Lync 2013 – Using a KEMP Appliance as a Reverse Proxy – Installation / Configuration Guide
As we’ve grown here at KEMP and developed new products or expanded the application of our products we’ve also grown our community. We were delighted to see this post by Iain Smith on his NorthernLync blog highlighting the power of KEMP’s LoadMaster for reverse proxy solution for Microsoft Lync. You can follow Iain at @NothernLync.
The default for reverse proxy with Lync
Here’s a short excerpt from the post of Iain’s reasoning as to why he thinks the LoadMaster range will become the default for reverse proxy functions with Lync.
Now with the disappearance of the TMG appliance that we all came to love and loath, there are only a few options out there for using as a reverse proxy for Lync. The few i think are
- Windows Server using IIS AAR for Proxy’ing
- KEMP Appliance / Virtual Machine
- Citrix Netscaler
For me option 1 isnt an option as i personally think using a Windows Server then bending it to be a RP isnt viable and one i wouldn’t suggest to my clients. Option 3 is only a option if you have a citrix netscaler going spare. Again i wouldn’t be rushing out to buy a Citrix Netscaler if i had other options.
That leaves the second option which is my default option for my clients who are looking to purchase a RP. You heard it hear first KEMP will become the default mantra of Reverse Proxy for Lync going forward.
In this blog post Im going to detail how you go about setting up a KEMP Applicance as a reverse Proxy. (Note: The setup is the same for the Kemp Range, but today within this guide i will be using a KEMP VLM100)
That in itself is a pretty strong statement and it makes us proud that our products could be relied upon as the default choice for important IT tasks.
Getting started on the road
Before you do anything else there are certain elements of the setup that you need to get right the details below are taken from Iain’s guide as well.
To start with you need information from your Lync environment around the external Web services. ie: Name etc. For me, my labs external web service is called LyncWebExt.northernlync.co.uk.
Also i will be requiring a public certificate for the KEMP appliance. There are many public authorities out there which can provide this. <At the time of writing GoDaddy are the most competitive in pricing for UCC Certificates) NOTE: If you have a wildcard certificate this can be used on the RP as well.
If you need information on how to create the certificate request follow the link > http://technet.microsoft.com/en-us/library/gg429704.aspx
***Please be sure your public cert has the following on it.
Subject Name / Common Name = <Your Lync External Web name> – LyncWebExt.northernlync.co.uk in my case
SAN Name = <Your Lync External Web name> – e.g. LyncWebExt.northernlync.co.uk in my case YES Put it in as a SAN as well!!!
SAN Name = <Your Lync ‘meet’ service name – e.g. meet.northernlync.co.uk
SAN Name = <Your Lync ‘dialin’ service name – e.g. dialin.northernlync.co.uk
SAN Name = lyncdiscover.<domain> – e.g. lyncdiscover.northernlync.co.uk
So with our information at hand and our certificate provisioned lets move onto the steps required to setup out Kemp.
ALSO: Typically the KEMP appliance for Lync Reverse Proxy, requires be located within your DMZ and NOT on your internal domain.!
Read the rest of Iain’s guide to installing/configuring the KEMP unit as a reverse proxy here on his blog…
Try it yourself
We know that it’s all very well reading blog posts that tell you a product is great, but how will you know how well it works in your own environment? At KEMP we thought hard and long about this and came to the conclusion that it was best to just let you have a go of it yourself for a month.
That’s why you can have a trial of ANY of our products (Hardware or Virtual) for FREE for 30 days and if you don’t like it you can just send it back.