Configuring TMG for Lync

Once TMG has been installed with 2 interfaces – one pointing to LAN and the other to the Internet you are ready to create the Web Publishing Rule for Lync.
This rule will be used to access GAL, ABS, Web Conferencing (Meet and Dial) as well as Lync Mobile. Of course all of these URLS need to be included in the Public Certificate and Public A record for each name needs to be configured.

So lets get started..

Select New – Web Site Publishing Rule

Give the new rule a logical name

 Since the Sites will be HTTPS we will use the SSL option

Now we add the internal URL as configured in the Topology Builder

Not required but I no harm in defining this

 For Path add /*

The Public name is what is published in Topology Builder as the external URL as well as a name in the SAN Cert. If using the same cert and rule for more URL’s like lyncdiscover then this will need adding later, see last step.

Since this is a brand new TMG no Web Listener exists so we select New and continue. The Web Listener Name is irrevelant but always good to use something descriptive

Select External as this is where the traffic will originate from

Important to note that the certificate actually needs to be in the local store Personal or it wont show up when you click on select Certificate

Select No Authentication as we don’t want the TMG dealing with that

Finishing the Web Listener and continueing on with the Web Publishing rule

Select No Delegation, and Client cannot authenticate directly

 And Finish, now you need to Apply the new Policy to TMG

Two more tweaks, one on the Publishing rule – go to Bindings and set the port redirections

The second on the Public Name Tab – to add additional URL’s eg LyncDiscover.


About Paul B

My name is Paul Bloem and I am employed at Lexel Systems in New Zealand as a Principal Consultant for Unified Communications. I have been working on enterprise voice solutions for over 20 years. My first 10 years were spent working for a Telco in South Africa (Telcom SA). This is where all the groundwork happened as I was exposed to just about every aspect of telecommunication you could imagine. I develop an interest in PBX technologies and eventually became the go-to guy. Next, I had a 10 year run at Siemens South Africa, most of my time there was as a Technical Trainer. During this time VoIP hit the world stage, I had the privilege of introducing VoIP both as H.323 and later SIP across the Siemens HiPath 4000 solution stack. In 2008 I immigrated to New Zealand with my newly attained MCSE, I was ready to go where no PBX Techie had gone before. I was employed to explore OCS 2007 and that was pretty much the beginning of the end for me. I have been working on OCS and Lync ever since. My current role focuses exclusively on Lync and associated technologies.. That includes pre-sales, consulting, architecture and design, training and support. I even get to play in the development space from time to time - focus on play ;-) I was nominated as a Microsoft VTSP for Lync early in 2013 and also awarded Microsoft's MVP award for Lync in 2014.
This entry was posted in Install Guide, Quick Reference Guide, TMG. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s