0

I have deployed lync on 1 server. This server has 2 nic's. One on the internal network and one on that is live to the internet. The inside sip domain is lync.domain.local. The split brain DNS config we have setup is set so that all requests to lync.domain.com (The external dns name) goes to the internal ip address. All external requests go to the external ip address of the server.

I have almost everything up and running but I am running into an issue I cannot seem to fix. I cannot seem to get external meeting stuff setup correctly.

The problem as I see it is the client on the internet is requesting access to meet.domain.com (port 80 and 443.) The external services are hosted on port 8080 and 4443. How do I get these clients to request the other ports?

user131991
  • 21
  • 2

1 Answers1

1

You cannot deploy Lync with only one server, there MUST be at least one frontend, and one edge server. You do not have to protect the frontend with a reverse proxy, but you certainly need an edge server for the edge services, like meetings.

See this previous answer and embedded diagram.

Ports used for Lync Edge server

Also note that you need to port translation to fix your NAT issue. You need to forward 80/443 on the outside to 8080 and 4443 on the inside. You will still need an edge server to facilitate these communications though.

Community
  • 1
SpacemanSpiff
  • 8,753
  • 1
  • 24
  • 35
  • Can you go into a little bit more detail as to why it cannot be put on just one server? – user131991 Apr 16 '13 at 15:49
  • I don't know why, I just know it won't even let you do that. If you were using virtualization you could certainly use the same hardware for both purposes. The documentation is pretty clear the the front end role and the "edge" role cannot co-exist on the same server. – SpacemanSpiff Apr 16 '13 at 15:54
  • Fair enough - I have been setting it up for a test environment recently and I have gotten most things working with just the one server. External access works for lync itself but external access does not work with mobility and meeting stuff. Just a little weird that I can get most of it working on 1 server and these 2 little pieces can't be jerry-rigged to work on 1 server. – user131991 Apr 16 '13 at 16:03
  • Right, thats exactly what I thought too... the user outside still needs to talk to the front end server, and a reverse proxy CAN be used to protect it, and their documentation doesn't even say how to deploy it without one. The web-conferencing, and other services though still need an edge server that you point those URLs at. – SpacemanSpiff Apr 16 '13 at 16:59