Lync Edge Server 2013 Setup
Hi,
I am planning to deploy 1 Lync Edge Server but the problem is we only have one public IP address. This will be deployed on a Hyper-V VM with 2 NICS installed. All tutorials I have read pertains on having 3 public IP address. The purpose is only to try Skype
federation. Our Front Edge currently works well internally. Is there any way I can deploy an Edge Server with only one Public IP?
Thanks,
-Ed-
Hi Ed,
Although it is best practice to use 3 public IPs for your Edge deployment, you can indeed use just a single public IP - this is a completely supported configuration.
The reason for using 3 public IPs is so that all three Edge services (Access, AV, Conf) can all use port 443 without any conflict. If you choose to use a single IP like you suggest, then naturally these three services can't all use 443.
When you are deploying your new Edge server and configuring it in the Topology Builder, there will come a point where it will ask you if you want to use a single IP for all services. If you choose to do so, you will see that it will automatically change
the Edge services to use varying ports (5061,443,444) instead of all on 443.
Deployment of your Edge will allow external clients to sign in. However, keep in mind that external access and functionality is two part, and the deployment of a reverse proxy is required to allow mobile client sign-in and a vast array of other features
including;
• Allows external users to download meeting content for your meetings.
• Allows external users to expand distribution groups.
• Allows remote users to download files from the Address Book service.
• Allows access via the Lync Web App client.
• Provides access to the Dial-in Conferencing Settings webpage.
• Provides access to the Location Information service.
• Provides external devices access to the Device Update web service.
• Enables Lync mobile applications to discover and use the mobility URLs
• Allows Lync 2013 clients to leverage Lync Discover URLs
Importantly, your Reverse Proxy will also need a public IP.
In short, you can gain limited external connectivity with a single public IP, but if you want a FULL external feature set you will need 2 public IPs at the very least.
You cannot collocate the reverse proxy with the Edge, or use the same IP for both.
Hope that helps.
Kind regards
Ben
Similar Messages
-
Lync Edge Server 2013 Certificate Issue seems unresolvable
I've implemented a single internal Standard Edition Front End server with a single consolidated Edge server and Reverse Proxy server/appliance located in a perimeter network.
On the internal IP of the Edge server I use a certificate form a internal CA ( which is trusted by the edge server), the "internal" certificate issued by the internal Ca is used only between the edge server and the frontend server. An external certificate
with cn sip.ipabo.nl and alt.subj sip.ipabo.nl and webconf.ipabo.nl. from Globalsign is used on the external IP’s . Services have their own ip adresses and are natted by a router. Ive tested that all ports can be reached from the internet. But still no connection
possible from external clients. The ms. connectivity analyser says: "The The certificate couldn't be validated because SSL negotiation wasn't successful". Connections from mobile clients through reverse proxy are no problem also internal clients
have no issue ( they both don’t use the edge but proxy ). So i assume there's someting wrong with the certificate implementation on the Edge server, however ive tested it with the RUCT from Curtis Johnstone, and the certificate seems to be OK. Also in the
Lync Server Deployment Wizard the certificates seem to be OK. In the computers personal certificate store the are only the two necessary certificates ( internal and external) also intermediate certificates are installed. Routing ( default gateway on external
interface ) is working fine. So I think I'm out of options, any ideas?
Tnx,
GuidoPlease check the DNS records for sip.ipabo.nl and webconf.ipabo.nl are created on external DNS server.
Please check you can telnet Lync Edge Access service FQDN on 443 port.
Check the automatic configuration for remote access is configured correctly or you can try to sign in manually.
Follow the steps in blog blow to test your Edge Server:
http://blogs.technet.com/b/nexthop/archive/2011/12/07/useful-tips-for-testing-your-lync-edge-server.aspx
Lisa Zheng
TechNet Community Support -
LYNC EDGE Server NIC Card Setup
Hello Guys,
I need Your help about setting up the NIC on my EDGE server. I already gone through the article about Set Up Network Interfaces for Edge Servers. as I understand there
are 2 NIC required on each EDGE server (1 Internal facing 7 another 1 is External facing). I just wanted to confirm is there any option to do this with only 1 NIC card or can we configure EDGE with 1 NIC only.?
Thanks in Advance.
