MS Lync Deployment Guide

Similar documents
MS Skype For Business. Deployment Guide

MS Lync MS Lync Deployment Guide

MS Skype for Business. Microsoft Skype for Business Deployment Guide

MS Lync Deployment Guide

Pearson PowerSchool. Deployment Guide

AD FS v3. Deployment Guide

Microsoft Print Server. Deployment Guide

IIS. Deployment Guide

Microsoft Dynamics. Deployment Guide

Apache Tomcat Deployment Guide

Deploying the BIG-IP LTM with Microsoft Skype for Business

Deploying BIG-IP LTM with Microsoft Lync Server 2010 and 2013

Deploying the BIG-IP LTM v11 with Microsoft Lync Server 2010 and 2013

Epicor. Deployment Guide. UPDATED: 29 January 2019

MS Lync 2013 Server Security Guide. Technical Note

Load Balancing Microsoft Lync 2010 / Deployment Guide v Copyright Loadbalancer.org

LoadMaster Deployment Guide

Deploy Avi Vantage with Microsoft Lync 2013

Windows Server 2012 R2 DirectAccess. Deployment Guide

Load Balancing Microsoft Skype For Business. Deployment Guide v Copyright Loadbalancer.org, Inc

DEPLOYMENT GUIDE MICROSOFT SKYPE FOR BUSINESS SERVER 2015 DEPLOYMENT WITH THUNDER ADC USING APPCENTRIC TEMPLATES (ACT)

MS Exchange 2016 Deployment Guide

MS Exchange 2010 Deployment Guide

Remote Desktop Services. Deployment Guide

LoadMaster VMware Horizon (with View) 6. Deployment Guide

Epic. Epic Systems. Deployment Guide

Splunk. Splunk. Deployment Guide

Remote Desktop Services Deployment Guide

LoadMaster VMware Horizon Access Point Gateway

Core Solutions of Skype for Business 2015

[MS20334]: Core Solutions of Skype for Business 2015

Adobe Connect. Adobe Connect. Deployment Guide

Overview. Audience profile. At course completion. Module Title : 20334A:Core Solutions of Skype for Business Course Outline :: 20334A::

EXAM Core Solutions of Microsoft Lync Server Buy Full Product.

Core Solutions of Microsoft Skype for Business 2015

RTO/RPO numbers for different resiliency scenarios

Core Solutions of Skype for Business 2015

Moodle. Moodle. Deployment Guide

Microsoft Lync 2013 Depth Support Engineer

LoadMaster for Azure Resource Manager. Feature Description

Course 55070A: Microsoft Lync 2013 Depth Support Engineer

HA for Azure Classic Interface. Feature Description

Microsoft Lync Server 2010: Architecture

"Charting the Course... MOC B Core Solutions of Microsoft Skype for Business Course Summary

20334A: Core Solutions of Microsoft Skype for Business 2015

Minnesota Microsoft Unified Communications User Group Welcome! March 26, 2009

Microsoft Core Solutions of Microsoft Skype for Business 2015

LYNC 2013 NEW FEATURES

Microsoft Selftestengine Exam Questions & Answers

Course 20334B:Core Solutions of Skype for Business 2015

What to Know About Exchange 2013 and Load Balancing

Course Description. Audience. Prerequisites. At Course Completion

Microsoft Exchange Microsoft Exchange Deployment Guide

Microsoft Selftestengine Exam Questions & Answers

Deploying F5 with Microsoft Remote Desktop Services

Microsoft Exchange Server 2013 and 2016 Deployment

Deploying, Configuring, and Administering Microsoft Lync Server 2010 (MS 10533A)

"Charting the Course to Your Success!" MOC B Core Solutions of Microsoft Lync Server 2013 Course Summary

Core Solutions of Microsoft Lync Server 2013

Deploying F5 with Microsoft Active Directory Federation Services

Deployment Guide. Blackboard Learn +

Load Balancing Microsoft Remote Desktop Services. Deployment Guide v Copyright Loadbalancer.org, Inc

In this post, we walkthrough how to download, install, and then use the Lync 2013 Planning Tool.

