Hi all,

I won't be deploying a reverse proxy server due to the size of the business. I've been checking some documentation regarding the unsupported setup of this however there a few parts that aren't making any sense.

Firstly if I use PAT on the firewall rather than a secondary IP at the FE server, what external IP needs to be used (or is it a new one?) and what external DNS name will it be using?

Secondly, why does the FE server (according to the setup documents) have different DNS names for sip/conf/av? I.e. the FE server lists them as dialin.domain.com and meet.domain.com yet externally they are sip.domain.com, webconf.domain.com and av.domain.com.

*edit* just to add that sip.domain.com, webconf.domain.com and av.domain.com have been added to the public DNS server, surely the remaining two names meet/dialin do not need to be added as well? It seems that any futher additions are redundant and should be renamed so that they match each other.

Hi,

if you don't use a reverse proxy it is not possible to offer a external conference. The meet.domain.com will be used for the web conference service on the Lync FE server.

The dialin.meet.com is for the user to setup his conference pin, also hosted on the Lync FE server.

You can work with NAT on the Edge server, it is supported but you have to offer all three edge services sip/conf/av because this are three different services taht the Lync client will use. For authentication, audio video sessions and desktopsharing

http://ocsguy.com/2010/11/21/deploying-an-edge-server-with-lync/

Hi,PartyMarry,

I supposed the document you mentioned above is Ken Lasko's blog post,right?

If make your firewall redirect 80/443 from the simple URL and web components URL external IP addresses to the new internal IP address over 80/443,you don't need a new external IP,for DNS requirements you should make sure your external web service URL can be resolved on internet,you can check http://technet.microsoft.com/en-us/library/gg398758.aspx

For your second question,I am not sure what you are talking about,for sip.domain.com,webconf.domain.com and av.domain.com they are Edge services FQDN for 3 External Edge interface which are used for external user access,details you can check http://technet.microsoft.com/en-us/library/gg412787.aspx

And here are compnents required for external user access for your reference.

http://technet.microsoft.com/en-us/library/gg425779.aspx

In the end,I should highlight one thing,reverse proxy is recommended to publish Lync external web services,if you use another way it may hit Microsoft unsupport scenario and if you have any trouble under this situation you need overcome by yourself.Good luck

B/R

Sharon

Hi Holger,

It is possible to offer external conferences without a reverse proxy as I have it working here. Instead of using a reverse proxy, I have used PAT at the firewall level and this bypasses the need for it.

Regards,
Martin

Hi Sharon,

Thanks for your reply. I was just surprised Lync requires four external IP addresses and six external DNS names (excluding the SRV records!); sip, webconf and av for Edge and dialin, meet and lyncweb for the External web services on the main server.

It feels like it's a mess and I really hope Microsoft sort this out for the next version.

PartyMarty,

How did you set it up via PAT. Could you provide some details? I'm in a similar situation and would like to sort it out for our setup.

Josh

Hi PartyMarty,

How did you set it up via PAT. Could you provide details