conferencing Provider is a conferencing technology based on the T.120 protocol stack that provides collaboration tools such as those found in Microsoft NetMeeting®. Data Conferencing Provider provides a T.120 multipoint control unit for data conferencing clients.
Video Conferencing Provider	Video Conferencing Provider is a conferencing technology that provides video and audio conferences over multicast-enabled IP networks. Video Conferencing Provider also provides an H.323 bridge that allows H.323 conferencing clients to participate in audio and video conferences.
T.120 multipoint control unit (MCU)	The T.120 MCU service runs as a component of Data Conferencing Provider and provides network connections between participants in a data conference.
Multicast Address Dynamic Client Allocation Protocol (MADCAP)	After you configure and activate a multicast scope, the DHCP service in Windows 2000 Server can provide multicast IP addresses in the same way that it provides unicast IP addresses.
Conference calendar mailbox	A conference calendar mailbox is an Exchange 2000 mailbox that stores the definitions and structure of all conferences.
Conference resources	Conference resources are Exchange 2000 mailboxes that conferencing clients invite when scheduling an online meeting. The conference properties, including the resource used, are stored in the conference calendar mailbox.
H.323 bridge	The H.323 bridge permits NetMeeting clients that are unable to connect directly to multicast conferences to connect through a H.323 unicast session.
IP multicasting	Unlike traditional Internet traffic that requires separate connections for each source-destination pair, IP multicasting allows many recipients to share the same connection, which means that just one set of packets is transmitted for all the destinations.
Windows 2000 site	A Windows 2000 site is defined as one or more well-connected (highly reliable and fast) TCP/IP subnets. A site allows administrators to configure the Microsoft Active Directory™ directory services access and replication topology quickly and easily to take advantage of the physical network. When users log on, Windows 2000 locates Active Directory servers in the same site as the user.
Codec	A codec (coder/decoder) is any technology for encoding and decoding data.

Software and Hardware Requirements

To install the Exchange 2000 Conferencing Server configuration discussed in this white paper, you must meet the following software and hardware requirements.

Software Requirements

To install Conferencing Server, the following software is required:

Microsoft Windows 2000 Server or Microsoft Windows 2000 Advanced Server, Service Pack 1 or later.
Microsoft Exchange 2000 Server or Microsoft Exchange 2000 Enterprise Server.
Microsoft Exchange 2000 Conferencing Server.

Note: For best performance, install the latest service pack for each software requirement.

Hardware Requirements

Review the hardware requirements for servers on which you plan to install Conference Management Service, Data Conferencing Provider, and Video Conferencing Provider. Also, review the hardware requirements for conferencing clients that participate in data or video conferences.

Server Computers

Table 2 lists the minimum and the recommended hardware requirements for server computers on which you install Conference Management Service, Data Conferencing Provider, Video Conferencing Provider, or multipoint control units (MCUs).

Table 2 Minimum and recommended hardware for server computers

Minimum hardware	Recommended hardware
133-MHz Intel Pentium processor or equivalent	400–MHz or faster Intel Pentium processor or equivalent
128 megabyte (MB) of RAM	256 megabyte (MB) of RAM

An MCU installed on this hardware configuration with no other applications active can process approximately 500 simultaneous conferencing client connections.

Conferencing Client Computers

Review the hardware requirements for conferencing client computers to participate in data and video conferences.

Data Conferencing Client

Table 3 lists the minimum and recommended hardware requirements for conferencing clients participating in a data conference.