F5 Networks F5LTM12: F5 Networks Configuring BIG-IP LTM: Local Traffic Manager. Upcoming Dates. Course Description. Course Outline

KEMP LoadMaster. Product Overview

KEMP LoadMaster LM-5305 FIPS Product Overview

VMware ESX ESXi and vsphere. Installation Guide

Core Solutions of Microsoft Lync Server 2013

TS: Microsoft Lync Server 2010, Configuring

Planning, Deploying, and Monitoring Mobility Microsoft Lync Server 2010

Hardware LoadMaster. Installation Guide

Content Rules. Feature Description

Level 1 Technical. Microsoft Lync Basics. Contents

DEPLOYMENT GUIDE Version 1.2. Deploying the BIG-IP System v10 with Microsoft IIS 7.0 and 7.5

Interdomain Federation Guide for IM and Presence Service on Cisco Unified Communications Manager, Release 11.5(1)SU2

Web User Interface (WUI) LM5305 FIPS

Microsoft > PRO: Microsoft Lync Server 2010, Administrator

Deploying F5 for Microsoft Office Web Apps Server 2013

Deploying the BIG-IP System v10 with Oracle s BEA WebLogic

Module 5. Conferencing in Lync Server MVA Jump Start

DEPLOYMENT GUIDE A10 THUNDER ADC FOR EPIC SYSTEMS

Web User Interface (WUI) LM FIPS

WebMux TM. Planning and Deployment Guide for Microsoft Office Communication Server Local IP Load Balancing / Traffic Management Appliance

Skype for Business Server 2019 Preview Deployment Guide

Deployment Guide AX Series with Oracle E-Business Suite 12

VMware Horizon View Deployment

Microsoft > PRO: Microsoft Lync Server 2010, Administrator

Deploying Voice Workloads for Skype for Business Online and Server 2015

Microsoft Core Solutions of Microsoft Lync Server 2013

Web User Interface (WUI)

Enterprise Voice and Online Services with Microsoft Lync Server 2013

Explain how cloud technologies are changing the design, deployment, and management of voice architectures.

VMware Horizon Workspace. VMware Horizon Workspace 1.5. Deployment Guide

Content Switching Exchange and Lync. Technical Note

Load Balancing VMware App Volumes

Hybride Cloud Szenarien HHochverfügbar mit KEMP Loadbalancern. Köln am 10.Oktober 2017

Enterprise Voice & Online Services with Microsoft Lync Server 2013

Deploying F5 with Microsoft Active Directory Federation Services

How to Make the Client IP Address Available to the Back-end Server

A10 Thunder ADC with Oracle E-Business Suite 12.2 DEPLOYMENT GUIDE

Transcription:

Deployment Guide UPDATED: 11 January 2018

Copyright Notices Copyright 2002-2018 KEMP Technologies, Inc. All rights reserved. KEMP Technologies and the KEMP Technologies logo are registered trademarks of KEMP Technologies, Inc. KEMP Technologies, Inc. reserves all ownership rights for the LoadMaster and KEMP 360 product line including software and documentation. Used, under license, U.S. Patent Nos. 6,473,802, 6,374,300, 8,392,563, 8,103,770, 7,831,712, 7,606,912, 7,346,695, 7,287,084 and 6,970,933 Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 2

