Mitel Forums - The Unofficial Source
Mitel Forums => Mitel Software Applications => Topic started by: sunspark on November 15, 2017, 05:38:33 AM
-
Hi ,
I have a micollab 7.3 in lan mode with a MBG in Dmz
Micollab: lan address 192.168.1.1
Mbg.mycompagny.com / public address: x.x.x.58
conf.mycompagny.com / public address: x.x.x.59
I look at the engenieering guideline, but I do not understand how I have to redirect AWC in the firewall
Ps: I'm in version 7.2 so I have to use two external addresses.
Any help will be appreciated.
-
You may want to upgrade to latest so that you can use a single external ip. Firewall rule as I think for the second address is inbound 443 converts to 4443, hits the web proxy and get sent to AWV. Reverse rule for outbound.
I think the new single name and just allowing 4443 internal and external makes for an easier install and if having to deal with firewall vendors less of a hassle.
-
Actually , i dont have swa , so i'm not able to upgrade.
-
Easiest way to see what ports you need open is use the Teleworker Network Analyzer, run it locally and see what ports are open on the server, those need to be forwarded in the firewall.
As far as second IP, I've always struggled with that one... Usually open all the AWV/Conference/Collaboration ports and it works.
Sent from my Moto G (5) Plus using Tapatalk
-
Easiest way to see what ports you need open is use the Teleworker Network Analyzer, run it locally and see what ports are open on the server, those need to be forwarded in the firewall.
As far as second IP, I've always struggled with that one... Usually open all the AWV/Conference/Collaboration ports and it works.
Sent from my Moto G (5) Plus using Tapatalk
Hi Ace ,
I just want to know , if i need a special public address on each MBG (in dmz mode) for awc ?
cheers
-
You could also change the internal and external address on AWV to the same 4443 and forward 4443 from outside address used by MAS to it's internal address. I don't know your dmz setup. This would bypass proxy for connectpoint traffic
-
You could also change the internal and external address on AWV to the same 4443 and forward 4443 from outside address used by MAS to it's internal address. I don't know your dmz setup. This would bypass proxy for connectpoint traffic
Ok but if i want tu use a specific address for awc? I have tu use wan interface for dmz?
-
The second ip only comes into play with the client connection i.e. connectpoint. Web access can follow the proxy. The way the join via client works is it ask for a connect using the programmed values in AWC, how you connect to make a meeting creates the web URL's
-
do this
PUB1 with name conf.company.com --- natted to MBG internal address
PUB2 with name confclient.company.com ---natted to internal MBG address
on MBG setup as local dns and set entry for both names to the internal address of the Micollab
setup webproxy on the MBG to handle these names
open TCP ports 443 80 5060,5061 6801,6802 3998 6881 36008 37000
and UDP ports 5060 69 20000-35999
PUB1 is used for TW handsets
name1 is used for awv access and micollab client access
name 2 is used in the background for the AWV client - has to be set in AWV blade