Microsoft LYNC Server - Can it work internally AND externally without Forefront / TMG ?
Posted on 2014-11-16
I have deployed a Microsoft LYNC server topology, and I am able to get it working internally without any issue. It is a great program and we are using it to increase productivity since the day that it was installed, from sharing desktops to chatting and answering questions later, to the invaluable Exchange integration and saved conversations. MARVELOUS!
However....I am not able to get Microsoft Lync working externally no matter what I do, and it all seems to point to the fact that I am not using Microsoft Forefront / TMG firewall (at least this is the direction that research seems to point at).
- I am running Lync Enterprise
- I have a Lync topology published
- I have 2 servers deployed, and have Lync installed on both, and I have not been able to publish my external topology to the second server
- I started with a WILDCARD certificate on the public server, and there seems to be an issue if the host name is not one of the common names. I Updated the cert with a SAN cert that had the public hostnames (3 of them) as SAN's in the cert, which still did not work.
- I have 2 different websites published on the server and have (2) different IP addresses bound to the server, with (1) site bound to the external and (1) bound to the internal - still no go.
Has anyone else fought with this and had similar results? Does anyone have a step-by-step guide that they have personally used that I can use to deploy my Lync topology to make the public use work? Throughout my changes and trials and tribulations, my internal site has stayed working without incident. My goal is to:
- Have LYNC work from the public internet so that Lync clients like Android/Ipad/Iphone can work to keep my users even MORE connected to the internal office
- Have LYNC work from a public website so that external non-Lync users may join web chats / video conferences using the external web links.
- Have LYNC work from a web client so that an external user can log into the web client from outside of the office environment
Any help is appreciated, thank you!