Table of Contents 1 Introduction 5 1.1 Microsoft Lync 2013 5 1.2 Document Purpose 5 1.3 Prerequisites 5 2 Load Balancing Microsoft Lync 2013 7 3 General Configuration 9 3.1 Disable SNAT Globally 9 3.2 Subnet Originating Requests 9 3.3 Change Drop Connections Settings 10 3.4 Increase the Connection Timeout 11 3.5 Connection Scaling For Large Scale Deployments 12 4 Template 15 16 5.1 DNS Only Configuration 16 5.1.1 Lync Internal WebSvc HTTPS Virtual Service 16 5.1.2 Lync Director 2013 DNS Virtual Service 17 5.1.3 Lync Internal WebSvc HTTP Virtual Service 18 5.2 HLB Only Configuration 19 5.2.1 Lync Director 2013 HLB Virtual Service 19 5.2.2 Lync Internal Director SIP Virtual Service 19 5.2.3 Lync Mediation Virtual Service 20 5.2.4 Lync Edge Internal AV Media TCP Virtual Service 21 5.2.5 Lync Edge Internal AV Media UDP Virtual Service 22 5.2.6 Lync Edge Internal SIP Virtual Service 23 5.2.7 Lync Internal WebSvc HTTP Virtual Service 23 Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 3

5.2.8 Lync Internal Front-End DCOM Virtual Service 24 5.2.9 Lync Internal WebSvc HTTPS Virtual Service 25 5.2.10 Lync Internal Front-End SIP Virtual Service 26 5.2.11 Configure Edge Virtual Services 27 5.2.11.1 Lync Edge External AV Media UDP Virtual Service 27 5.2.11.2 Lync Edge External SIP Virtual Service 27 5.2.11.3 Lync Edge External SIP Federation Virtual Service 28 5.2.11.4 Lync Edge External XMPP Virtual Service 29 5.2.11.5 Lync Edge External Conferencing Virtual Service 30 5.2.11.6 Lync Edge External AV Media TCP Virtual Service 31 5.3 Common to Both 31 5.3.1 Lync Office Web App Servers Virtual Service 31 5.3.2 Lync Director Reverse Proxy HTTP Virtual Service 32 5.3.3 Lync Director Reverse Proxy HTTPS Virtual Service 33 5.3.4 Lync Front End Reverse Proxy HTTP Virtual Service 34 5.3.5 Lync Front End Reverse Proxy HTTPS Virtual Service 35 6 Additional Information 37 6.1 Server Maintenance 37 6.2 Loss of Failover while using DNS 37 6.3 Hardware Load Balancing 37 7 References 38 Last Updated Date 39 Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 4

1 Introduction 1 Introduction KEMP s LoadMaster family of purpose-built hardware and Virtual Appliances (VLM) offer advanced Layer 4 and Layer 7 server load balancing, content switching, SSL Acceleration and a multitude of other advanced Application Delivery and Optimization (ADC) features. KEMP s LoadMaster fully supports Microsoft s key solutions and are approved by Microsoft (KEMP is a Microsoft Gold partner). The LoadMaster efficiently distributes user traffic for Microsoft Lync 2013 so that users get the best experience possible. The entire KEMP LoadMaster product family, including the Virtual LoadMaster (VLM) supports Microsoft Lync 2013. For more information about KEMP Technologies, visit us online at www.kemptechnologies.com. 1.1 Microsoft Lync 2013 Microsoft Lync is a communications tool which provides services such as audio/video conferencing, Instant Messaging (IM) and Voice over Internet Protocol (VoIP). These services can all be accessible from the Internet, or from an internal network. Microsoft Lync allows companies to enhance collaboration amongst employees. A number of enhancements have been made in Microsoft Lync 2013. The network topology setup is quite similar to the previous version but with a number of small differences. Changes include the consolidation of the archiving and monitoring features towards the front-end servers (optional feature). The Lync 2010 Director role is now optional and is not recommended anymore. Less servers are needed because front-end servers can now take the role of Director. 1.2 Document Purpose This documentation is intended to provide guidance on how to configure KEMP LoadMaster products to provide high availability for a Microsoft Lync Server 2013 environment. This documentation is created using a representative sample environment described later in the document. As this documentation is not intended to cover every possible deployment scenario it may not address unique setup or requirements. The KEMP Support Team is available to provide solutions for scenarios not explicitly defined. 1.3 Prerequisites It is assumed that the reader is a network administrator or a person otherwise familiar with networking and general computer terminology. It is further assumed that the Microsoft Lync Server 2013 environment has been set up and the KEMP LoadMaster has been installed. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 5

