locked
Setting up Skype for Business issues RRS feed

  • Question

  • Hello All,

       I know I might be sounding stupid but as m new to SFB I want to know all the stuff in detail and correctly understand...

    I have 3 Virtual machines..1.DC 2.SFB FE 3.SFB EDGE SERVER

    I have connected them all to internal virtual switch...In my office(small office with about 12 people) I have one physical network switch which is connected to internet.

    Now SFB Edge Server is connected to internal virtual switch and external Physical switch(internet).

    If I want to make employee laptops in my office as SFB Clients...how do I connect them to DC?? because DC, SFB FE are connected to internal virtual switch....Can I connect these employee though edge server which is connected to physical network switch?

    Or Will I need another Physical internal switch to connect DC and the employee laptops?

    Tuesday, October 18, 2016 7:40 AM

Answers

  • If I want to make employee laptops in my office as SFB Clients...how do I connect them to DC?? because DC, SFB FE are connected to internal virtual switch....Can I connect these employee though edge server which is connected to physical network switch?

    Hi Lexi Mace,

    Welcome to post in our forum.

    Based on my understanding, you could try to keep SFB FE server IP address and your employee laptop’s IP address in the same network segment, and also make sure your employee laptop’s DNS IP address point to the DC which in your lab.

    For your public IP issue, agree with Off2work, you could use a single public IP or three public IP address for deploying SFB edge server, both method is ok.

    You could refer to the following blog to deploy SFB edge server in your environment

    https://technet.microsoft.com/en-us/library/dn933903.aspx

    For Lync server reverse proxy, certificate must be issued by a public CA.

    Services include Address Book Service, distribution group expansion Office Web Apps for conferencing, and Lync IP Device publishing rules. Subject alternative name includes:

    External Web Services FQDN for Front End Server or Front End pool

    External Web Services FQDN for Director or Director pool

    Dial-in conferencing

    Online meeting publishing rule

    Office Web Apps for conferencing

    Lyncdiscover (Autodiscover)

    The following blog is for your reference

    https://technet.microsoft.com/en-us/library/jj205381(v=ocs.15).aspx

    You could refer to the following to configure TMG as Lync reverse proxy

    https://social.technet.microsoft.com/wiki/contents/articles/9807.how-to-configure-forefront-tmg-2010-as-reverse-proxy-for-lync-server-2010.aspx

    Hope this reply helpful to you.



    Alice Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Alice-Wang Monday, October 24, 2016 8:38 AM
    • Marked as answer by Alice-Wang Friday, October 28, 2016 9:51 AM
    Wednesday, October 19, 2016 4:18 AM

All replies

  • Hi,

    what is the IP range of your servers and client machines?

    Since you have Edge deployed, they will sign in through Edge server. As far as I can see, you don't have any reverse proxy in place?

    You have CA in place?

    You can have a look at my guide here: https://gallery.technet.microsoft.com/Installing-Skype-for-78703118?redir=0


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    Tuesday, October 18, 2016 8:10 AM
  • Hello

    Ip adress range is 192.168.* they are private though

    and edge server not yet deployed just created a virtual machine, deployment yet to be done..i am just terying to understand if this can be done then vl proceed with it...also how do I set up reverse proxy and CA(it is in Active directory...certification service) do I need something extra?

    Tuesday, October 18, 2016 8:40 AM
  • Thanks I have seen this but my question is how many public ips do I need? I thought I just need 3 for edge thts all....n I am unable to really understand this firewall/proxy thing..I have created a new virtual machine installed windows server 2008 r2 and then installed TMG on it...how do I get external Ip for TMG do I have to buy it...I have downloaded evaluation version of TMG
    Tuesday, October 18, 2016 10:01 AM
  • Hi, yes your ISP needs to provide you with extra IP.

    For Edge you can use only one IP, but in larger companies 3 external IPs are required. You also need one to be pointing to TMG (web services and Mobile clients).

    All these stuff are described in my guide which I provide url to earlier.

    For Root CA deployment I used this guide: https://mizitechinfo.wordpress.com/2013/08/29/step-by-step-deploying-a-standalone-root-ca-in-server-2012-r2-part-1/

    For setting up TMG I used this guide: https://araihan.wordpress.com/2010/03/08/forefront-tmg-2010-how-to-install-and-configure-forefront-tmg-2010-step-by-step/

    In short, you only need 2 external IP (Lync web services and Edge).


    Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you. Thank you! Off2work

    • Proposed as answer by Liinus Wednesday, October 19, 2016 9:24 AM
    Tuesday, October 18, 2016 11:09 AM
  • If I want to make employee laptops in my office as SFB Clients...how do I connect them to DC?? because DC, SFB FE are connected to internal virtual switch....Can I connect these employee though edge server which is connected to physical network switch?

    Hi Lexi Mace,

    Welcome to post in our forum.

    Based on my understanding, you could try to keep SFB FE server IP address and your employee laptop’s IP address in the same network segment, and also make sure your employee laptop’s DNS IP address point to the DC which in your lab.

    For your public IP issue, agree with Off2work, you could use a single public IP or three public IP address for deploying SFB edge server, both method is ok.

    You could refer to the following blog to deploy SFB edge server in your environment

    https://technet.microsoft.com/en-us/library/dn933903.aspx

    For Lync server reverse proxy, certificate must be issued by a public CA.

    Services include Address Book Service, distribution group expansion Office Web Apps for conferencing, and Lync IP Device publishing rules. Subject alternative name includes:

    External Web Services FQDN for Front End Server or Front End pool

    External Web Services FQDN for Director or Director pool

    Dial-in conferencing

    Online meeting publishing rule

    Office Web Apps for conferencing

    Lyncdiscover (Autodiscover)

    The following blog is for your reference

    https://technet.microsoft.com/en-us/library/jj205381(v=ocs.15).aspx

    You could refer to the following to configure TMG as Lync reverse proxy

    https://social.technet.microsoft.com/wiki/contents/articles/9807.how-to-configure-forefront-tmg-2010-as-reverse-proxy-for-lync-server-2010.aspx

    Hope this reply helpful to you.



    Alice Wang
    TechNet Community Support


    Please remember to mark the replies as answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    • Proposed as answer by Alice-Wang Monday, October 24, 2016 8:38 AM
    • Marked as answer by Alice-Wang Friday, October 28, 2016 9:51 AM
    Wednesday, October 19, 2016 4:18 AM
  • Hi Lexi, 

    As you were saying its a small user base and if you want them to connect only when they are at office , then you can just  go with the DC and FE , Edge and reverse proxy are required when you want  them to come through the internet. Guide from off2work will help you to implement the Edge and RP setup if required.


    Linus || Please mark posts as answers/helpful if it answers your question.

    Wednesday, October 19, 2016 9:26 AM