Rishi Aggarwal
Regards Rishi AggarwalPossible? Yes, I do this on occasion against recommendations and best practices for companies who simply can't or won't set up a second DMZ (please don't split the NICs between your internal network and DMZ, it's just bad security). Everything
mostly seems to work just fine. But, recommended and supported? No.
Here's an article from David Paulino who's also been through it:
http://uclobby.com/2014/04/17/lync-edge-server-on-a-single-subnet/
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications -
Lync Edge Server required for Sykpe Federation
I have a very simple and quick question I hope some people can help a newbie to Lync 2013 with.
Basically we have just installed as a trial the Lync 2013 Standard edition on a server for use of IM and Persistent chat only. We are not worried about the VOIP stuff. All is working great and everything so far is installed on one server.
I have been asked by management to add the ability to add Skype contacts. So I know I have to enroll for PIC and setup a Skype external access federation which is fine.
My question is though... can I install the "Lync 2013 Edge Server" role on the same server as my Front End Lync Server? I really dont want to pay for another Windows license to have a Lync Edge Server in my DMZ.
I am looking for some advice on why I wouldnt want to do this and if I can actually do this type of setup? The end result for me would be to have all Lync installation on one server. We only have around 50 users so not massive...
Thanks in advance everyone!Hi,
You need the aditional server for federation with Skype (PIC). You can't install FE and Edge on the same server.
David -
Hi,
We have a Lync 2013 Server. We're plan to deploy a Lync Edge Server. I just read some articles about the depoyment. I'm wondering why Lync Edge Server cannot be installed on a server with one NIC. We've 1 firewall, configured with a interface in the
LAN subnet and a interface configured in the DMZ subet. I want to install the Lync Edge Server with one NIC configured in the DMZ subnet and route all the internal traffic trought the firewall. But none of the articles recommend this scenario. Why not?Hi,
You're Lync 2013 Edge server requires two network interfaces, each residing on a different subnet - this part isn't debatable and is required in order to be a supported deployment (much less have it actually work). However its not uncommon to come across
your scenario.
As you only have a single firewall, your two options are;
1.) External interface of the Edge server in the existing DMZ subnet, and Internal interface of the edge server directly on the LAN. (this is the least preferred option of all scenarios, but is a supported topology)
2.) External interface of the Edge server in the existing DMZ subnet, and then create a second DMZ subnet to put the internal interface of the Edge server in. You would have to create an interface on your existing firewall in this subnet as well, essentially
routing traffic back to the same firewall hardware but via a different subnet. This is commonly referred to as a 'three-legged' firewall. From there the traffic can go to the LAN. This is also supported, and is more preferred than option one
The optimal solution, and the one you have probably seen in diagrams is to have back to back firewalls creating a true DMZ with the Edge server sat in between, The external interface of the edge server is on the same subnet as the internal facing adaptor
on the outer firewall, and the internal interface of the edge server is on the same subnet as the external facing adaptor of the inner firewall. This is the preferred solution, but not achievable in your current setup without the introduction of additional
components.
Of the two options applicable to you (1and2), option 2 is preferred. Both are considered less secure than option 3 from a security perspective as there is only a single firewall to breach, where as option three has layered security.
This is a very common scenario for smaller organisations - feel free to ask any further questions.
Kind regards
Ben
Note: If you find a post informative, please mark it so using the arrow to the left. If it answers a question you've asked, please mark the thread as answered to aid others when they're looking for solutions to similar problems or queries.
For Fun: Gecko-Studio | For Work:
Nexus Open Systems -
Problems with SNOM 7XX phones and presence of Lync Edge server
Hi to all,
we have this problem, this is the scenario (two Lync 2013 st ed. servers):
- lync 2013 FE server have internal IP address 172.21.212.XXX with internal gateway 172.21.212.254
- lync 2013 edge server have two network interface:
First INTERFACE: 3 IPs in 172.21.30.XXX (Access, web and A/V Edge) for external connection with 172.21.30.254 and internal gateway (IP NAT with public IP)
Second INTERFACE: IP 172.21.212.XXX for internal connection without gateway
- snom 7XX (50 phones) are connect to the lync server and all internal call works fine. All phones are in an internal dedicated network 172.21.218.XXX with default gateway 172.21.218.254
- when making external call with 7XX SNOM phones, the call was routed to Trunk COLT with Lync Mediation server and all works fine.