1 Introduction Other LoadMaster documentation can be referred to as needed from http://www.kemptechnologies.com/documentation. The minimum requirements that should be met before proceeding are as follows: LoadMaster firmware version 7.0-6 or above should be installed Configured and published Microsoft Lync Server architecture with Lync Topology builder Installed the Microsoft Servers, Active Directories and followed other Microsoft requirements Configured internal and external DNS entries for Front-End, Director and Edge pools Established access to the LoadMaster Web User Interface (WUI) Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 6

2 Load Balancing Microsoft Lync 2013 2 Load Balancing Microsoft Lync 2013 Deploying a Microsoft Lync environment can require multiple servers in Front-End pools and Edge server pools. Load balancing is necessary in this situation to distribute the traffic amongst these servers. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 7

2 Load Balancing Microsoft Lync 2013 Microsoft Lync Server 2013 supports two load balancing solutions: DNS load balancing and Hardware Load Balancing (HLB). Hardware load balancers are also required to provide load balancing for the internal and external web services when DNS load balancing is used. Different load balancing methods cannot be used on the Edge internal and Edge external interfaces, for example, DNS load balancing cannot be used on the Edge internal interface when hardware load balancing is being used on the Edge external interface. Health checking at the LoadMaster ensures that, if one of the servers becomes inaccessible, the load balancer will take the sever offline and automatically re-route and reconnect users to other functioning servers. KEMP Technology recommend the configuration as depicted in the above diagram. If your configuration differs from the recommended configuration and there are issues deploying the LoadMaster, please contact the local KEMP Support Team for assistance. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 8

3 General Configuration 3 General Configuration Some recommended general LoadMaster configuration settings are outlined below. These options can be set within the LoadMaster WUI. 3.1 Disable SNAT Globally By default, global Server Network Address Translation (SNAT) is enabled in the LoadMaster settings. KEMP recommends disabling SNAT globally when using the LoadMaster with a Lync 2013 environment. To disable SNAT globally, follow the steps below: 1. In the main menu, select System Configuration. 2. Select Miscellaneous Options. 3. Select Network Options. 4. Remove the check from the Enable Server NAT check box. 3.2 Subnet Originating Requests When the LoadMaster is deployed in a two-armed configuration, KEMP recommends enabling Subnet Originating Requests. When this option is enabled, the LoadMaster will use its local IP address, instead of the IP address of the Virtual Service, when communicating to the Real Servers. Subnet Originating Requests can be enabled on a per-virtual Service or a global basis. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 9

3 General Configuration It is recommended that the Subnet Originating Requests option is enabled on a per-virtual Service basis. To enable Subnet Originating Requests globally, follow the steps below: 1. In the main menu of the LoadMaster WUI, select System Configuration > Miscellaneous Options > Network Options. 2. Select the Subnet Originating Requests check box. 3.3 Change Drop Connections Settings The LoadMaster must be configured to drop connections on Real Server Failure to have fast failover for clients to another Real Server. 1. To configure dropping connections, click System Configuration. 2. Click Miscellaneous Options. 3. Click L7 Configuration. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 10

3 General Configuration 4. Select the Drop Connections on RS failure checkbox. 3.4 Increase the Connection Timeout The Loadmaster Connection Timeout must be set to one day. The reason why this value can be set so high is because the LoadMaster monitors client connection to Real Servers and if a server fails then the LoadMaster can drop the associated client connections to that real server. Clients are disconnected from the LoadMaster and then reconnected to the LoadMaster to connect to another Real Server. One day is the maximum value for this setting and it must be used in conjunction with the Drop Connections on RS failure option. 1. To configure the Connection Timeout, click System Configuration. 2. Click Miscellaneous Options. 3. Click L7 Configuration. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 11

3 General Configuration 4. Enter 86400 (1 day) in the L7 Connection Drain Time (secs) field and click Set Time. 3.5 Connection Scaling For Large Scale Deployments Execution of this procedure is optional and should be used only in cases where network traffic is expected to be greater than 64,000 server connections at any one particular time. L7 Transparency must be disabled in order to use connection scaling. 1. To use connection scaling, click System Configuration. 2. Click Miscellaneous Options. 3. Click L7 Configuration. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 12

