I ran into an interesting problem when I was deploying OCS 2007 R2 enterprise voice for a law firm. I usually turn off the firewall for all of the server roles aside from the Edge server but missed the mediation server for this deployment for whatever reason. What’s interesting is that whenever you deploy OCS 2007 R2 on a Windows 2008 server, you always get warned at the end if you already have the firewall turned off that your services would not get put in as exceptions. In my case during this deployment, I left it on so the exception for the services were put in.
The following are the notes I took documenting the issue:
When installing the OCS 2007 R2 Mediation server role on a Windows 2008 R1 server with the firewall turned on, the installation automatically puts the mediation server service in the firewall’s exception. Calls continue to work but the following behavior are experienced by users:
1. OCS user initiates outbound PSTN call.
2. PSTN user picks up and says: “Hello.”
3. OCS user does not hear the user because he/she has not said anything and cannot hear the PSTN user.
4. After 5 seconds, the OCS user finally says: “Hello.”
5. Now that the OCS user has caused mediation server to send traffic out, the traffic generated by the PSTN user now makes it to the OCS user.
6. Call proceeds without any issues.
It almost seems like since the device behind the firewall has not sent any packets out, all traffic coming in is blocked. Once the device behind the firewall sends out a packet, the responding traffic is then allowed in.
Hope this helps anyone out there that may experience this issue.