MS Lync External Clients AV

Hey Experts,
I used the following guide to setup a Lync Standard server.   Chat externally works perfect but the AV does not work externally.  Internally just fine.  I am guessing there is some step not in the guide for external AV but i am missing it.  Any help with be great!  Thank you!
http://imaucblog.com/archive/2010/09/15/step-by-step-microsoft-lync-2010-consolidated-standard-server-install-guide/
tsukrawAsked:
Who is Participating?
 
MikeKaneCommented:
Have you deployed an EDGE pool for external comm?     External FQDNs for Edge should include names for SIP, WebConf, and AV.    HAve a look here for more information.  

http://ocsguy.com/2010/11/21/deploying-an-edge-server-with-lync/
0
 
tsukrawAuthor Commented:
No i do not have a edge pool...It wasnt in the guide i followed i guess.  So it says to set a external FQDN.  What if they internal and external are the same? It will not let me set that.  Are we going to want to set the external to soemthing different?
0
 
tsukrawAuthor Commented:
Like in the steps it has a Front End and the edge, is it possible to run these on the same physical box?  We only have like 20users so it seems like it would be a big waste to have to have them on seperate boxes.
0
Free Tool: Path Explorer

An intuitive utility to help find the CSS path to UI elements on a webpage. These paths are used frequently in a variety of front-end development and QA automation tasks.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
MikeKaneCommented:
If they are all internal, then you should be able to only use the 1 front end pool server.   However, if you have anything on the outside wanting access, then you need the edge services.  


0
 
tsukrawAuthor Commented:
Can the edge services be installed on the computer running the front end pool?
0
 
MikeKaneCommented:
I don't believe so.   You need a separate host for that.    


 
0
 
tsukrawAuthor Commented:
Alright.
So in the guide it looks like they assigned the public IPs right to the nic.

In my setup i have a single public IP that will be used.  Let say it is 4.2.2.2(PUBLIC).  Internal is (192.168.0.1)  would i want to then have a second internal say (192.168.0.2) that has the public nated to it?  Since looking at the guide i see a Internal IP address / External IP address / Public IP address...
0
 
MikeKaneCommented:
For the edge server, you need 2 nics.  Ideally, you want 1 nic on the inside network and 1 nic in the DMZ.  The server will span the DMZ to the internal network (this setup drives me bat-sh*t crazy since it bypasses the firewall).     The internal NIC will have an internal ip that you use to speak with the front end pool server you already have.  The external(DMZ) nic will have its own ip on that subnet.   the Public IP is the IP address you will NAT to when going outbound to the internet (if you will have a firewall controlling access to this).

The edge server will need a cert on the outside.  
I use:
sn:sip.domain.com
san:sip.domain.com
san:meet.domain.com
san:av.domain.com
san:webconf.domain.com  

It will also need a cert on the inside, but this one can come from your self-signed domain cert server (its only used to speak with the front end anyway)

Hope that helps.  

0
 
tsukrawAuthor Commented:
Ok i was able to get it working with just 1 nic.  I used 2 IPs from my internal subnet.  Set 1 to the internal to connect to the front end.  and 1 as the external.  Then i created a packet filter in my firewall and forwarded the ports to the IP i set as the external.  Tested it and everything seems to work perfectly video and audio no problems.  Even sharing programs seemed to work perfectly!  

The one thing i did notice that didnt work was PowerPoint presentations?  Do they require something special to work?

Thank you very much for all this help Mike it has been greatly appreciated!
0
 
MikeKaneCommented:
I've had mixed luck with application sharing so far.   Some work, some don't.      Sharing the entire desktop out seems to be the better choice at the moment.  At least for me.
0
 
tsukrawAuthor Commented:
Question with Meeting / conference.  
So it worked before without the edge server.  We had the external IP NATed to the frontend server.  So when we sent out a meeting request the url looked like http://meet-lync.domain.com/bla/bla bla....  Now that we got the edge in place we only have the 1 public IP it appears to have Web Conferencing on port 444 which is indeed forwarded to the edge server.  But when we send the request for a meeting the url still looks the same and trying to use 443....Which in my edge config screen it looks like A/V service is now using 443...

Did i make any sense there?
How do we get meeting back online or do we want to have the meet-lync on a seperate IP and have it sent to the front end server?
0
 
MikeKaneCommented:
When you setup lync, you needed to assign several simple URLs in the Topology builder.    One of these URLS was for Meetings.  The default URL for meetings is meet.domain.com and this lives on the Front End Pool.    Meetings internally should be working fine.    For external users and those outside the company without lync, you need to forward this meet.domain.com url to the front end server using either an IIS in the DMZ to publish it or open a port (or a public IP) on the firewall and send the traffic to the front end pool.  You will need an external A record for meet.domain.com to reflect the Public IP.     Meet.domain.com does not go through Edge, it's directed to the front end pool.  

0
 
tsukrawAuthor Commented:
Guide was very helpful and was able to get a edge up and running and connect externally.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.