3 General Configuration 4. Select the Allow connection scaling over 64K Connections checkbox. 5. Click Virtual Services. 6. Click View/Modify Services. 7. Click the Modify button of the appropriate Virtual IP Address. 8. Expand the Advanced Properties section. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 13

3 General Configuration 9. In the Advanced Properties panel, input a list of Alternate Source Addresses. Multiple IPV4 addresses must be separated with a space; each must be unallocated and allow 64K connections. 10. Click the Set Alternate Source Addresses button. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 14

4 Template 4 Template KEMP has developed a template containing our recommended settings for this workload. You can install this template to help when creating Virtual Services, as it automatically populates the settings. This is quicker and easier than manually configuring each Virtual Service. If needed, changes can be made to any of the Virtual Service settings after using the template. Download released templates from the Templates section on the KEMP documentation page: http://kemptechnologies.com/documentation. For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description on the KEMP Documentation Page. For steps on how to manually add and configure each of the Virtual Services using the recommended settings, refer to the steps in this document. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 15

This deployment guide covers three types of Virtual Service; DNS Only, HLB only and those that are common to both types of environment. The below sections provide instructions and recommended configuration options for setting up a KEMP LoadMaster to work with Lync 2013 using these configuration options. For an explanation of each of the fields mentioned, refer to the Web User Interface (WUI), Configuration Guide. 5.1 DNS Only Configuration Refer to the sections below for instructions on how to set up the LoadMaster using a DNS only configuration. Microsoft recommends that DNS load balancing is used for Session Initiation Protocol (SIP) traffic. Microsoft also recommend that web services are configured to override FQDN for internal web services. Source-IP Persistence Source IP persistence can be used but take care before enabling it because: Clients from behind an NAT device show up as a single IP It can result in uneven connection distribution Cookies If cookies are used, there is no negative impact. However, there are some requirements: The cookie must be named MS-WSMAN It must not expire It must not be marked httponly Cookie optimization should be turned off To configure the various Front-End Virtual Services, refer to the sections below. 5.1.1 Lync Internal WebSvc HTTPS Virtual Service To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTPS. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 16

5. Ensure that TCP is set as the Protocol. Standard Options Force L4 Disabled Extra Ports 4443 Click Set Extra Ports. Transparency Disabled Source IP Address Checked Port 5061 Click Set Check Port. 5.1.2 Lync Director 2013 DNS Virtual Service To configure a Virtual Service for Lync Director, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Director. 5. Ensure that TCP is set as the Protocol. Standard Options Extra Ports 444,4443 Click Set Extra Ports. Transparency Disabled Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 17

Source IP Address Checked Port 5061 Click Set Check Port. 5.1.3 Lync Internal WebSvc HTTP Virtual Service To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below: 3. Enter 80 in the Port field. 4. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTP. 5. Ensure that tcp is set as the Protocol. Standard Options Extra Ports 8080 Click Set Extra Ports. Source IP Address Checked Port 5061 Click Set Check Port. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 18

5.2 HLB Only Configuration The HLB only configuration instructions are below. 5.2.1 Lync Director 2013 HLB Virtual Service To configure a Virtual Service for Lync Director, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Director. 5. Ensure that TCP is set as the Protocol. Standard Options Extra Ports 444,4443 Click Set Extra Ports. Transparency Disabled Source IP Address Checked Port 5061 Click Set Check Port. 5.2.2 Lync Internal Director SIP Virtual Service To configure a Virtual Service for Lync Internal Director SIP, follow the steps below: 3. Enter 5061 in the Port field. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 19

