External/Federated access still uses the OCS 2007 Edge for both sides (OCS and Lync pools). We've also set up Lync Mobility, published on a new URL with Reverse-Proxying. Meaning only users assigned to a Lync pool can use Mobility. Works fine.
Except.....Windows Phone and iPhone/iPad devices need Push notification, so I followed the Guide below to set that up. I have no idea how this works, but seems one needs it.