Remove From My Forums

Cloud Connector (CCE) 2.0 - DNS and Certificate

Question
0

Sign in to vote
Hi,

We are going to configure two Cloud Connectors ( 2.0) in each site and have 5 PSTN sites. I need some help on DNS and certificate.

1. How do I request External and Internal DNS record for the below configuration.

PSTN SITE 01:

host1 : 192.168.1.10 (Access edge and Media)
host2 : 192.168.1.11 (Access edge and Media)

Edge: APUSA.SIPdomain.com

DNS Record: APUSA.SIPdomain.com

Need help on the blow questions.

1. should i add all the above public IPS in the record?
2. Do we need any internal DNS records to be created? if so,
3. Physical servers should be in domain? or be in standard alone?
4. Certificate
Can i use wildcard certificate: SN: *.SIPdomain.com, SAN, SIP.sipdomain.com
per MS, we cna use SN = FQDN and SAN=

Thank you,

Regards,
Madhu
- Edited by MAdhuSri01 Wednesday, July 26, 2017 2:34 PM
Wednesday, July 26, 2017 8:27 AM

Answers

0

Sign in to vote
Hi MAdhuSri01,

Question1:

Yes, you need to create external DNS record for access Edge.

Question2:

Yes, you need to create internal DNS records.

As each CCE deploys one ADDS, therefore all the internal DNS records will point to deployed CCE internal DNS.

Question3:

With Cloud Connector Edition, you deploy a set of packaged VMs that contain a minimal Skype for Business Server topology—consisting of an Edge component, Mediation component, and a Central Management Store (CMS) role. You will also install a domain controller, which is required for the internal functioning of Cloud Connector. These services are configured for hybrid with your Office 365 tenant that includes Skype for Business Online services. But for the physical host machine, don’t add it to the domain.

Question4:

For the certificate, you can choose either SAN certificate with multiple entries or wildcard certificate, for details, please refer to the following document https://insidemstech.com/2016/04/29/skype-for-business-cloud-connector-edition-public-dns-ip-and-certificates-requirements/

Here is also a blog about CCEhttps://technet.microsoft.com/en-us/library/mt605227.aspx
https://technet.microsoft.com/en-us/library/mt605228.aspx

Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
Regards,

Alice Wang

Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Marked as answer by MAdhuSri01 Tuesday, August 1, 2017 10:58 AM
Thursday, July 27, 2017 5:17 AM
0

Sign in to vote
Hi MAdhuSri01,

Question1:

Yes, you need to add two CCE public IP address to external DNS record, you don’t need to create Media relay DNS record separately.

Question2:

Question3:

In my opinion, you could use this wildcard certificate.
Regards,

Alice Wang

Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Marked as answer by MAdhuSri01 Tuesday, August 1, 2017 10:56 AM
Tuesday, August 1, 2017 9:26 AM

All replies

0

Sign in to vote
Hi MAdhuSri01,

Question1:

Yes, you need to create external DNS record for access Edge.

Question2:

Yes, you need to create internal DNS records.

As each CCE deploys one ADDS, therefore all the internal DNS records will point to deployed CCE internal DNS.

Question3:

With Cloud Connector Edition, you deploy a set of packaged VMs that contain a minimal Skype for Business Server topology—consisting of an Edge component, Mediation component, and a Central Management Store (CMS) role. You will also install a domain controller, which is required for the internal functioning of Cloud Connector. These services are configured for hybrid with your Office 365 tenant that includes Skype for Business Online services. But for the physical host machine, don’t add it to the domain.

Question4:

For the certificate, you can choose either SAN certificate with multiple entries or wildcard certificate, for details, please refer to the following document https://insidemstech.com/2016/04/29/skype-for-business-cloud-connector-edition-public-dns-ip-and-certificates-requirements/

Here is also a blog about CCEhttps://technet.microsoft.com/en-us/library/mt605227.aspx
https://technet.microsoft.com/en-us/library/mt605228.aspx

Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make sure that you completely understand the risk before retrieving any suggestions from the above link.
Regards,

Alice Wang

Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Marked as answer by MAdhuSri01 Tuesday, August 1, 2017 10:58 AM
Thursday, July 27, 2017 5:17 AM
0

Sign in to vote
Hi Alice,

Thank you so much for the reply. But still i'm looking for the answers.

Question1

We have two CCE sites, Do we need to add two CCE's public IP address to the external DNS record ?

And do we need to create Media relay DNS record separately

Question 2:

DNS records for Office 365 already in place, what type of internal records for CCE to be created?

Question 4:

Certificate:

Customer is already having wildcard certificate, with CN= *.sipdomain.com, SAN = sip.sipdomain.com. can we use this for CCE?

Once again thank you for your valuable inputs.

Thank you,

MadhuSri
- Edited by MAdhuSri01 Thursday, July 27, 2017 7:42 AM
- Marked as answer by MAdhuSri01 Tuesday, August 1, 2017 10:58 AM
- Unmarked as answer by MAdhuSri01 Tuesday, August 1, 2017 10:58 AM
Thursday, July 27, 2017 7:37 AM
0

Sign in to vote
Hi MAdhuSri01,

Question1:

Yes, you need to add two CCE public IP address to external DNS record, you don’t need to create Media relay DNS record separately.

Question2:

Question3:

In my opinion, you could use this wildcard certificate.
Regards,

Alice Wang

Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.
- Marked as answer by MAdhuSri01 Tuesday, August 1, 2017 10:56 AM
Tuesday, August 1, 2017 9:26 AM
0

Sign in to vote

Thank you so much Alice. Its really help full.

Tuesday, August 1, 2017 10:57 AM
0

Sign in to vote

Hi Alice,

One more last question. When we setup cloud connector, will S4B client can get "Dial-pad" with E5 license? or i need to buy any add-ons like PSTN calling?

Thanks,
MadhuSri

Tuesday, August 1, 2017 3:44 PM
0

Sign in to vote

Hi MAdhuSri01,

If your country is not supported for PSTN calling for SFB online, after you established the CCE, you could use PSTN service with SFB on premise.

Here is a blog for your reference
https://support.office.com/en-us/article/Skype-for-Business-add-on-licensing-3ed752b1-5983-43f9-bcfd-760619ab40a7

Regards,

Alice Wang

Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

Thursday, August 3, 2017 8:05 AM

Products

Resources

Solutions

Updates

Trials

Related Sites

Training

Certifications

Other resources

Support options

More support

Not an IT pro?

Answered by:

Cloud Connector (CCE) 2.0 - DNS and Certificate

Question

Answers

All replies