Two companies, two edge servers, conditional forwarders for DNS and Federation

All replies

• 

  

  1

  Sign in to vote

  each edge should have external DNS server not the internal one that have conditional forwarding and for internal FE DNS names you could  use hosts file and that is the recommended scenario even if you didn't have these to domains

  so use external DNS to refer to external Edge of other domain and build hosts file to refer to its own domain internal FE.

  the only thing to be aware about it is to open the firewall ports on public IP of edge to accept from the second one.

  • Proposed as answer by Leon-LuMicrosoft contingent staff Wednesday, December 20, 2017 10:01 AM

  Tuesday, December 19, 2017 7:13 AM
• 

  

  0

  Sign in to vote

  Hi Shaun,

  You do not need the internal DNS and also the edge stays in DMZ as workgroup. What you need to do is add the external domain in your host file and the other company needs do the same if you dont have external SRV records. The access edge FQDN must be published externally with a public certificate.

  Then you add the domains in the allow list in Skype control panel with the access edge FQDN defined.

  Greetings,

  Erdem

  ---

  Please mark as helpful if you find my contribution useful or as an answer if it does answer your question. That will encourage me - and others - to take time out to help you.

  Tuesday, December 19, 2017 8:23 AM
• 

  

  0

  Sign in to vote

  Are there any update for this issue, if the reply is helpful to you, please try to mark it as an answer, it will help others who has similar issue.

  ---

  Regards,
  

  Leon Lu

  ---

  Please remember to mark the replies as answers if they helped.
  If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

  Thursday, December 21, 2017 12:24 PM
• 

  

  0

  Sign in to vote

  Hi ShaunJacob,

  Agree with erdem and hamedAdel,

  You should add following record in the public DNS

  DNS Type	Value	Resolution	Purpose
  SRV	_sipfederationtls._tcp.<sip-domain>	Access Edge FQDN: access.<sip-domain>	Federation and public IM connectivity
  SRV	_sip._tls.<sip-domain>	Access Edge FQDN: access.<sip-domain>	external user access
  SRV	_xmpp-server._tcp.<sip-domain>	Access Edge FQDN: access.<sip-domain>	XMPP federation
  A	sip.<sip-domain>	Access Edge FQDN: access.<sip-domain>	locate Edge Server
  A	Access Edge FQDN: access.<sip-domain>	Access Edge IP address	Edge Server Access edge
  A	A/V Edge FQDN: av.<sip-domain>	A/V Edge IP address	Edge Server A/V edge
  A	Conf Edge FQDN: conf.<sip-domain>	Conf Edge IP address	Edge Server Conf edge
  A/CNAME	lyncdiscover.<sip-domain>	reverse proxy public IP address	external AutoDiscover Service
  A	meet URL	reverse proxy public IP address	proxied to Lync Server Web Service
  A	dial-in URL	reverse proxy public IP address	proxied to Lync Server Web Service
  A	external Web Services FQDN	reverse proxy public IP address

  ---

  Regards,
  

  Leon Lu

  ---

  Please remember to mark the replies as answers if they helped.
  If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

  Friday, December 29, 2017 7:30 AM