- when Lync Mediation server receive a call from our trunk COLT we have this situation:
All Lync 2013 clients work fine, audio is OK, (network 172.21.216.XXX)
Polycom CX3000 work fine audio is OK (network 172.21.218.XXX)
SNOM 710, 720, 760 FW 8.8.2.16 UC series, phones ring but NO SOUNDS from the phones and after a few seconds "Call failed due to network issues."
The only way to solve the problem is to disable the connection with Lync Edge server (remove gateway 172.21.30.254)
BUT this is not the solution because now we have no connection with INTERNET (skype, web conferencing doesen't work without edge gateway)
Why SNOM phones try to use the EDGE gateway to connect the call? Why doesn't use Lync Mediation server?
Can you help us to find a solution?
Thanks
AurelioHi,
Thanks to all for yours support.
Today, we have done some test (no employee in office today
J) and we have solved the problems.
The old implementation have had this configuration:
- the phone numbers have had a no E.164 format compliant: for all users number, the phone number have had this format TEL:012345XYZW ; EXT=XYZW with the normalization
rules:
Starting digits: 01234567
Length: At least 8 digits
Digit to remove: 0
Digit to add: nothing
Pattern to match ^(01234567\d*)$
All worked fine with this previous configuration:
Lync 2010 std with only mediation server function + Lync 2013 std front-end with all the others functions and Lync 2013 std Edge server for external connection with
Lync client Skype world, BUT we have had disabled in SNOM phones ICE function because if ICE was enabled no voice can we hear from the phones.
After dismissed Lync 2010 with only a Lync 2013 infrastructure, this configuration don’t permit to use edge server because with ICE enabled or disabled no voice from
SNOM phones.
Today we have done this operation:
Setting in Lync 2013 control panel all number for all users, in E.164 format compliant:
The phone number now have this format TEL:+39012345XYZW ; EXT=XYZW and we have deleted the previous normalization roles.
We have added this role for the EXT numbers:
Name: Routing Interno
Starting Digits: XY
Length: Exactly 4 (i.e. XYZW)
Digit to remove 0
Digit to add: +39012345
Pattern to match: ^(XY\d(2))$
Translation rule: +39012345$1
Internal extension = checked
And now all work fine.
We have solved another problem:
Lync client 2013 can't find new users:
all new Lync users are not discovered from Lync 2013 client, probably because this setting is present with Lync 2010:
PS C:\> Get-CsAddressBookConfiguration
Identity
: Global
RunTimeOfDay
: 1:30 AM
KeepDuration
: 30
SynchronizePollingInterval : 00:00:30
MaxDeltaFileSizePercentage : 20
UseNormalizationRules
: True
IgnoreGenericRules
: False
EnableFileGeneration
: True
With only Lync 2013 servers we have changed
IgnoreGenericRules to True
To set UseNormalizationRules and IgnoreGenericRules to true for Lynk 2013 infrastructure.
http://technet.microsoft.com/en-us/library/jj205160.aspx
For us all the problems are SOLVED!
Aurelio -
Any reason not to put Lync Edge server on the same server that runs Web Application Proxy?
We're currently running Lync 2010 standard server, without an edge server or reverse proxy. I'm working on migrating to lync 2013 standard server, and would like to add the edge functionality in the process. I have a Server 2012R2 in the dmz,
with the web application proxy role installed. I plan to use that to publish the lync web services. Is there any reason I shouldn't install the lync edge server on the same computer?It just won't work well as everything will want to bind to port 443 (the reverse proxy and the edge services as well). On top of all that, it's just not supported. A new virtual server will save you hours upon hours of frustration and leave you
with a supported configuration.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications -
Exchange Server 2013 setup / coexistance Exchange 2010
So started setting up Exchange 2013 and ran into a random issue regarding the OAB. Resolved by deleting/recreating the OAB in Exchange 2010.
My issue now is setup will not complete, just tells me an "Incomplete Installation Detected" starts to resume the installation. Upon "next" I receive just a hanging screen of "Setup Progress" which goes no where.
