Lync 2010 Federation/Edge Server

Microsoft has a poster for that with Lync 2010. There is also a port summary on TechNet.

http://blogs.technet.com/b/nexthop/archive/2012/06/06/microsoft-lync-server-2010-protocol-workloads-poster.aspx

that link is dead; here's a live one: http://www.microsoft.com/en-us/download/details.aspx?id=6797 
for Chat/IM you need TPC5061 opened inbound and outbound

Thanks Cliff, I am already aware of this poster. It does not go into enough detail on all the necessary communications channels that need to be established between federated partners. If you are doing edge to edge federation do you just open up certain IPs between the organizations between the edge servers or do you have to allow their FE, A/V servers, etc? What about access to our F5 Reverse proxy. It would be nice to have details of this and that is what I am lacking.

The poster shows all of that. Federated partners is one of the listed items in the cloud icon for the various communications channels. I'm not sure it could be any more clear.

Jakob, in addition to the ports we also need to limit to the servers particularly on inbound traffic. If we get more specific than just the ports inbound we could also add the IPs of their Lync system. So for what you provide above we can include these inbound ports and further restrict to their edge server IPs? Do we need to include any other IPs of their Lync system? In a federated scenario all traffic goes through the edge server, right? I am also wondering more particularly firewall rules for our load balancer/reverse proxy situation. I don't think outbound is the issue with our configuration.

The biggest unresolved issue we are currently having is Live Meetings with the federated partner. We both have Lync 2010 and OCS in our environments. OCS never had edge deployed but in both organization but we are leveraging the Lync Edge for OCS. I can join their Live Meeting but the only see my name show up for a few seconds. I just get an error message on my end and never join. I am not sure if it is just not supported in this configuration or could be our firewall. Maybe your statement below has something to do with this? Thoughts? We do not use that wide of a port range for OCS as we have restricted the ports via Group Policy.

(if you federate with OCS 2007R2 you need UDP50000 - UDP59999 both in- and outbound aswell)

The last issue is our meet link not working on the reverse proxy, we are using an F5. Internal and external parties cannot access it when pointed to the reverse proxy IP. Currently I am pointing it to the internal FE VIP server until I can figure that one out.

All in all I can look at the standard diagrams all day, I am missing something... The result are these issues I list here that I cannot figure out. Any help you all could provide would be greatly appreciated! Thanks!

To be honest, it sounds like you need some more implementation-specific information and perhaps some more product knowledge. You'll find most server product experts here are also high level I.T. personnel or consultants and as such, get paid for detailed planning and rollout. It is one thing to enjoy contributing to a community and helping each other out. It is another to give away a valuable service that should usually be paid for. I believe you'll find most experts won't get into the level of detail you are asking for. You'll probably want to bring in a Lync specialist for this project to get trustworthy and reliable results.

Totally understand Cliff. I am not asking for a detailed rollout here. I have been rolling out Lync on my own with limited contractor support so I have product knowledge. We have received Lync Specific support from MS and have most things deployed and things are working well other than the few things I state above. During the consultations I suspect that two things happened the consultant was not clear/complete on these issues and we did not press for a solution at the time, mainly because of trying to get the environment stood up was priority. We are supposedly going to be getting some load balancing support soon so that may help with some of this. I am trying to get some additional knowledge and experience from some other experts on these specific issues. Other than the specialists we have used and EE that is all I got to help me. I really want to understand the posters posted earlier but I am not a network guy so things like that can be a little bit of a challenge at times. The Live Meeting issue was confirmed by our consultant as being unsupported configuration, but I am seeking a second opinion. I know we have strict inbound rules and I was showing in the meetings very briefly but then dropped, maybe because we are blocking traffic(but what)?. Something does not make sense. Posting some specific questions amongst other experts for resolution is what I though EE was all about. Thanks!