Chapter 3: Network Requirements and Preparation SA-100 Planning, Installation and Administration Guide
ShoreTel 12.1 23
Figure 3-2 Deployment in the DMZ
WARNING The SA-100 will not function if it is positioned in the DMZ and network
traffic initiated from the trusted zone to the SA-100 goes through NAT
(Network Address Translation). The SA-100 will display a “Lost
Communication” status in ShoreWare Director.
•Enable routable traffic between the DMZ and LAN. Network Address Translation
(NAT) can not be used for network traffic between these points.
•Adequate bandwidth between DMZ and LAN with a minimum of voice latency and
•DNS (Domain Name System) configuration to resolve both internal and external
addresses. A DNS configured to external addressing only, with a host file configured
to handle traffic internally, may be used as an alternative.
•If an SA-100 is made available from the Internet, all other SA-100 appliances need to
be accessible and addressable from the Internet.
•The network requires port-forwarding through the firewall which is restricted to
Web ports (80-unsecure & 443-HTTPS).
NOTE ShoreTel does not support using a reverse-proxy server instead of port-