[06/12/2014 20:05:19.0860] [0] **********************************************
[06/12/2014 20:05:19.0876] [0] Starting Microsoft Exchange Server 2013 Setup
[06/12/2014 20:05:19.0876] [0] **********************************************
[06/12/2014 20:05:19.0876] [0] Local time zone: (UTC-05:00) Eastern Time (US & Canada).
[06/12/2014 20:05:19.0876] [0] Operating system version: Microsoft Windows NT 6.2.9200.0.
[06/12/2014 20:05:19.0876] [0] Setup version: 15.0.516.32.
[06/12/2014 20:05:19.0876] [0] Logged on user: DOMAIN\Admin.
[06/12/2014 20:05:19.0954] [0] Command Line Parameter Name='sourcedir', Value='F:\'.
[06/12/2014 20:05:19.0954] [0] Command Line Parameter Name='mode', Value='Install'.
[06/12/2014 20:05:19.0969] [0] RuntimeAssembly was started with the following command: '/sourcedir:F: /mode:Install'.
[06/12/2014 20:05:20.0344] [0] The following roles are installed: BridgeheadRole ClientAccessRole MailboxRole UnifiedMessagingRole AdminToolsRole
[06/12/2014 20:05:21.0391] [0] Setup is choosing the domain controller to use
[06/12/2014 20:05:21.0595] [0] The MSExchangeADTopology has a persisted domain controller: DOMAIN CONTROLLER
[06/12/2014 20:05:22.0485] [0] PrepareAD has been run, and has replicated to this domain controller; so setup will use DOMAIN CONTROLLER
[06/12/2014 20:05:22.0485] [0] Setup is choosing a global catalog...
[06/12/2014 20:05:22.0516] [0] Setup has chosen the global catalog server DOMAIN CONTROLLER.
[06/12/2014 20:05:22.0516] [0] Setup will use the domain controller 'DOMAIN CONTROLLER'.
[06/12/2014 20:05:22.0516] [0] Setup will use the global catalog 'DOMAIN CONTROLLER'.
[06/12/2014 20:05:22.0516] [0] Exchange configuration container for the organization is 'CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=LOCAL'.
[06/12/2014 20:05:22.0532] [0] Exchange organization container for the organization is 'CN=DOMAIN,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=LOCAL'.
[06/12/2014 20:05:22.0579] [0] Setup will search for an Exchange Server object for the local machine with name 'LOCALHOST'.
[06/12/2014 20:05:22.0751] [0] Exchange Server object found : 'CN=LOCALHOST,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=DOMAIN,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=LOCAL'.
[06/12/2014 20:05:22.0751] [0] The following roles have been unpacked: BridgeheadRole ClientAccessRole MailboxRole UnifiedMessagingRole FrontendTransportRole AdminToolsRole CafeRole
[06/12/2014 20:05:22.0751] [0] The following datacenter roles are unpacked:
[06/12/2014 20:05:22.0751] [0] The following roles are installed: BridgeheadRole ClientAccessRole MailboxRole UnifiedMessagingRole AdminToolsRole
[06/12/2014 20:05:22.0766] [0] The local server has some Exchange files installed.
[06/12/2014 20:05:22.0798] [0] Server Name=LOCALHOST
[06/12/2014 20:05:22.0829] [0] Setup will use the path 'F:\' for installing Exchange.
[06/12/2014 20:05:22.0829] [0] Setup will discover the installed roles from server object 'CN=LOCALHOST,CN=Servers,CN=Exchange Administrative Group (FYDIBOHF23SPDLT),CN=Administrative Groups,CN=DOMAIN,CN=Microsoft Exchange,CN=Services,CN=Configuration,DC=DOMAIN,DC=LOCAL'.
[06/12/2014 20:05:22.0829] [0] 'BridgeheadRole' is installed on the server object.
[06/12/2014 20:05:22.0829] [0] 'ClientAccessRole' is installed on the server object.
[06/12/2014 20:05:22.0829] [0] 'MailboxRole' is installed on the server object.
[06/12/2014 20:05:22.0829] [0] 'UnifiedMessagingRole' is installed on the server object.
[06/12/2014 20:05:22.0845] [0] The installation mode is set to: 'Install'.
