TechNet
Export (0) Print
Expand All

Firewall Support

Communications Server 2007 R2

Topic Last Modified: 2010-04-16

Office Communications Server supports an internal firewall, an external firewall, or both an internal and an external firewall for Edge Servers. A configuration with both an internal and an external firewall is strongly recommended.

The internal firewall, the external firewall, or both can consist of multiple firewall computers behind a hardware load balancer.

In addition to being supported as a reverse proxy, Microsoft Internet Security and Acceleration (ISA) Server is supported as a firewall for Office Communications Server 2007 R2. The following versions of ISA are supported as a firewall:

  • ISA Server 2006
  • ISA Server 2004
Dd572754.note(en-us,office.13).gifNote:
If you use ISA Server as your firewall, configuring it as a NAT is not supported, because ISA Server 2006 does not support static NAT.

The firewall requirements for correct functioning of Edge Servers are as follows:

  • For single, non-scaled Edge Server deployments (single Edge Server in a location), the IP address of the external interface of the A/V Edge service may or may not be publicly routable (although it is recommended that it be publicly routable). In this scenario, the external firewall can be configured as a network address translation (NAT). For details, see Firewall Requirements for External User Access in the Planning and Architecture documentation.
  • For scaled Edge Server deployments (multiple Edge Servers in a location), the IP address of the external interface of the A/V Edge service must be publicly routable. In this scenario, the external firewall must not function as a NAT.
  • In all Edge Server topologies, the internal firewall must not act as a NAT for the internal IP address of any Edge Servers.
  • Each service running on an Edge Server should have a separate IP address, which can be on a separate physical network adapter, or it can be a single multi-homed network adapter.

For details about default ports and required firewall settings, see Ports and Protocols in the Planning and Architecture documentation.

Community Additions

ADD
Show:
© 2016 Microsoft