locked
diff bet 1st and 2nd scenarios of SFB Edge Server deployment RRS feed

  • Question

  • Hello

    While looking for information before installing edge server..came across these diff scenarios of edge server where d 1st one says

    single consolidated Edge Servers with private ip adress and NAT

    2nd one - single consolidated Edge Servers with public ip adresses 

    According to what I understand is  1st case is for within a comapny though locations are diff but same company

    2nd scenario means use this to give external access which means diff company users can communicate with each other?

    Am I right? or missing something?

    Thursday, October 13, 2016 11:01 AM

Answers

  • Hi Lexi,

    For a single consolidated edge with private ip and NAT

    this is a single edge server deployment. The external network interface on the edge server have private IPs assigned and NAT is provided by a firewall for the Public IPs. in this scenario public ips are not assigned directly to the external network interface on the edge server, private addresses are used instead and NAT is used.

    For example

    so you can have sip.domain.com 89.234.23.11 -> NAT -> External Private IP 10.10.10.2 on Edge Server External interface.

    Second scenario

    single consolidated Edge Servers with public ip adresses -

    this is a single edge server but Public IP address are assigned directly to the external network interface of the edge server. The firewall is NOT providing NAT for these addresses as its not required as the public addresses are assigned directly to the edge server ext interface.

    For example

    so you can have sip.domain.com 89.234.23.11 -> External Public IP 89.234.23.11 on Edge Server External interface.

    You have probably seen this but theres some diagram for this here

    https://technet.microsoft.com/en-us/library/mt346416.aspx?f=255&MSPPError=-2147217396

    If you need anything else just let me know.

    thanks,

    Martin


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer". Thank you. This forum post is based upon my personal experience and does not reflect the opinion or view of my employer.

    • Proposed as answer by Alice-Wang Friday, October 14, 2016 7:23 AM
    • Marked as answer by Alice-Wang Friday, October 28, 2016 10:01 AM
    Thursday, October 13, 2016 11:29 AM
  • Hi Lexi Mace,

    Welcome to post in our forum.

    Agree with Martin.

    As a supplement, when using public IP address on the Edge Server, the default gateway on the Edge Server is no longer your firewall or router, but the router or firewall at your public perimeter edge – which will be a public address. The reverse proxy continues to use the router or firewall associated with the outermost perimeter network. The difference between the reverse proxy and the Edge Server with public IP addresses is that the reverse proxy is still using NAT and the Edge Server is using a route relationship.

    Single consolidated edge with private IP addresses and NAT in Lync Server 2013

    https://technet.microsoft.com/en-us/library/gg399001(v=ocs.15).aspx

    Single consolidated edge with public IP addresses in Lync Server 2013

    https://technet.microsoft.com/en-us/library/jj205148(v=ocs.15).aspx

    Hope this reply helpful to you.


    Alice Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Liinus Monday, October 17, 2016 7:20 AM
    • Marked as answer by Alice-Wang Friday, October 28, 2016 10:01 AM
    Friday, October 14, 2016 7:37 AM

All replies

  • Hi Lexi,

    For a single consolidated edge with private ip and NAT

    this is a single edge server deployment. The external network interface on the edge server have private IPs assigned and NAT is provided by a firewall for the Public IPs. in this scenario public ips are not assigned directly to the external network interface on the edge server, private addresses are used instead and NAT is used.

    For example

    so you can have sip.domain.com 89.234.23.11 -> NAT -> External Private IP 10.10.10.2 on Edge Server External interface.

    Second scenario

    single consolidated Edge Servers with public ip adresses -

    this is a single edge server but Public IP address are assigned directly to the external network interface of the edge server. The firewall is NOT providing NAT for these addresses as its not required as the public addresses are assigned directly to the edge server ext interface.

    For example

    so you can have sip.domain.com 89.234.23.11 -> External Public IP 89.234.23.11 on Edge Server External interface.

    You have probably seen this but theres some diagram for this here

    https://technet.microsoft.com/en-us/library/mt346416.aspx?f=255&MSPPError=-2147217396

    If you need anything else just let me know.

    thanks,

    Martin


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer". Thank you. This forum post is based upon my personal experience and does not reflect the opinion or view of my employer.

    • Proposed as answer by Alice-Wang Friday, October 14, 2016 7:23 AM
    • Marked as answer by Alice-Wang Friday, October 28, 2016 10:01 AM
    Thursday, October 13, 2016 11:29 AM
  • Hi Lexi Mace,

    Welcome to post in our forum.

    Agree with Martin.

    As a supplement, when using public IP address on the Edge Server, the default gateway on the Edge Server is no longer your firewall or router, but the router or firewall at your public perimeter edge – which will be a public address. The reverse proxy continues to use the router or firewall associated with the outermost perimeter network. The difference between the reverse proxy and the Edge Server with public IP addresses is that the reverse proxy is still using NAT and the Edge Server is using a route relationship.

    Single consolidated edge with private IP addresses and NAT in Lync Server 2013

    https://technet.microsoft.com/en-us/library/gg399001(v=ocs.15).aspx

    Single consolidated edge with public IP addresses in Lync Server 2013

    https://technet.microsoft.com/en-us/library/jj205148(v=ocs.15).aspx

    Hope this reply helpful to you.


    Alice Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Liinus Monday, October 17, 2016 7:20 AM
    • Marked as answer by Alice-Wang Friday, October 28, 2016 10:01 AM
    Friday, October 14, 2016 7:37 AM