[06/12/2014 20:05:44.0768] [0] An Exchange organization with name 'DOMAIN' was found in this forest.
[06/12/2014 20:05:44.0768] [0] Active Directory Initialization status : 'True'.
[06/12/2014 20:05:44.0768] [0] Schema Update Required Status : 'False'.
[06/12/2014 20:05:44.0768] [0] Organization Configuration Update Required Status : 'False'.
[06/12/2014 20:05:44.0768] [0] Domain Configuration Update Required Status : 'False'.
[06/12/2014 20:05:44.0768] [0] The locally installed version is 15.0.516.32.
[06/12/2014 20:05:44.0768] [0] Exchange Installation Directory : 'C:\Program Files\Microsoft\Exchange Server\V15'.
[06/12/2014 20:05:44.0830] [0] Applying default role selection state
[06/12/2014 20:05:44.0877] [0] Setup is determining what organization-level operations to perform.
[06/12/2014 20:05:44.0877] [0] Because the value was specified, setup is setting the argument OrganizationName to the value DOMAIN-NAME.
[06/12/2014 20:05:44.0877] [0] Setup will run from path 'C:\Program Files\Microsoft\Exchange Server\V15\'.
[06/12/2014 20:05:44.0893] [0] InstallModeDataHandler has 0 DataHandlers
[06/12/2014 20:05:44.0893] [0] RootDataHandler has 1 DataHandlers
[06/12/2014 20:05:45.0737] [0] Finished loading screen IncompleteInstallationDetectedPage.
[06/12/2014 20:05:48.0518] [0] Setup is determining what organization-level operations to perform.
[06/12/2014 20:05:48.0518] [0] Because the value was specified, setup is setting the argument OrganizationName to the value DOMAIN-NAME.
[06/12/2014 20:05:48.0518] [0] Setup will run from path 'C:\Program Files\Microsoft\Exchange Server\V15\'.
[06/12/2014 20:05:48.0518] [0] InstallModeDataHandler has 0 DataHandlers
[06/12/2014 20:05:48.0518] [0] RootDataHandler has 1 DataHandlers
[06/12/2014 20:05:48.0737] [0] Finished loading screen SetupProgressPage.Hi,
Let's try the following resolutions:
1. Check if the discovery SearchMailbox is present on Exchange 2010 when you run the Exchange 2013 Install.
2. Reinstall your Exchange 2013 server:
Open ADSIEDIT, CN=Configuration, DC=your domain ->CN=Services ->CN=Microsoft Exchange ->CN=First Organization ->CN=Administrative Groups ->Cn=Exchange Administrative Group ->CN=Servers ->CN=Server name
After remove the exchange server, please reinstall your exchange server to test the result.
Thanks,
Angela Shi
TechNet Community Support -
Lync Edge Server Service Not Starting
i am having an issue with starting the "Lync Server Audio/Video Edge" service on my lync edge server. when i try to start the service it throws the following error..
"The Lync server audio/video edge service on local computer started and than stopped. some services stop automatically if they are not in use by other services or programs."
than in the event viewer logs there are 2 specific errors i can see that look like the following..
what is stopping me from fixing this right away is that i havent changed anything in my configuration, seems to have broke on its own. i can post more errors i have found in other places as well if needed. any help is greatly appreciatedhey sean, thanks for your response. all things point to something else using port 443 right now.. however from what i can see from a netstat command it doesnt look like anything new is running on it. here is a copy/paste of my most recent netstat command..
