Friday, October 31, 2008

security guys hate you, or maybe not after OCS R2

In OCS "R1" it's you need to get the security guys to open port 50.000 - 59.000 in the firewall.

You don't need that in OCS R2, see Jeff's blog:

Another welcome change to the A/V Edge configuration requirements is that the RTP TCP/UDP inbound port range of 50000 to 59000 is no longer required with R2, but is optionally supported. The client A/V communications can be limited to just the STUN UDP 3478 and TCP 443 ports, greatly simplifying the external firewall configuration. So if a current deployment already has the firewall configured for the previous 50000-59000 port range, then OCS R2 still supports using them, but new deployments can benefit from these changes off the bat.