[VoiceOps] Lync, VPN and DNS?

Ryan Delgrosso ryandelgrosso at gmail.com
Tue Feb 3 01:23:19 EST 2015

Is there a reason you're tunneling the signaling at all? Seems like the 
path of least resistance would be to let the signaling and media take 
the same path. You're obviously already handling NAT traversal if you 
have the media going public.

On 2/2/2015 10:00 PM, Ray Van Dolson wrote:
> We have a corporate Lync environment with a large # of users hitting it
> via their VPN tunnels.  We've set up routing on the VPN client side to
> allow VOIP traffic to be routed over the public network rather than
> through the tunnel -- if we can just get the DNS lookups to return the
> public IP's instead of the internal IP's.
> We run BIND and I'm struggling to see a solution short of creating a
> special view or separate BIND server just for VPN clients in which I
> need to create many zone files to override the relevant Lync DNS
> records (one zone per record since unfortunately all of our
> Lync-related records live within our primary domain).
> Seems ugly and error prone.  Maybe BIND's RPZ could help?  Or maybe
> there's some simpler solution I'm missing.
> We also have F5 w/ GTM -- maybe some magic could be done there.
> Any thoughts/advice?
> Ray
> _______________________________________________
> VoiceOps mailing list
> VoiceOps at voiceops.org
> https://puck.nether.net/mailman/listinfo/voiceops

More information about the VoiceOps mailing list