Table 3 Minimum and recommended hardware for data conferencing client computers

Minimum hardware	Recommended hardware
For Windows 95 or later, a 90-MHz Intel Pentium processor or equivalent with 16 MB of RAM	For Windows 95 or later, a 133-MHz or faster Intel Pentium processor or equivalent with at least 16 MB of RAM
For Microsoft Windows NT® or later, a 90-MHz Intel Pentium processor or equivalent with 24 MB of RAM	For Windows NT or later, a 133-MHz or faster Intel Pentium processor or equivalent with at least 32 MB of RAM

Video Conferencing Client

To participate in multicast video conferences, conferencing client computers must have the same hardware as computers running Microsoft Windows 2000 Professional. Video conferences also require the following peripheral equipment:

Sound card with microphone and speakers
Video capture card and camera

Table 4 lists the minimum and recommended hardware requirements for conferencing client computers that participate in multicast video conferences.

Table 4 Minimum and recommended hardware for multicast video conferences

Minimum	Recommended
56 Kbps or faster modem	Local area network (LAN) connection
133-MHz Intel Pentium processor or equivalent	266-MHz or faster Intel Pentium processor or equivalent
64 MB of RAM	128 MB of RAM

Video conferencing client computers without Windows 2000 must use NetMeeting to participate in video conferences. NetMeeting uses H.323 to communicate with the MCU and to bridge participants into the conference. Table 5 lists the minimum hardware requirements for H.323 conferencing clients.

Table 5 Minimum and recommended hardware for H.323 conferencing client computers

Minimum	Recommended
For Windows 95 or later, a 90-MHz Intel Pentium processor or equivalent with 16 MB of RAM	For Windows 95 or later, a 133-MHz or faster Intel Pentium processor or equivalent with at least 16 MB of RAM
For Windows NT, a 90-MHz Intel Pentium processor or equivalent with 24 MB of RAM	For Windows NT, a 133-MHz or faster Intel Pentium processor or equivalent with at least 32 MB of RAM

IP Multicasting vs. H.323 Bridge

IP multicasting supports a one-to-many method of packet delivery. When a conferencing client capable of multicasting joins an online conference, the conferencing client computer is assigned a multicast address. The conferencing client registers the address on its subnet and submits an Internet Group Management Protocol (IGMP) router registration packet.

The routers listening for this multicast address propagate the traffic through a spanning tree type algorithm to all other routers. Any time an IGMP and Request for Comments (RFC) 2236-compliant router receives a multicast packet, the router looks through its routing table and determines whether there are conferencing clients listening for that address on that particular subnet. If there are conferencing clients listening, the packets are delivered to only those conferencing clients. If no conferencing clients on that subnet or segment are listening on that address, the address is not registered with the router, and the router does not forward the packets to the specific subnet.

Note: This paper does not address IGMP and RFC 2236-compliant routers. For additional information about these routers, see the Microsoft Windows 2000 Server Resource Kit or documentation provided by the router manufacturer.

With the exception of large corporate infrastructures and ISPs, most Internet conferencing clients do not have multicast connectivity. To work around this issue, conferencing clients without multicast connectivity need to connect across an H.323 bridge. The H.323 bridge runs on the T.120 multipoint control unit (MCU) server and permits conferencing clients that are unable to connect directly to multicast conferences to connect through an H.323 unicast session and participate in video and audio conferences.

When a conferencing client participates in an online conference, the conferencing client connects directly to the T.120 MCU/H.323 bridge server, which sends the data to all the other participating conferencing clients. Conferencing clients on the Internet can participate in video and audio conferences because the H.323 protocol can be used across the Internet.

Bandwidth Considerations

Because Internet conferencing clients must use the H.323 protocol to communicate, bandwidth is a major consideration for most customers. When H.323 fallback is enabled, the audio codec used is G.711, which consumes roughly 70 kilobits per second (Kbps). The video codec used is H.263, which consumes approximately 90 Kbps. Therefore, conferencing clients connecting to a conference send an average of approximately 160 Kbps for each audio/video stream. To get an estimate of the amount of bandwidth required to have a smooth audio and video conference, multiply the number of conferencing clients participating in the conference by 160 Kbps.

The required bandwidth for data conferencing is difficult to determine because of the many variables involved. For example, whether or not you will be chatting, using a white board, or sharing applications affects the overall bandwidth. However, compared to the bandwidth consumed by audio and video, data conferencing uses relatively few resources.

