?
Solved

Microsoft LYNC Server - Can it work internally AND externally without Forefront / TMG ?

Posted on 2014-11-16
3
Medium Priority
?
299 Views
Last Modified: 2014-12-05
Hello,

I have deployed a Microsoft LYNC server topology, and I am able to get it working internally without any issue.  It is a great program and we are using it to increase productivity since the day that it was installed, from sharing desktops to chatting and answering questions later, to the invaluable Exchange integration and saved conversations.  MARVELOUS!  

However....I am not able to get Microsoft Lync working externally no matter what I do, and it all seems to point to the fact that I am not using Microsoft Forefront / TMG firewall (at least this is the direction that research seems to point at).

Some details:

- I am running Lync Enterprise
- I have a Lync topology published
- I have 2 servers deployed, and have Lync installed on both, and I have not been able to publish my external topology to the second server
- I started with a WILDCARD certificate on the public server, and there seems to be an issue if the host name is not one of the common names.  I Updated the cert with a SAN cert that had the public hostnames (3 of them) as SAN's in the cert, which still did not work.
- I have 2 different websites published on the server and have (2) different IP addresses bound to the server, with (1) site bound to the external and (1) bound to the internal - still no go.

Has anyone else fought with this and had similar results?  Does anyone have a step-by-step guide that they have personally used that I can use to deploy my Lync topology to make the public use work?  Throughout my changes and trials and tribulations, my internal site has stayed working without incident.  My goal is to:

- Have LYNC work from the public internet so that Lync clients like Android/Ipad/Iphone can work to keep my users even MORE connected to the internal office
- Have LYNC work from a public website so that external non-Lync users may join web chats / video conferences using the external web links.
- Have LYNC work from a web client so that an external user can log into the web client from outside of the office environment

Any help is appreciated, thank you!
0
Comment
Question by:jkeegan123
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
3 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 2000 total points
ID: 40446574
You do not need TMG. You *do* need a reverse proxy. TMG could reverse proxy. But so can apache, squid, the web application proxy role new in server 2012, and others. Many UTM appliances offer true reverse proxy as well. Port forwarding is *not* good enough.

Make your edge server just an edge server . Don't try to colocate other roles or websites.

Yes, I've been involved with several lync deployments and it does work. But if you try to cut corners, it falls over quickly.
0
 
LVL 5

Author Comment

by:jkeegan123
ID: 40446607
@Cliff Galiher:  Do you have any tutorials on setting up the edge server as an edge server and that's all?  I tried doing that with the 2nd server, but maybe I was misunderstanding how to set this up...it's why I deployed a second server.  I didn't want to have (2) servers for this because this is for a small group BUT I did set it up since it was not working any way that I tried to set it up on a single server...so I followed the step by step MICROSOFT deployment guides to setup an edge server, and I could not get it to work.

BTW - This is LYNC 2013 running on Server 2012.  I did not mention that in the first post.
0
 
LVL 59

Expert Comment

by:Cliff Galiher
ID: 40447038
I am not aware of any tutorials I'd specifically recommend over the MS documentation.
0

Featured Post

What Is Blockchain Technology?

Blockchain is a technology that underpins the success of Bitcoin and other digital currencies, but it has uses far beyond finance. Learn how blockchain works and why it is proving disruptive to other areas of IT.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
New style of hardware planning for Microsoft Exchange server.
The goal of the tutorial is to teach the user how to instant message and make a video call in Skype.
This video discusses moving either the default database or any database to a new volume.
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question