Good old TMG..
Just a quick reference guide when the grey stuff gets fuzzy 🙂
- The published site is the public external web FQDN
- Use browse to find the internal Front End Pool, tests the DNS resolution that way
- Check the box to forward the original host header
- Set the radio button so that requests appear to come from TMG
Add the public names (of course these will match the public A records requested)
What you need is:-
- meet and dialin (often times I’ll merge these two)
- lyncdiscover for the 2013 and mobile clients
- external web services (same as published site)
Once TMG has been installed with 2 interfaces – one pointing to LAN and the other to the Internet you are ready to create the Web Publishing Rule for Lync.
This rule will be used to access GAL, ABS, Web Conferencing (Meet and Dial) as well as Lync Mobile. Of course all of these URLS need to be included in the Public Certificate and Public A record for each name needs to be configured.
So lets get started..
Select New – Web Site Publishing Rule
Since the Sites will be HTTPS we will use the SSL option
Now we add the internal URL as configured in the Topology Builder
Not required but I no harm in defining this
For Path add /*
The Public name is what is published in Topology Builder as the external URL as well as a name in the SAN Cert. If using the same cert and rule for more URL’s like lyncdiscover then this will need adding later, see last step.
Select External as this is where the traffic will originate from
Important to note that the certificate actually needs to be in the local store Personal or it wont show up when you click on select Certificate
Finishing the Web Listener and continuing on with the Web Publishing rule