To support mobile users from both inside and outside the corporate network, your internal and external web FQDNs must meet some prerequisites. In addition, you may need to meet other requirements, depending on the features you choose to implement:
- New DNS, CNAME or A (host, if IPv6, AAAA) records, for automatic discovery.
- New firewall rule, if you want to support push notifications through your Wi-Fi network.
- Subject alternative names on internal server certificates and reverse proxy certificates, for automatic discovery.
- Front End Server hardware load balancer configuration changes source affinity.
Your topology must meet the following requirements to support the Mobility Service and the Autodiscover Service:
- The Front End pool internal web FQDN must be distinct from the Front End pool external web FQDN.
- The internal web FQDN must only resolve to and be accessible from inside the corporate network.
- The external web FQDN must only resolve to and be accessible from the Internet.
- For a user who is inside the corporate network, the Mobility Service URL must be addressed to the external web FQDN. This requirement is for the Mobility Service and applies only to this URL.
- For a user who is outside the corporate network, the request must go to the external web FQDN of the Front End pool or Director.
If you support automatic discovery, you need to create the following DNS records for each SIP domain:
- An internal DNS record to support mobile users who connect from within your organization’s network.
- An external, or public, DNS record to support mobile users who connect from the Internet.