The type of connection used also has a major influence on the amount of available bandwidth. For more information about bandwidth considerations, see the following Microsoft Knowledge Base article:

290174, "XCCC: Bandwidth Considerations for Conferencing over Internet" https://go.microsoft.com/fwlink/?LinkId=3052&ID=290174

An administrator has several options to control the amount of bandwidth used in a conference. These options include:

Select the codec to be used If you use the G.711 codec, each audio stream uses approximately 70 Kbps. But the GMS 6.11 codec reduces this bandwidth to about 20–30 Kbps. For video, the bandwidth is roughly the same for both the H.262 and the H.263 codecs. However, the H.263 codec has a smarter algorithm and uses slightly less network bandwidth. Although conferencing clients using H.323 default to the G.711 and the H.263 codec, an administrator may choose to define other codecs for any multicast conferencing resource.
Reduce conference participants Another way to control bandwidth is to reduce the number of conference participants possible for video resources. In a multicast conference, additional attendees (that is, individuals who join the conference after the maximum number is reached) connect to the conference as observers and do not send anything to the network.
Define audio-only resources Define resources that use audio only. Resources that do not use video will preserve bandwidth.
Configure the "Automatically send audio at join time" and the "Automatically send video at join time" settings If you do not select these settings, the conferencing client must manually start the audio and video streams in their client. Conferencing Server will not automatically start these streams.
Implement QoS policies Windows 2000 Quality of Service (QoS) includes enterprise and subnet policies that contain rules for your organization. You can set QoS policies to guarantee the amount of available bandwidth to your organization, subnets, or individual users.
Configure MCU visibility restrictions and site referrals Through administrative settings, you can restrict access to an MCU based on a set of subnet mask pairs. Only conferencing clients whose IP addresses match a defined subnet can connect to the MCU. In this way, administrators can divide a Windows 2000 site and direct participants to a specific MCU.
Limit videoconferences over WAN links You can limit videoconferences over WAN links which limits the network area where multicast data can go.
Restrict use of expensive resources Restrict the use of conferencing resources that are the most expensive in your organization.

For more information about these options, see your Exchange 2000 Conferencing Server online documentation.

Firewall Considerations

For Internet conferencing clients to participate in data, video, and audio conferences hosted inside a firewall, administrators need to open primary and secondary ports so that internal and external conferencing clients can communicate with each other. Table 6 lists these ports.

Table 6 Port list for conferences hosted inside a firewall

Conference Type	Port
Data conference	1503
Video and audio conference over the Internet	1720 (H.323 video) and 1731 (H.323 audio)

For data conferencing without audio and video, all you need to do is open port 1503. However, issues arise when configuring your firewall to allow for audio and video conferencing because audio and video require two dynamic ports in addition to ports 1720 and 1731. Because there is not a method for predicting which ports those will be, an administrator must open all the ports on the firewall.

Cisco PIX Firewall

Exchange Conferencing Server was tested behind a Cisco PIX Firewall with successful results. However, the steps necessary to configure Conferencing Server behind a Cisco PIX Firewall are beyond the scope of this paper. For more information about configuring the firewall, see the following Microsoft Knowledge Base article:

299668, "XCCC: Configuring Exchange 2000 Conferencing Server Behind a PIX Firewall" https://go.microsoft.com/fwlink/?LinkId=3052&ID=299668

Microsoft Internet Security and Acceleration (ISA) Server 2000

You can also configure Exchange Conferencing Server to work with Microsoft Internet Security and Acceleration (ISA) Server 2000. For more information, see the following Microsoft Knowledge Base article:

303098, "XCCC: How to Configure Exchange 2000 Conferencing Server and ISA Server to Allow Audio and Video" https://go.microsoft.com/fwlink/?LinkId=3052&ID=303098

Network Address Translation (NAT) Servers

Network Address Translation (NAT) servers are being used more often, especially in small office and home office environments.