4. Enter a recognisable Service Name, for example Lync Internal Director SIP. 5. Ensure that tcp is set as the Protocol. Basic Properties Service Type Generic Standard Options Force L4 Disabled Transparency Server Initiating Protocols Disabled Normal Protocols Source IP Address Checked Port 5061 Click Set Check Port. 5.2.3 Lync Mediation Virtual Service DNS-only load balancing is sufficient for Mediation pools. If using the LoadMaster instead of DNS, load balance only TCP port 5070. To configure a Virtual Service for Lync Mediation, follow the steps below: 3. Enter 5070 in the Port field. 4. Enter a recognisable Service Name, for example Lync Mediation. 5. Ensure that TCP is set as the Protocol. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 20

Basic Properties Service Type Generic Standard Options Force L4 Disabled Transparency Server Initiating Protocols Disabled Normal Protocols Source IP Address Checked Port 5070 Click Set Check Port. 5.2.4 Lync Edge Internal AV Media TCP Virtual Service This is the failback path for A/V media transfer. It is used for file transfer and desktop sharing. To configure a Virtual Service for Lync Edge Internal AV Media TCP, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge Internal AV Media TCP. 5. Ensure that TCP is set as the Protocol. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 21

Basic Properties Service Type Generic Standard Options Force L4 Disabled Transparency Server Initiating Protocols Disabled Normal Protocols Source IP Address Checked Port 5061 Click Set Check Port. 5.2.5 Lync Edge Internal AV Media UDP Virtual Service This is the preferred path for A/V media transfer. To configure a Virtual Service for Lync Edge Internal AV Media UDP, follow the steps below: 3. Enter 3478 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge Internal AV Media UDP. 5. Select udp as the Protocol. Section Option Value Real Servers Real Server Check Parameters ICMP Ping Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 22

5.2.6 Lync Edge Internal SIP Virtual Service This is used by Directors and FE Pools. To configure a Virtual Service for Lync Edge Internal SIP, follow the steps below: 3. Enter 5061 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge Internal SIP. 5. Ensure that tcp is set as the Protocol. Basic Properties Service Type Generic Standard Options Extra Ports 5062 Click Set Extra Ports. Port 5062 is used by any FE pool and SBA. Server Initiating Protocols Normal Protocols Source IP Address Checked Port 5061 Click Set Check Port. 5.2.7 Lync Internal WebSvc HTTP Virtual Service To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below: Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 23

3. Enter 80 in the Port field. 4. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTP. 5. Ensure that tcp is set as the Protocol. Standard Options Extra Ports 8080 Click Set Extra Ports. Source IP Address Checked Port 5061 Click Set Check Port. 5.2.8 Lync Internal Front-End DCOM Virtual Service To configure a Virtual Service for Lync Internal WebSvc HTTP, follow the steps below: 3. Enter 135 in the Port field. 4. Enter a recognisable Service Name, for example Lync Internal Front-End DCOM. 5. Ensure that tcp is set as the Protocol. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 24

Standard Options Transparency Disabled Server Initiating Protocols Normal Protocols Source IP Address Checked Port 5061 Click Set Check Port. 5.2.9 Lync Internal WebSvc HTTPS Virtual Service To configure a Virtual Service for Lync Internal WebSvc HTTPS HLB Only, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Internal WebSvc HTTPS HLB Only. 5. Ensure that tcp is set as the Protocol. Standard Options Force L4 Enabled Extra Ports 4443 Click Set Extra Ports. Transparency Disabled Source IP Address Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 25

Checked Port 5061 Click Set Check Port. 5.2.10 Lync Internal Front-End SIP Virtual Service To configure a Virtual Service for Lync Internal Front-End SIP, follow the steps below: 3. Enter 5061 in the Port field. 4. Enter a recognisable Service Name, for example Lync Internal Front-End SIP. 5. Ensure that tcp is set as the Protocol. Basic Properties Service Type Generic Standard Options Force L4 Disabled Extra Ports Transparency Server Initiating Protocols 448,5070-5073,5075,5076,5080 Disabled Normal Protocols Source IP Address Click Set Extra Ports. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 26

