Lync 2010 and Reverse Proxy

supporthl
supporthl used Ask the Experts™
on
Hi,

i am really pulling my hair out here and could do with some help! I am completely new to Lync and OCS and have been trying to pick it up as i go along

i have recently deployed Lync 2010 into our organisation (my first time doing this) and all works apart from Online meetings and mobile access externally,

i have the following setup

Lync Standard --- > Lync Edge
          |
          V
   TMG Server

i dont think i have my topology set up right, should i have rules from my firewall pointing at my edge and not my TMG?

as it stands i have no firwall rules pointing at my TMG just my edge...

urls are as follows,

sip.domain.com - xxx.xxx.xxx.230
meet.domain.com/meet - xxx.xxx.xxx.230
dialing..domain.com/dialin - xxx.xxx.xxx.230

i have a SAN cert installed.

i used the www.testocsconnectivity.com website and it all said ok, apart from the Mobile access test which said there was a problem with the reverse proxy. the message is as follows::

If you are using a Reverse Proxy to get to the Access Edge Server, this could possibly be an issue with Reverse Proxy configuration.: Exception Details: Message: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. Type: System.IO.IOException Stack Trace: at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost) at TestOCSConnectivity.Tests.SSLCertificateTest.PerformTestReally() Exception Details: Message: Unable to read data from the transport connection: An existing connection was forcibly closed by the remote host. Type: System.IO.IOException Stack Trace: at System.Net.Sockets.NetworkStream.Read(Byte[] buffer, Int32 offset, Int32 size) at System.Net.FixedSizeReader.ReadPacket(Byte[] buffer, Int32 offset, Int32 count) at System.Net.Security.SslState.StartReceiveBlob(Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ForceAuthentication(Boolean receiveFirst, Byte[] buffer, AsyncProtocolRequest asyncRequest) at System.Net.Security.SslState.ProcessAuthentication(LazyAsyncResult lazyResult) at System.Net.Security.SslStream.AuthenticateAsClient(String targetHost) at TestOCSConnectivity.Tests.SSLCertificateTest.PerformTestReally()

any help would be very much appreciated
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
The Edge Server and the Reverse Proxy should BOTH behind firewalls as they provide access to completely different services.

External SIP signaling, web conferencing, media, and other connections from clients should flow from Internet > Firewall > Edge Server > Firewall > Front End Server.

While external client requests for web services (443 and 80 traffic) should flow from Internet > Firewall > Reverse Proxy> Firewall > front End Server.

The Reverse Proxy server 'publishes' the IIS web sites on the Front End server to the Internet, and the Edge Server publishes all other Lync services.

Author

Commented:
Ok, that does make sense, and in my he's that's what I thought, I will give it another go tommorrow, thanks or your advise

Author

Commented:
ok, Thanks Jeff,  that works! i have online meetings working externally and the test OCS for mobile autodiscover works great! however, mobile devices arnt working

I have applied update 4, but when i try and connect using autodiscover or manually it doesnt work... internally or externally for iphones or android...

i dont understand as the Test OCS Website works fine and doenst report any errors?!?!?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial