locked
Conference FQDN RRS feed

  • Question

  • Hi, Im confused as to the purpose of the Web Conferencing Edge Service FQDN, and really hope someone can steer me through this confusion. We are at planning/lab stage at the moment, and have deployed the necessary fabric with a Front End Pool, and configured the Simple URLS as per the norm (dailin, meet). We have also deployed a test EDGE server and configured as a single IP with a Web Conferencing Edge FQDN of, for example, sfbedge.company.com. Now, when we use Outlook to create a Skype meeting the embedded link is the the meet.company.com FQDN. Whats the purpose of the Web Conference FQDN on the Edge server? I realise one is internal and one is external, or so I though... Thanks for any help.

    Phil

    Monday, December 10, 2018 3:56 PM

Answers

  • Hi,

    Edge is to handle the External Desktop Skype for Business client requests and External Media Traffic.

    Edge server handles three external Edge services, which are Access Edge service, Web conferencing Edge service and A/V Edge service. The web conferencing serves as external web conferencing traffic.

    And Edge is different from a Reverse Proxy. Reverse proxy is to handle the https traffic (Mobility, meeting and dial-in Simple URLs and etc).

    The typical reverse proxy scenario in SFB Server is to allow external clients (for example, the desktop client or Lync Web App client) access to the Director or Front End Server external Web Services.

    Besides, external users get connected to the reverse proxy with https on port 443 and from there it'll get forwarded to 4443 on front end server. (The front end listens on ports 4443 and 8080 not on 443 and 80, which is what the mobility client will look at. When you hit the RP on 443 (or 80) it will publish back to the 4443 ports)

    The meet URL should be pointed to reverse proxy and then it will hit SFB server web service.       

    The following summarizes the external DNS records should be added:


    Kind regards,

    Calvin Liu


    Please remember to mark the reply as an answer if you find it is helpful. It will assist others who has similar issue. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    • Marked as answer by Philip Luke Tuesday, December 11, 2018 3:51 PM
    Tuesday, December 11, 2018 9:03 AM

All replies

  • Are we supposed to publish the same A record for meet.company.com to be a Public IP which is then sent to a reverse proxy which then forwards to the Edge server as the sfbedge.company.com?

    Ive also read that you dont reverse proxy it to the EDGE but you send it to the Front End Pool on port 4443? Is that safe? Whats the point of the EDGE server? Thanks again for any help.


    Phil

    Monday, December 10, 2018 4:15 PM
  • Hi,

    Edge is to handle the External Desktop Skype for Business client requests and External Media Traffic.

    Edge server handles three external Edge services, which are Access Edge service, Web conferencing Edge service and A/V Edge service. The web conferencing serves as external web conferencing traffic.

    And Edge is different from a Reverse Proxy. Reverse proxy is to handle the https traffic (Mobility, meeting and dial-in Simple URLs and etc).

    The typical reverse proxy scenario in SFB Server is to allow external clients (for example, the desktop client or Lync Web App client) access to the Director or Front End Server external Web Services.

    Besides, external users get connected to the reverse proxy with https on port 443 and from there it'll get forwarded to 4443 on front end server. (The front end listens on ports 4443 and 8080 not on 443 and 80, which is what the mobility client will look at. When you hit the RP on 443 (or 80) it will publish back to the 4443 ports)

    The meet URL should be pointed to reverse proxy and then it will hit SFB server web service.       

    The following summarizes the external DNS records should be added:


    Kind regards,

    Calvin Liu


    Please remember to mark the reply as an answer if you find it is helpful. It will assist others who has similar issue. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    • Marked as answer by Philip Luke Tuesday, December 11, 2018 3:51 PM
    Tuesday, December 11, 2018 9:03 AM
  • Hi Calvin, thank you for this. One other question, if you would please, what is the difference in 'experience' for a Federated SIP domain, and for an ad-hoc user who has been invited to the same 'conference/meeting'. The way I see it is that a federated partner is seen as 'authenticated' where an add-hoc invite is seen as anonymous. From the point of view of the Front End Pool and/or the Director, is the landing process the same for these types of user?

    Thank you again


    Phil


    • Edited by Philip Luke Tuesday, December 11, 2018 3:52 PM
    Tuesday, December 11, 2018 3:51 PM
  • Hi Philip,

    As to the federation for external access to Edge server, you could set as below in SFB control panel.


    If you want to give public your accounts to all the federated organizations, you could tick them all. It depends on your own limited conditions.

    Here more details: https://docs.microsoft.com/en-us/lyncserver/lync-server-2013-manage-access-edge-configuration-for-your-organization

    Kind regards,

    Calvin Liu


    Please remember to mark the reply as an answer if you find it is helpful. It will assist others who has similar issue. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Thursday, December 13, 2018 5:33 AM