• Article

Configuring the Internal Interface of the Access Edge Service

Topic Last Modified: 2009-05-22

Use the procedures in this section to configure the internal interface of an Access Edge service, including the following:

  • Configure the IP address of the internal interface. The IP address that you specify for the internal interface applies to all the edge services on the Edge Server.
  • Configure the certificate and FQDN for the internal interface. The certificate and FQDN that you configure for the internal interface apply to all the edge services on the Edge Server. For details about Edge Server certificates, see Certificate Requirements for External User Access in the Planning and Architecture documentation.
  • Configure the port used for the internal interface of the Access Edge service.

Note

Each edge service requires a separate port number. For details, see Port Requirements in the Planning and Architecture documentation.

Note

In the following procedure, you use the Edge Interfaces tab to configure the certificate. You can also use the Certificate Wizard to guide you through the process of configuring the certificate, including assigning the certificate to the internal interface of the server, as described in Set Up Certificates for the External Interface in the Deploying Edge Servers for External User Access documentation.

To configure the IP address of the internal interface of the Edge Server

  1. On the Edge Server, open Computer Management.

  2. In the console tree, expand Services and Applications, right-click Office Communications Server 2007 R2, and then click Properties.

  3. On the Edge Interfaces tab, under Internal Interface, click Configure.

  4. In the Internal Interface dialog box, in the IP address drop-down list box, click the IP address for the internal interface of the Edge Server. If you are using a load balancer, click the IP address to which the load balancer connects. This IP address cannot be the same as any external IP address of the Edge Server.

  5. Under Certificate for this IP address, click Select certificate, and then select a certificate.

  6. If you have made any changes, restart the Office Communications Server Access Edge service as well as the Web Conferencing Edge service and Audio/Video Edge service if they exist on the Edge Server. When you replace an expiring certificate, if the subject name and all other certificate settings of the new certificate except the expiration date are identical to the settings of the expiring certificate, it is not necessary to restart the service.

To configure the certificate and FQDN for the internal interface of the Edge Server

  1. On the Edge Server, open Computer Management.

  2. In the console tree, expand Services and Applications, right-click Office Communications Server 2007 R2, and then click Properties.

  3. On the Edge Interfaces tab, under Internal Interface, click Configure.

  4. In the Internal Interface dialog box, under Certificate for this IP address, click Select certificate, and then select a certificate.

  5. If you have made any changes, restart the Office Communications Server Access Edge service as well as the Web Conferencing Edge service and Audio/Video Edge service if they exist on the Edge Server. When you replace an expiring certificate, if the subject name and all other certificate settings of the new certificate except the expiration date are identical to the settings of the expiring certificate, it is not necessary to restart the services.

To configure the port used for the internal edge of the Access Edge service

  1. On the Edge Server, open Computer Management.

  2. In the console tree, expand Services and Applications, right-click Office Communications Server 2007 R2, and then click Properties.

  3. On the Edge Interfaces tab, under Access Edge Server, click Configure.

  4. In the Access Edge Server dialog box, under Internal ports, in SIP port, if necessary, specify the internal port to which internal servers send SIP traffic destined for external locations. For federation, you must use port 5061. You can change the port used for remote access, but we recommend that you use port 443 to support remote users and anonymous users who connect to conferences from behind a firewall.

  5. If you have made any changes, restart the Office Communications Server Access Edge service as well as the Web Conferencing Edge service and A/V Edge service if they exist on the Edge Server.

    Important

    If you change port settings on the Edge Servers, you must also update the settings on the Enterprise pool or Standard Edition server, as appropriate, using the Federation tab in Global Properties of the forest node, as described in Enabling Federation and Public IM Connectivity and Configuring Routing of Inbound and Outbound SIP Traffic. If you are using a Director, make a corresponding change on the Director using the Federation tab or Front End Properties of the Standard Edition server or Enterprise pool node.