locked
DHCP to Polycom phones of disconnected networks RRS feed

  • Question

  • The customer has several sites that are not connected whatsoever, yet the desire is to host all of the Lync server roles in a data center, and the thought of SBA or SBS is already a no.

    Because the Polycom phones get their IP addresses via DHCP, what is the best approach for these remote phones to connect to the data center? Keep in mind that they only want the phones to connect.

    Obviously a VPN connection would have to be setup from each site to the data center, and it would seem that a VLAN at each remote site would have to be setup just for the Polycom phones. This ideally would make it seem like the phones are extended from the main data center. Yes?

    This is not what I would recommend, though it is how they want to bring the remote phones to the main data center, thus the Lync servers.

    Your feedback is greatly appreciate!

    Thanks,

    Christian


    Christian Frank

    Saturday, November 15, 2014 7:20 PM

Answers

  • You could just have the phones connect externally to the data center via Lync Edge and Reverse Proxy: http://technet.microsoft.com/en-us/library/gg398918.aspx

    Please mark posts as answers/helpful if it answers your question.
    Blog
    Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

    • Proposed as answer by PaulB_NZMVP Sunday, November 16, 2014 11:35 PM
    • Marked as answer by Christian Frank Wednesday, November 19, 2014 6:36 PM
    Sunday, November 16, 2014 8:28 AM
  • Hi,

    Agree with Michael.

    The location of the Registrar and the URL of the Device Update Web service for the organization must be published in DNS if external access is to be enabled. Additionally, the Edge Server must be deployed and correctly configured to allow external communications from the device to the corporate environment and back.

    Here is a link of the difference between how an IP phone connects in an internal and external network:

    http://technet.microsoft.com/en-us/library/gg425740.aspx

    Best Regards,
    Eason Huang


    Eason Huang
    TechNet Community Support

    Wednesday, November 19, 2014 9:32 AM

All replies

  • You could just have the phones connect externally to the data center via Lync Edge and Reverse Proxy: http://technet.microsoft.com/en-us/library/gg398918.aspx

    Please mark posts as answers/helpful if it answers your question.
    Blog
    Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

    • Proposed as answer by PaulB_NZMVP Sunday, November 16, 2014 11:35 PM
    • Marked as answer by Christian Frank Wednesday, November 19, 2014 6:36 PM
    Sunday, November 16, 2014 8:28 AM
  • Hi,

    Agree with Michael.

    The location of the Registrar and the URL of the Device Update Web service for the organization must be published in DNS if external access is to be enabled. Additionally, the Edge Server must be deployed and correctly configured to allow external communications from the device to the corporate environment and back.

    Here is a link of the difference between how an IP phone connects in an internal and external network:

    http://technet.microsoft.com/en-us/library/gg425740.aspx

    Best Regards,
    Eason Huang


    Eason Huang
    TechNet Community Support

    Wednesday, November 19, 2014 9:32 AM
  • Thanks! With regards to the certificate that is downloaded to the phone, I've learned (since posting) that for phones that are external, a commercial trusted certificate should be placed on the Edge server, as these are what is currently installed on each Polycom phone. The following then is my question:

    If the customer has their own internal Enterprise PKI, can this Enterprise PKI's root certificate then somehow be placed on each phone (for those that go external), and on the Edge, so that when the phone attempts to register from external, it will trust the private root that is on the Edge server?

    Thanks!


    Christian Frank

    Wednesday, November 19, 2014 6:47 PM
  • Using a Third-Party Certificate on the edge would be the recommendation. Are you using a the Polycom VVX or CX phones?

    Take a look at Jeff Schertz' blogs:



    Please mark posts as answers/helpful if it answers your question.
    Blog
    Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.

    Wednesday, November 19, 2014 8:41 PM