locked
Using UAG 2010 as a reverse proxy for Lync Server 2010 RRS feed

  • Question

  • Hi,

    I can`t find any official statements from Microsoft whether UAG 2010 is supported as a reverse proxy for Lync Server 2010. However, I gave it a try based on this guide:
    http://blog.msedge.org.uk/2010/10/publishing-ocs-2007-r2-web-components.html

    The Lync Simple URL`s "meet" and "dialin" seems to work fine, but the services provided by the external webservice URL doesn`t seem to work (Address book download and Distribution Group Expansion).

    When trying to expand a Dsitribution Group, the following error is returned:
    "Cannot perform this action, and the cause is unknown. Contact your support team to investigate this problem."

    The difference from the OCS Web Services is that the port on the internal Lync Frontend server is TCP 4443 rather than TCP 443. I`ve made a NAT rule from 443 to 4443 from a public IP on the edge firewall to the internal Lync Frontend server to buypass the UAG. I use entries in the local hosts files on an external client to test the services through the edge firewall NAT rule. When I do this, both the Address book download and Distribution Group expansion works without problems.
    Clearly the UAG is the problem, so I was wondering if anyone got some troubleshooting tips?


    Jan Egil Ring

    Blog: http://blog.powershell.no
    Twitter: http://twitter.com/janegilring
    Thursday, March 10, 2011 8:25 PM

Answers

  • Still looking for an answer regarding Lync 2010 from someone working for Microsoft.

    Me too :(

    Can't see TMG ever being "officially" used for web based reverse proxy on UAG; non-web protocols like SIP, yes, but not web me thinks...

    I have been recommending that customers keep/deploy TMG for the reverse proxy role of Lync. Not always ideal, but it is supported and it works :)

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by Erez Benari Thursday, May 5, 2011 7:01 PM
    Wednesday, April 6, 2011 10:37 PM

All replies

  • Hi Jan,

    I believe this is an issue for UAG due to the following statement in the release notes:

    When creating trunks and publishing applications, using non-standard ports is not supported; servers must listen on port 80 for HTTP and port 443 for HTTPS.

    Source: http://technet.microsoft.com/en-us/library/dd772157.aspx

    I have successfully published Lync with TMG (not the TMG instance on UAG), but that probably doesn't help much...

    I wanted to update my original article for Lync, but haven't been able to find an answer :(

    Cheers

    JJ
     


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Proposed as answer by Mark Resnik Tuesday, March 15, 2011 11:27 PM
    • Unproposed as answer by Mark Resnik Tuesday, March 15, 2011 11:27 PM
    Friday, March 11, 2011 1:24 PM
  • Any idea if publishing Lync via the TMG on UAG is supported.   OCS was supported, so maybe Lync is too and hte official article just isn't updated yet?  http://technet.microsoft.com/en-us/library/ee522953.aspx#BKMK_SupportedConfig

    Thanks,

    Mark

    Tuesday, March 15, 2011 11:28 PM
  • The only support for using TMG on UAG with OCS was for CWA and server publishing the SIP protocol. Using the TMG on UAG as a reverse proxy for the OCS web components/services was never supported; I think Lync follows the same path at the moment :(

    The support statement is badly worded in the support boundaries document. It actually means that CWA is the only OCS web application that can be published by UAG and TMG is only supported for the non-web protocols like SIP - I confirmed this with the product group a while back...


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk

    Wednesday, March 16, 2011 12:12 AM
  • Still looking for an answer regarding Lync 2010 from someone working for Microsoft..

    1.  Any future plans for UAG to be capable of handling publishing Lync Web Services?   And if so, how far down the product roadmap are we talking?   (I understand from Jason and others it does not work thru UAG today, and I understand from reading Lync documentation that the official practice for edge includes both a reverse proxy, like UAG or TMG, to handle web traffic, as well as a Lync Edge server to handle the other video and audio and other Lync non-web traffic)

    2.  In the interim, is it within the support bounderies of UAG to publish Lync Web Services using the embedded TMG?  And if so, will the technet article that lists the support boundaries be updated to reflect this?

    Thanks again,

    Mark

    Wednesday, April 6, 2011 5:01 PM
  • Still looking for an answer regarding Lync 2010 from someone working for Microsoft.

    Me too :(

    Can't see TMG ever being "officially" used for web based reverse proxy on UAG; non-web protocols like SIP, yes, but not web me thinks...

    I have been recommending that customers keep/deploy TMG for the reverse proxy role of Lync. Not always ideal, but it is supported and it works :)

    Cheers

    JJ


    Jason Jones | Forefront MVP | Silversands Ltd | My Blogs: http://blog.msedge.org.uk and http://blog.msfirewall.org.uk
    • Marked as answer by Erez Benari Thursday, May 5, 2011 7:01 PM
    Wednesday, April 6, 2011 10:37 PM
  • Rumor is that the UAG team will be releasing an update which will not only support Lync (web services), but will also include a template for it.  Supposed to be available as part of SP1 Update 1 for UAG (not TMG, as its updates are separate/different, even when on the same box as is the case for UAG) and I've heard this might happen in September/October of 2011.
    Thursday, August 11, 2011 8:07 PM
  • Rumors come to fruition! UAG SP1 Update 1 adds support for Lync web services: http://www.microsoft.com/download/en/details.aspx?id=27604&WT.mc_id=rss_alldownloads_all
    Matthew
    Wednesday, October 12, 2011 5:00 PM
  • Hi there,

    is an official documentation available how to publish Simple URLS via UAG SP1? I can only find one regarding external web servcies.

    thx

    Wednesday, November 30, 2011 2:47 PM
  • Wolfgang,

    Here is some generic info about how to publish apps via UAG:  http://technet.microsoft.com/en-us/library/dd861461.aspx

    Or watch these video's, especial module 4:  http://technet.microsoft.com/en-us/ff793469

    Thanks, Mark

     

    Thursday, December 1, 2011 5:02 AM
  • We have spendt some ours with UAG and lync and here is how we got UAG to work with Lync.

    See this blog:http://adfordummiez.com/?p=326

    Tuesday, May 29, 2012 8:58 PM