Lync Edge without ReverseProxy

All replies

• 

  

  0

  Sign in to vote

  Hi,

  You can use the lync external web services features without a Reverse proxy however its not supported by Microsoft. Please refer the blog http://ucken.blogspot.com/2011/01/lync-external-web-services-without.html?showComment=1295881463582#c5478030596975450029 which mentions all the steps to go about it.

  Regards

  Navin

  ---

  Navin Microsoft Unified Communications

  Wednesday, July 6, 2011 10:40 AM
• 

  

  0

  Sign in to vote

  1. Correct

  2. Correct

  3. You will still need two public certificates, one for the Front End and one for the Edge external services.  Since you will not be using a Reverse Proxy then you'll need to have a publically trusted certificate on the Front End assigned to IIS.  A third, private certificate will be assigned to the internal Edge interface.

  ---

  Jeff Schertz, Microsoft Solutions Architect - Polycom | Lync MVP

  Wednesday, July 6, 2011 12:15 PM
• 

  

  0

  Sign in to vote

  thanks jeff;

  for third option;

  I bought a certificate from an pulically trusted certificate authority which includes;

  sn = lync.domain.com

  san = meet.doman.com, dialin.sisecam.com, sip.domain.com and pool01.domain.com ( external web services name)

   

  can't i use this one certificate for both of servers, front end and edge? Should i seperate names in two certificate? This will generate some headhache for me

  Thursday, July 7, 2011 8:37 AM
• 

  

  0

  Sign in to vote

  No, you should not use the same certificate on both servers as this will expose your internal servname to the Internet.  Plus you are missing the webconferencing FQDN, and the SImpleURLs do not below on the Edge server.

  Don't try to cut corners here, just purchase two separate certificates and you'll save yourself a lot of trouble in the long run.

  ---

  Jeff Schertz, Microsoft Solutions Architect - Polycom | Lync MVP

  • Marked as answer by babylon99 Monday, July 11, 2011 8:11 AM

  Thursday, July 7, 2011 12:04 PM
• 

  

  0

  Sign in to vote

  i see, but i will already requested front end server internal certificate from my internal ca.

   

  Now on my front end server;

  my web services external url is : lyncweb.domain.com

  my simple urls : lync.domain.com/meet lync.domain.com/dialin

  As you see, there is no internal front end server name

  And external dns records will point front end external interfaces with port translations (8080/4443)

   

  ..on my edge server, sip access fqdn = sip.domain.com

  Now i will request a certificate with following names,

  lyncweb.domain.com, lync.domain.com, sip.domain.com

  Could not i import this certificate on edge server external side, and front end external side. Or should i request two different certificate like

  - lyncweb.domain.com, lync.domain.com (cert1)

  -sip.domain.com (cert2)

   

  Friday, July 8, 2011 11:07 AM
• 

  

  0

  Sign in to vote

  Could i use this same certificate for two server?

  Monday, July 11, 2011 7:32 AM
• 

  

  0

  Sign in to vote

  Using Lync without a reverse proxy is possible but not a supported deployment method by Microsoft. 

  But you can try below guide to configure Edge without Reverse Proxy,

  http://www.vmwareandme.com/2013/10/tutorial-microsoft-lync-edge-server.html

  Cheers!!

   

  ---

  www.mytricks.in www.geeklogs.com
  

  • Edited by Santosh Suryawanshi Monday, October 28, 2013 5:18 AM

  Thursday, November 24, 2011 6:56 AM