Active Connections
Proto Local Address Foreign Address State PID
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING 756
TCP 0.0.0.0:443 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 2804
TCP 0.0.0.0:4443 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:47001 0.0.0.0:0 LISTENING 4
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING 468
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING 844
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING 896
TCP 0.0.0.0:49338 0.0.0.0:0 LISTENING 1400
TCP 0.0.0.0:56483 0.0.0.0:0 LISTENING 572
TCP 0.0.0.0:56966 0.0.0.0:0 LISTENING 564
TCP 0.0.0.0:56967 0.0.0.0:0 LISTENING 2824
TCP 192.100.100.84:139 0.0.0.0:0 LISTENING 4
TCP 192.100.100.84:444 0.0.0.0:0 LISTENING 1768
TCP 192.100.100.84:5061 0.0.0.0:0 LISTENING 1908
TCP 192.100.100.84:5061 68.34.170.246:52296 CLOSE_WAIT 1908
TCP 192.100.100.84:5061 68.34.170.246:52297 CLOSE_WAIT 1908
TCP 192.100.100.84:5061 68.34.170.246:53570 CLOSE_WAIT 1908
TCP 192.100.100.85:5061 0.0.0.0:0 LISTENING 1908
TCP 192.100.100.85:5062 0.0.0.0:0 LISTENING 1844
TCP 192.100.100.85:5062 192.100.100.83:53701 ESTABLISHED 1844
TCP 192.100.100.85:5062 192.100.100.83:53967 ESTABLISHED 1844
TCP 192.100.100.85:8057 0.0.0.0:0 LISTENING 1768
TCP 192.100.100.85:8057 192.100.100.83:56612 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56617 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56618 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56619 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56620 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56628 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56629 ESTABLISHED 1768
TCP 192.100.100.85:8057 192.100.100.83:56670 ESTABLISHED 1768
TCP 192.100.100.85:57577 192.100.100.146:5357 TIME_WAIT 0
TCP 192.100.100.85:57579 192.100.100.175:5357 TIME_WAIT 0
TCP 192.100.100.85:57583 192.100.100.159:5357 TIME_WAIT 0
TCP 192.100.100.85:57584 192.100.100.147:5357 TIME_WAIT 0
TCP 192.100.100.85:57585 192.100.100.242:3911 TIME_WAIT 0
TCP [::]:80 [::]:0 LISTENING
4
TCP [::]:135 [::]:0 LISTENING
756
TCP [::]:443 [::]:0 LISTENING
4
TCP [::]:445 [::]:0 LISTENING
4
TCP [::]:3389 [::]:0 LISTENING
2804
TCP [::]:4443 [::]:0 LISTENING
4
TCP [::]:47001 [::]:0 LISTENING
4
TCP [::]:49152 [::]:0 LISTENING
468
TCP [::]:49153 [::]:0 LISTENING
844
TCP [::]:49154 [::]:0 LISTENING
896
TCP [::]:49338 [::]:0 LISTENING
1400
TCP [::]:56483 [::]:0 LISTENING
572
TCP [::]:56966 [::]:0 LISTENING
564
TCP [::]:56967 [::]:0 LISTENING
2824
TCP [2002:c064:6454::c064:6454]:4443 [2002:c064:6453::c064:6453]:54033 ESTABLISHED 4
TCP [2002:c064:6454::c064:6454]:57581 [2002:c064:64ab::c064:64ab]:445 ESTABLISHED 4
TCP [2002:c064:6454::c064:6454]:59957 [2002:c064:640c::c064:640c]:445 ESTABLISHED 4
UDP 0.0.0.0:123 *:*
948
UDP 0.0.0.0:500 *:*
896
UDP 0.0.0.0:1434 *:*
1976
UDP 0.0.0.0:4500 *:*
896
UDP 0.0.0.0:5355 *:*
140
UDP 127.0.0.1:51664 *:*
1172
UDP 127.0.0.1:56155 *:*
2924
UDP 127.0.0.1:59005 *:*
964
UDP 127.0.0.1:62503 *:*
1680
UDP 127.0.0.1:62786 *:*
572
UDP 127.0.0.1:62788 *:*
140
UDP 127.0.0.1:64531 *:*
896
UDP 127.0.0.1:65160 *:*
1844
UDP 192.100.100.84:137 *:*
4
UDP 192.100.100.84:138 *:*
4
UDP [::]:123 *:*
948
UDP [::]:500 *:*
896
UDP [::]:1434 *:*
1976
UDP [::]:4500 *:*
896
UDP [::]:5355 *:*
140 -
Lync edge server for site with 2500 users
Dear All,
I have a question with regards to the implementation of lync edge server deployment.
One of our client having lync deployment with 4000 users in a central site with 3 FE EE and edge pool with 2 Edge servers, there are planning for a new site with 2500 users.
what will be the best method for the site implementation , shall we deploy a SE Fe server and all the external communication through the Central site Edge server?
or is it required to have a separate pool for site?
please help meAgree with the others. So, there's two questions, "what will be the best method for the site implementation?" and "is it required to have a separate pool for site?".
