firewall between Unity and PDC, and Exchange Server

Unanswered Question
Dec 21st, 2009

anyone knows why the PDC, and Exchange  must be comunicate to Unity  without firewall?, is it posible using cisco ASSA and open all to and from unity to those servers?.

System Requirements for Cisco Unity Release 7.x

I found that for  Failover Requirements for Separating Cisco Unity Servers by a Firewall

  the primary server unity not be separated by a firewall from:

The partner Exchange server.

The domain controller that Cisco Unity monitors for directory updates.

The global catalog server that Cisco Unity monitors for directory updates.

The global catalog server with which the Cisco Unity MAPI client communicates.

The partner Exchange server cannot be separated by a firewall from the domain controllers and the

global catalog server that the partner server communicates with.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Bradford Magnani Mon, 12/21/2009 - 11:24


These requirements are put into place for specific performance and integrity reasons.  Unity completely relies on AD and Exchange in this type of scenario and once traffic has the potential to be blocked/stripped/dropped, you're asking for trouble.  The answer is; that's how the product is designed and tested.  Anything straying from these specific guidelines will not be supported by Cisco.

Hope that helps,


Tray Stoutmeyer Tue, 12/22/2009 - 07:02

If you are worried about security for your Unity, please look at the security guide. It may help you.

Also here is the doc regarding ports that are needed for Unity to function through a firewall...



This Discussion