firewall between Unity and PDC, and Exchange Server

sdeltoro1 · ‎12-21-2009

anyone knows why the PDC, and Exchange must be comunicate to Unity without firewall?, is it posible using cisco ASSA and open all to and from unity to those servers?.

System Requirements for Cisco Unity Release 7.x

I found that for Failover Requirements for Separating Cisco Unity Servers by a Firewall

the primary server unity not be separated by a firewall from:

The partner Exchange server.

–

The domain controller that Cisco Unity monitors for directory updates.

–

The global catalog server that Cisco Unity monitors for directory updates.

–

The global catalog server with which the Cisco Unity MAPI client communicates.

•

The partner Exchange server cannot be separated by a firewall from the domain controllers and the

global catalog server that the partner server communicates with.

Bradford Magnani · ‎12-21-2009

Hi,

These requirements are put into place for specific performance and integrity reasons. Unity completely relies on AD and Exchange in this type of scenario and once traffic has the potential to be blocked/stripped/dropped, you're asking for trouble. The answer is; that's how the product is designed and tested. Anything straying from these specific guidelines will not be supported by Cisco.

Hope that helps,

Brad

Tray Stoutmeyer · ‎12-22-2009

If you are worried about security for your Unity, please look at the security guide. It may help you.

http://www.cisco.com/en/US/docs/voice_ip_comm/unity/42/security/guide/ex/ex.html

Also here is the doc regarding ports that are needed for Unity to function through a firewall...

https://www.cisco.com/en/US/docs/voice_ip_comm/unity/5x/security/guide/ex/5xcusec030e.html#wpxref62278

Tray