The best method I'd suggest is use Enterprise Edition Lync so you can perform pool pairing for resiliency, and have a local edge pool as the others suggested. You have enough users to support this, and with growth you might want to be able to scale
up anyway.
Is it required? Not at all. You can send them all through the central site edge server, it's possible and fully supported. It's up to you, but I'd suggest the separate pool.
Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question please click "Mark As Answer".
SWC Unified Communications -
Outbound Calls stop working when Lync Edge server is offline
All,
We have had an issue inside our environment after one of our virtual hosts died and took out our sole Edge server, basically users could not dial out and were getting the error "Network is busy" on the client. Internal dialling worked perfectly to our Lync
users but the users could not dial out via our Cisco CME server.
Our configuration is a Lync Enterprise Pool with 2 servers, DB cluster and a single Lync edge server, the mediation servers are installed on our enterprise pool servers as a single server and the CME is looking at the mediation servers directly and has nothing
pointing at the edge server.
This issue affected internal users (as the external users were all kicked out due to the server being down), the strange thing was that you got errors in snooper about the server being unavailable when you dialled out, no idea why it did this. Even stranger
was that the call itself was sent to the CME as a debug SIP showed traffic being attempted between the user and the number which confused me even more as my mobile actually rang for a single ring as well.
Has anybody got any ideas as to why the Edge server would do this to internal users?
Thanks
JamesLync checks the bandwith policy against the Edge server. As the Edge is not responding Lync is unable to check the policy and the call fails.
For the time being you may want to remove the Edge from the topology, then Lync checks against the Front End server.
I hope you do understand, that this is not a great solution, but a drastic workaround suggestion to a hidden product defect! In hidden product defect I mean Microsoft Lync document team is cynically silent and trying to cover the tracks of this product defect.
What I would consider as a straight and honest retroactive action for the Lync document team, to add a big warning section to a) single server edge deployment page + b) the Call Admission Control caveats page on Technet:
"Warning: PRODUCT DEFECT / PRODUCT LIMITATION comes here
If you associate an edge server or pool to a FE pool, and enable Call Admission Control, your single / pool edge will become SINGLE POINT OF FAILURE for your entire enterprise telephony when doing outbound call attempts!
So if outbound calls is important in your company (hell, of course it is!) then deploy at least 2x Edge servers in the same pool before enable CAC!"
But I think that warning message is way too much to ask for, thatswhy is this 2,5 years old topic still open. -
Lync Edge server on windows 2012 R2 prequistes
What, if any, are the perquisites for install lync 2013 edge server on Windows 2012 R2. I have looked around and only found information for Windows 2012 and it requiring WIF 3.5. Is this required for R2 as when you go to install it you get:
is it required and do I require anything else?
ThanksHi,
Agree with Georg.
What’s more, you can refer to the link of “Installing Lync 2013 Edge Server”, it is Windows Server 2012 Standard or Datacenter, but similar for Windows Server 2012 R2:
http://www.orcsweb.com/blog/cory-granata/installing-lync-2013-edge-server/
Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
sure that you completely understand the risk before retrieving any suggestions from the above link.
If you not choose all required roles and features, when you running Lync Server deployment Wizard and running steps, you will receive error and point out what you need to install.
Best Regards,
Eason Huang
Eason Huang
TechNet Community Support -
Hi All,
Need help on Lync Edge Configuration.
I've 1 lync FE & 1 Lync Edge. I'm successfully install Lync FE.
Problem come on Edge Lync Setup.
Step 1 : Install local Configuration Store (Complete)
Step 2 : Setup or remove lync server component (Complete)
step 3 : Request install or assigned certificates. ( I've assign certificate for both Internal & External but the status for step 3 not showing "Complete")
I cannot proceed to step 4 (start Service) until step 3 is complete.
Kindly help me on this issue.
Thank you.Hi,
I'd restart your Edge server if you haven't already done so, and check that you have not accidentally assigned the certificate to only specific Edge services and Sneff_Gabor suggested.
Could you confirm that you used the Lync Certificate Wizard to generate the CSR's for these cert's rather than generating them through some other means?
