M A
asked on
Use lync outside the network
I have installed lync2010 and is working perfectly from inside the org.
Now I need important users to connect to lync when they are out.
Without edge is possible? without edge is recommended?
As of now I am using my internal CA certificate.
Now I need important users to connect to lync when they are out.
Without edge is possible? without edge is recommended?
As of now I am using my internal CA certificate.
ASKER
You mean I have to install Lync on another hardware?
If only you have multiple edge severs, You should purchase a public certificate for external access and import this on each edge server.
ASKER
As of now I have only one server.
what all things I have to do to make it available from outside (except NAT in firewall)
what all things I have to do to make it available from outside (except NAT in firewall)
Purchase a public certificate and install it as per the tech article. Then it will be accessible externally.
ASKER
How lync client will reach the server. Using what name?
servername.internaldomain. com
or
I have to configure external name ?
servername.internaldomain.
or
I have to configure external name ?
Obviously it should be external one for external access.
ASKER
Where Io will configure external name in such a way a user go out from office and open laptop it should work.
ASKER
Where I will configure external name in such a way a user go out from office and open laptop it from outside and it works?
Yes, it will work
ASKER
Where I will configure external name?
You can can configure the server and the certificate should be https://servername.yourpublicdomain.com
ASKER
"The server is not responding or cannot be reached...."
This is the error I get when I try to login from outside
What could be wrong
This is the error I get when I try to login from outside
What could be wrong
ASKER
Could you add the site into trusted list from IE and provide admin credentials to login.
Ensure that the logon users are member os Csadministrator group in AD.
Also, check the dns entries whether its present.
Ensure that the logon users are member os Csadministrator group in AD.
Also, check the dns entries whether its present.
ASKER
It is only working with internal servername/IP
It is not working with external servername/IP
From internal network I configured internal and external name. it is working
But outside network it is not working. when I connect VPN from outside it is working with the internal name
What shall I do to make it working from outside with the external name?
It is not working with external servername/IP
From internal network I configured internal and external name. it is working
But outside network it is not working. when I connect VPN from outside it is working with the internal name
What shall I do to make it working from outside with the external name?
The name should be configure in the certificate.
ASKER
It is already configured
ASKER
BTW
SIP domain is internal domain name (i.e. xyz.com)
external FQDN is abc.com (I added this as additional SIP domain)
SIP domain is internal domain name (i.e. xyz.com)
external FQDN is abc.com (I added this as additional SIP domain)
ASKER
Now I added SRV records (_kpasswd, _ldap, _gc) now it is working with external name from inside.
Do I have to create SRV records in external DNS?
Do I have to create SRV records in external DNS?
The host A record would be sufficient, since it's working internally after adding the srv records, it's worth to try creating a srv record.
ASKER
_internaltls._tcp.external name.com
or
_sip._tls.externalname.com
?
or
_sip._tls.externalname.com
?
Its sip.tls.externalname.com
ASKER
I have created SRV records same like as in internal DNS but still no luck.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Do you know how it works from outside?
So that I can check and trouble shoot in a short time.
So that I can check and trouble shoot in a short time.
ASKER
Please help it is not working from outside
Any thought of connecting the users to a VPN internally and then they should be able to connect as if they were in the office..have many customers set up this way.
ASKER
Already users connected through VPN from outside. I want users to connect without vpn from outside.
ASKER
awaiting your reply
I think the only way to connect without VPN is either to setup a reverse proxy (have seen customers do this, essentially publish Lynch on the DMZ) or have everyone register with an outiside entity such as Microsoft.
ASKER
how to setup reverse proxy
I do not have DMZ
I do not have DMZ
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I have managed to work from outside by doing a port forwarding from 8080/4443 to 80/443
but no audio and video calls can you help to configure
but no audio and video calls can you help to configure
ASKER
I found another site to configure without reverse proxy
I am interested in comments by abbasiftt. I have thus far been unable to get it working via VPN (this should be easier).
Getting "There was a problem verifying the certificate from the server"
From what I've read it's been suggested that I manually import the certificate from the server to the VPN client. No problem but cannot identify which cert is the one (for Lync) I should be exporting/importing?
Is this the right suggestion? If so, how do I identify which cert to import?
Getting "There was a problem verifying the certificate from the server"
From what I've read it's been suggested that I manually import the certificate from the server to the VPN client. No problem but cannot identify which cert is the one (for Lync) I should be exporting/importing?
Is this the right suggestion? If so, how do I identify which cert to import?
Have a look at this MS article which detsils the steps
technet.microsoft.com/en-u