I have an issue where a large group of users (about 2k) have been 'migrated' into my environment without first migrating their accounts in AD.  Basically, accounts were created internally and they are just connecting to my Lync 2010 and Exchange 2010 environment through the internet. 

Problem is, when they leave their current network, they hit my TMG 2010 servers from a single IP address.  This triggered TMGs Flood Mitigation settings and their IP was blocked.  I fixed this by creating an exception for their IP address and bumping up the number of allowed tcp and http connections per minute.

Now, we are still having issues with users that attempt desktop and application sharing.  Their sessions close sporadically. 

My primary question is, has anyone ever attempted this type of solution before, allowing thousands of users external access from a single IP address through TMG and Lync Edge?  If so is it supported and what type of issues might I need to look for?    Does the Edge role also have restrictions on how many connections can be made by a single IP address from the internet?

• Changed type Eric_YangKModerator 5 hours 28 minutes ago General Discussion