WebConf Lync 2010
Hello There,
I have setup a lync environment on my network, so far is working internally, I can do video conference, voice conference, from the outside I can only sing-in but I cannot join a conference from the outside, for example, if I create an invite from my Lync account and send it to my Gmail account I cannot join the meeting, I am getting like the website that is pointing on is not available, I am using all the defaults from Microsoft.
I have the edge server on a DMZ, and I have 3 Private IPs and 3 Public, so I am NAT-ing.
for SIP i am using sip.mycompany.com, for Web Conf I am using webconf.mycompany.com and for A/V av.mycompany.com, the DMZ addresses are
sip = 192.168.168.130
webconf - 192.168.168.131
av = 192.168.168.132
from the outside they are being mapped as
6x.xx.xx.150 for sip
6x.xx.xx.151 for webconf
6x.xx.xx.152 for AV
and on the topology builder where its says to specified the NAT address I am using the external address for AV
so, when I create a meeting using Lync the address to joing the meeting is:
https://meet.mycompany.com/lynsusername/<RandomLetters>
so on my external DNS what address or ip should resolve meet.mycompany.com ?? everytjing is working internally as I can go to meet.mycompany.com using my .COM internal DNS and I get the lync web app page and if a user is on my network and tries to join the meeting it will work, so now, how can I make this work for the external people?
I dont have a reverse proxy, I have a firewall and I am opening and port forwarding the ports.
Any ideas?
I have setup a lync environment on my network, so far is working internally, I can do video conference, voice conference, from the outside I can only sing-in but I cannot join a conference from the outside, for example, if I create an invite from my Lync account and send it to my Gmail account I cannot join the meeting, I am getting like the website that is pointing on is not available, I am using all the defaults from Microsoft.
I have the edge server on a DMZ, and I have 3 Private IPs and 3 Public, so I am NAT-ing.
for SIP i am using sip.mycompany.com, for Web Conf I am using webconf.mycompany.com and for A/V av.mycompany.com, the DMZ addresses are
sip = 192.168.168.130
webconf - 192.168.168.131
av = 192.168.168.132
from the outside they are being mapped as
6x.xx.xx.150 for sip
6x.xx.xx.151 for webconf
6x.xx.xx.152 for AV
and on the topology builder where its says to specified the NAT address I am using the external address for AV
so, when I create a meeting using Lync the address to joing the meeting is:
https://meet.mycompany.com/lynsusername/<RandomLetters>
so on my external DNS what address or ip should resolve meet.mycompany.com ?? everytjing is working internally as I can go to meet.mycompany.com using my .COM internal DNS and I get the lync web app page and if a user is on my network and tries to join the meeting it will work, so now, how can I make this work for the external people?
I dont have a reverse proxy, I have a firewall and I am opening and port forwarding the ports.
Any ideas?
The meet.companyname link you are refering to is supposed to go to the reverse proxy indeed. Actualy this service is running on your front end server IIS environment and for the external users named "Lync Server External Web Site". Without a referse proxy you can set up port forwarding on the external ip address port 443 to the internal port 4443. Make sure that the certificate you'll assign to the external web site has the name meet.companyname there as well and setup your public dns to rout the meet name to the public ip address.
so do I need another public ip for the meet.companyname.com for example 6x.xx.xx.153 for meet ? and then use the ip for the port forwarding?
and also, since the 6x.xx.xx.15x addresses are on a DMZ zone, the one for port forwarding needs to be on a non DMZ zone?
You are right, an additional ip is needed and needs to be forwarded to the (none DMZ) IP adderss of the frontend server. Alternately, you can install a free reverse proxy from appache (http://social.technet.microsoft.com/Forums/en-US/ocsedge/thread/77752c28-15f0-40b8-b1e0-78c79805239b gives a nice step by step guide) and seperate the internal networ from the external one through this.