As some of you may know, over the last few weeks I have been setting up a complete OCS 2007 R2 deployment at home to get more familiar with how it all hangs together!
Part of that deployment of course includes Enterprise Voice, and realistically, without connecting the system to the PSTN my testing options were rather limited!
At first I tried this by using my Audiocodes MP114 gateway plugged into my home phone line, and whilst this worked fine, I was limited to only one line.
So I decided to consider implementing SIP trunking to an ITSP. Clearly the main issue with that is that OCS requires a SIP over TCP connection rather than the more common SIP over UDP connection.
Therefore I was most pleased when I bumped into Peter Gradwell at the UCExpo at Olympia. We had discussed this options previously and now moved forward.
What follows is an explanation of how I setup OCS to talk to the Gradwell systems being used to pilot connectivity to OCS.
The first steps were for Gradwell to set me up with a few numbers and then to provision me an account on their VPN system so that I could connect to their network. Another option would have been to put a Public IP address on a NIC on my Mediation server, but this is not what Microsoft recommends and also I didn?t have a spare public IP!
So back to the Mediation server, realistically if doing this in production, it would be normal to have a network device connect to the VPN, but given the pilot nature of this system, I setup the VPN on the Mediation server itself.
I configured the VPN to talk to the host IP given by Gradwell and followed their instructions about security which included;
On the options tab click PPP Settings and remove all check boxes
On the security tab select advanced and then set the setting as below, allowing optional encryption, enabling PAP (and CHAP and MS-CHAP):
Under the networking tab, I selected PPTP VPN and most importantly, on the properties of the IPv4 protocol set it to use my internal DNS server, otherwise the mediation server picks up the DNS settings from the VPN and can?t resolve active directory!
Having established the VPN, I then setup a static route on the Mediation server so that I could ping the host where calls would be directed.
The following command was used to setup the static route
Route Add ?P 184.108.40.206 MASK 255.255.255.0 79.xxx.xxx.137
At this point the Mediation server was connected to the VPN and ideally I would have simply pointed the mediation server to the VPN IP address as it?s next hop for calls.
However, as the VPN is not a fixed NIC, this is not possible.
I therefore got an additional IP assigned by Gradwell and routed via the VPN address at their end. This IP address was assigned to the second NIC in the Mediation server using the details below, the key thing being to use a subnet mask of 255.255.255.255
This done, there was one final piece of configuration which is most important!
Windows Server 2008 (which is what is on my mediation server) is more secure that server 2003 by default. Therefore traffic is not able to be forwarded between NICs.
To enable this I used the following command.
netsh interface ipv4 set int “2nd NIC name” forwarding=enabled
netsh interface ipv4 set int “vpn name” forwarding=enabled
This allowed traffic to flow from the 2nd NIC in my mediation server across to the VPN adaptor and then out to Gradwell.
At this point, I moved to the OCS R2 Admin console and drilled down to the Mediation server, right clicked and selected properties.
The gateway listening IP address was set to the second NIC mention above and configured to listen on port 5060 as shown below:
Then on the ?Next hop connections? tab I configured the mediation server to route calls to the Gradwell host required on port 5060 using TCP as shown below.
Having saved all the configuration and restarted the mediation services (or just restart the server), then I made sure the VPN was up and that Gradwell had authorised my IP addresses to make calls and tested.
It all works and I can make and receive calls over the SIP trunk!