Note: Remote conferencing clients may participate in data conferences that are conducted behind a NAT server, but video and audio conferences behind a NAT server are not supported.

Configuring Exchange Conferencing Server for Internet Attendees

To configure Exchange Conferencing Server for Internet attendees, use the following four steps.

Create an additional Windows 2000 site and subnet.
Manage the conferencing site.
Create conferencing resources.
Configure T.120 MCU properties.

Step 1: Create an Additional Windows 2000 Site and Subnet

You must configure more than one Windows 2000 site and subnet before the Conference Management Service can distinguish conferencing clients as either connecting locally or from the Internet. If you do not configure more than one site, all conferencing clients appear to come from the default (the internal) Windows 2000 site.

Note: If your topology includes a perimeter network (also known as DMZ, demilitarized zone, and screened subnet), the best practice is to create another Windows 2000 site in the perimeter network, and then install an additional Exchange Conferencing Server in the site to handle requests from Internet attendees. In the meantime, the server running Exchange Conferencing Server on the internal network is dedicated to managing requests from internal attendees. In this case, you need to create a subnet with the IP address of the server running Exchange Conferencing Server in the perimeter network and a 32-bit subnet mask, such as 255.255.255.255.

If you have only one active server running Exchange Conferencing Server in your primary site and do not have a perimeter network, you must create a placeholder subnet and site as described in Task 1 and Task 2. Be aware that, if you create a placeholder site to allow Exchange Conferencing Server to distinguish Internet conferencing clients from local conferencing clients and you have Exchange 2000 running on a member server, you must also define a subnet for the default site and add that server to the Servers folder on the default site.

You can only use Active Directory Sites and Services from a computer that has access to a Windows 2000 domain. The Active Directory Sites and Services snap-in is installed on all Windows 2000 domain controllers. To use Active Directory Sites and Services on a computer that is not a domain controller, such as one running Windows 2000 Professional, install the Windows 2000 Administration Tools.

Task 1: Create a Placeholder Site

Log on to your domain controller as Domain Administrator.
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
Right-click the Sites container and then click New Site.
In Name, type the name of the new site, for example Internet.
Click the DEFAULTIPSITELINK site link object, and then click OK (Figure 1).

Figure 1: New Object – Site dialog box

For detailed information about the steps in this task, see your Windows 2000 online documentation.

Task 2: Create a Placeholder Subnet

Log on to your domain controller as Domain Administrator.
Click Start, point to Programs, point to Administrative Tools, and then click Active Directory Sites and Services.
Double-click the Sites container.
Right-click the Subnets container, and then click New Subnet.
In Address, type 1.1.1.1 for the IP address.
In Mask, type 255.255.255.255 for the subnet mask.
Select the Internet site object for this subnet, and then click OK (Figure 2).

Figure 2: New Object – Subnet dialog box

For detailed information about the steps in this task, see your Windows 2000 online documentation.

Step 2: Manage the Conferencing Site

In this step, you manage the conferencing site. Before you manage your conferencing site, you should create a new storage group named Conferencing Storage Group, and then create and mount a new mailbox store named Conferencing Mailbox Store Server Name . Use this mailbox store for conferencing calendar mailboxes and resources. By separating the conferencing database from your user's database, you make it possible to perform a selective backup and restore.

Click Start, point to Programs, point to Microsoft Exchange, and then click System Manager.
Select your Exchange 2000 Server and click the Action menu, point to New, then click Storage Group.
Name the new storage group Conferencing Storage Group.
Right-click the new storage group, point to New, and then click Mailbox Store.
Name the new mailbox store Conferencing Mailbox Store Server Name .
When asked to mount the new mailbox store, click Yes.
On the Start menu, point to Programs, point to Microsoft Exchange, and click Conferencing Manager.
Right-click the Exchange Conferencing container, and then click Manage.
Click OK to choose either the Default-First-Site-Name conferencing site or your Windows 2000 site name conferencing site if you changed the default site name.
When prompted to designate the conference calendar mailbox, click Yes.
In Conference Calendar Mailbox, click Create, and then type the account information for the mailbox.