If you haven't already done so, import and assign the certificates for a second time post Edge restart to see if this makes a difference.
If you're using a third party public certificate for you external Edge services, make sure that you have any required root and intermediate certificates in place for a valid chain. You can check this by viewing the certificate details and looking
at the 'certification path' tab to ensure your public certificate is trusted.
If you don't have any luck, create a new CSR for your External Edge services and generate a certificate from your internal CA rather than through a public CA and assign that. This will tell you if it's the external certificate that's causing an upset.
Can you confirm the 'public key' and 'signature algorithm' on the details tab of both certificates?
Kind regards
Ben
Note: If you find a post informative, please mark it so using the arrow to the left. If it answers a question you've asked, please mark the thread as answered to aid others when they're looking for solutions to similar problems or queries. -
Lync Edge Server External Private Certificate
Hey GURUS!
Please help me out:
I'm having issues accessing Lync from external network.
Mobile clients login fine, but computer clients fail to login.
My current deployment consists in a single 2013 front-end and a single 2013 edge server.
All servers have certificates from my internal CA.
All servers have the root CA certificate installed in the trusted root certificate authority.
I have 2 sip domains, and the edge certificate has both sip domains.
However, when I test from test connectivity.microsoft.com, I get an error regarding the certificate chain.
I can't understand why lync requires a intermediate certificate, if I don't have any published in my organisation.
The certificate path goes: Root CA -> Certificate.
Also, the lync discover test runs with no errors what so ever.
This error on the edge didn't occur when I had lync 2010 running.
Does anyone know how to solve this?
Thanks!
Andrey Santana
edit: i forgot to upload the screenshotThiago,
The certificates from the Front End / Reverse Proxy are also from the internal CA and I don't get the error, it actually runs successfully.
Andrey
How did you test the certificates from the Front End and Reverse Proxy Server?
The public website connectivity.microsoft.com need a public certificate.
But if you use private certificate in lab, it could work as long as you install the Root CA certificate on client computer.
Lisa Zheng
TechNet Community Support -
Hi,
Considering I have NetScalers in the DMZ, do I need to deploy an Edge Server in the DMZ to allow me to provision Remote Access for Lync clients and Mobility? Or is a Reverse proxy straight from the DMZ NetScaler to the Front End server sufficient?
Cheers
Regards,
Stan Svetec
Blog:
http://stansvetec.blogspot.com
Twitter: LinkedIn:Hi,
You required both if you are looking for Full Fledged Remote access to Lync Clients and the Mobility.
With out Edge server you will lose this Functions
External access from the Internet to the Lync capabilities for your users.
Federation with other companies running Office Communications Server or Lync so that you can do Lync capabilities with other companies running these technologies.
Federation with users on public IM clouds (e.g. AOL).
Federation with users on XMPP clouds (e.g. GoogleTalk).
Access to web conferences from external users. Lync provides web conferencing and allows participants to join who aren’t even on Lync. They can join via a new Lync web access (LWA) client
Whenever you see a helpful reply, click on Vote As Helpful & click on Mark As Answer if a post answers your question.
Maybe you are looking for
-
How do I edit a pdf document and save it without having to save it as a new file?
I recently copied a pdf document to my computer. I need to make changes to it and forward it to someone else for review. I can make the changes, but when I try to save it, I get a message that the document is read only or is already open. As far as I
-
Does anyone know if you have previously purchased an app for your Iphone or Ipod and you buy the same app for your MacBook will it recognize that you paid for it before like it does on the other devices, or will it charge you?
-
I found several sources that mentioned using aggregate devices to get the samson C01U Mic working in Logic Express. The instruction says to choose the C01U and "Built in Audio" from the list in the add aggregate device screen. However, "Built in audi
-
Unable to view the MRP1 tab in Material master MM02
Hi all In Material master some of one of the material i am able to view the MRP1 and MRP2 at the same time some of the other material I am unable to view the MRP1. Please help me to find out the root cause of the problem. I want to view the MRP1 for
-
I am unable to add a call to make a conference during a conversation from my iphone 4s
I am unable to add a second call to make a conference during a conversation from my iphone 4s with ios 5.1.1. The option to add a call is not accessible (dim) on my phone whereas the same is accessible on my second phone. Both phones have the same c