Note: Although a password is not required, you should use one.

Important: Be certain to select the conferencing storage group mailbox store you created for this mailbox.

For detailed information about this step, see your Exchange 2000 Server and Exchange 2000 Conferencing Server online documentation.

Step 3: Create Conferencing Resources

In this step, you create conference resources.

Click Start, point to Programs, point to Microsoft Exchange, and then click Conferencing Manager.
Right-click your conferencing site, and then click Properties.
Click the Resources tab, and then click Add.
In New Resource Mailbox, type the account information.

Note: Select the conferencing storage group mailbox store you created for this mailbox in "Step 2: Managing the Conferencing Site."
In Resource Properties, click Add, and then select Data Conferencing Provider.

Note: Data Conferencing Provider is necessary even for video and audio conferences because the H.323 bridge is a component of the Data Conferencing service.
In Technology Provider Properties for data conferences, enter the number of planned meeting participants. See Figure 3 for more information.

Figure 3: Data conference Technology Provider Properties dialog box
In Resource Properties, click Add, and then select Video Conferencing Provider.
In Technology Provider Properties for video conferences, enter the number of planned meeting participants, and select Enable H.323 Data Provider fallback for Audio/Video Conferences.
If you are using MADCAP servers to allocate multicast addresses, in Use multicast IP addresses from the following scopes, select the scope. If you are not using MADCAP servers, Conference Management Service randomly allocates a multicast address. See Figure 4 for more information.

Figure 4: Video conference Technology Provider Properties dialog box
On the Conference Settings tab, in Access URL for user connections, type the fully qualified domain name (FQDN) of the active host server. This name will take the form of https://servername.yourdomainname.com/conferencing, where yourdomainname is your DNS domain name. See Figure 5 for more information.

Note: If you configured your settings to allow external participants access the server using a URL in the form of https://www.yourdomainname.com/conferencing, you must add a CNAME record to your DNS settings so that www is mapped to the actual machine name. For information about how to add this record, see the following article in the Microsoft Knowledge Base:

168322, "Creating a DNS Alias Record" https://go.microsoft.com/fwlink/?LinkId=3052&ID=168322

Figure 5: Conference Settings tab

Important: Do not make the FQDN longer than 32 characters.

Note: The naming convention used for the conference resources should indicate the type of Conference Technology Provider used, the number of participants allowed, and, if applicable, the Windows 2000 site name. For example, FSExchConfResDV20 represents a resource with the following attributes:

Site name = First site (FS)

Conference Technology Provider used = Data and video (DV)
Number of allowed participants = 20.

For detailed information about this step, see your Exchange 2000 Conferencing Server online documentation.

Step 4: Configure T.120 MCU Properties

In this step, you configure T.120 MCU properties.

Click Start, point to Programs, point to Microsoft Exchange, and then click Conferencing Manager.
In the console tree, click the Data Conferencing Provider container.
In the details pane, right-click the T.120 MCU server, and then click Properties.
On the General tab, select the Accept client connections from the Internet check box.
In Use network name, type the FQDN of the appropriate T.120 MCU server, and then click OK. See Figure 6 for more information.

Figure 6: T.120 MCU server properties dialog box

Important: Do not make the FQDN longer than 32 characters.
Allow enough time for replication if you have multiple domain controllers or domains in your topology.

Important: If you are modifying the Use network name setting in Accept client connections from the Internet from a hostname to a FQDN, to clear the directory services cache, you must either restart the server or use the Dscflush utility from the Exchange 2000 Resource Kit.

Note: When you want to join an online conference across the Internet, you must enter the FQDN of the active host server in your browser's address field.