5.2.11 Configure Edge Virtual Services Checked Port 5061 Click Set Check Port. To configure the various Edge Virtual Services, refer to the sections below. When load balancing external interfaces of Edge pools, the shared interface IP should be used as the default gateway on all Edge interfaces. Also, a publicly routable IP with no NAT or port translation must be used. 5.2.11.1 Lync Edge External AV Media UDP Virtual Service To configure a Virtual Service for Lync Edge External AV Media UDP, follow the steps below: 3. Enter 3478 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge External AV Media UDP. 5. Select udp as the Protocol. Section Option Value Standard Options Source IP Address Real Servers Real Server Check Parameters ICMP Ping 5.2.11.2 Lync Edge External SIP Virtual Service To configure a Virtual Service for Lync Edge External SIP, follow the steps below: Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 27

3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge External SIP. 5. Ensure that tcp is set as the Protocol. Standard Options Force L4 Disabled Transparency Disabled Source IP Address Checked Port 5061 Click Set Check Port. 5.2.11.3 Lync Edge External SIP Federation Virtual Service To configure a Virtual Service for Lync Edge External SIP Federation, follow the steps below: 3. Enter 5061 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge External SIP Federation. 5. Ensure that tcp is set as the Protocol. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 28

Standard Options Force L4 Disabled Transparency Disabled Source IP Address Checked Port 5061 Click Set Check Port. 5.2.11.4 Lync Edge External XMPP Virtual Service To configure a Virtual Service for Lync Edge External XMPP, follow the steps below: 3. Enter 5269 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge External XMPP. 5. Ensure that tcp is set as the Protocol. Standard Options Force L4 Disabled Transparency Disabled Source IP Address Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 29

Checked Port 5061 Click Set Check Port. 5.2.11.5 Lync Edge External Conferencing Virtual Service To configure a Virtual Service for Lync Edge External Conferencing, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Edge External Conferencing. 5. Ensure that tcp is set as the Protocol. Standard Options Force L4 Disabled Transparency Disabled Source IP Address Advanced Properties Redirection URL https://%h%s Click Add HTTP Redirector. Checked Port 443 Click Set Check Port. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 30

5.2.11.6 Lync Edge External AV Media TCP Virtual Service To configure a Virtual Service for Lync Edge External AV, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognizable Service Name, for example Lync Edge External AV Media TCP. 5. Ensure that tcp is set as the Protocol. Standard Options Force L4 Disabled Transparency Enabled Source IP Address Checked Port 443 Click Set Check Port. 5.3 Common to Both The Virtual Services listed below are common to both DNS and HLB configurations. 5.3.1 Lync Office Web App Servers Virtual Service To configure a Virtual Service for Office Web App Servers, follow the steps below: Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 31

3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Office Web App Servers. 5. Ensure that TCP is set as the Protocol. SSL Properties SSL Acceleration Enabled Standard Options Reencrypt Enabled Super HTTP and Source IP 30 Minutes Advanced Properties Redirection URL https://%h%s Click Add HTTP Redirector. Real Servers Real Server Check Parameters HTTPS Protocol URL /hosting/discovery Click Set URL. Use HTTP/1.1 HTTP Method Enabled GET 5.3.2 Lync Director Reverse Proxy HTTP Virtual Service To configure a Virtual Service for Lync Reverse Proxy HTTP, follow the steps below: 3. Enter 80 in the Port field. 4. Enter a recognisable Service Name, for example Lync Director Reverse Proxy HTTP. 5. Ensure that TCP is set as the Protocol. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 32

Standard Options Force L4 Disabled Transparency Disabled Source IP Address 8. Add the Real Servers: 9. Checked Port 5061 Click Set Check Port. a) Expand the Real Servers section. b) Click Add New. c) Type the address of the Real Server. d) Type 8080 as the Port. Ensure to not use 80 as the Real Server Port. e) Click Add This Real Server. f) Repeat the steps above to add more Real Servers as needed, based on the environment. 5.3.3 Lync Director Reverse Proxy HTTPS Virtual Service To configure a Virtual Service for Lync Reverse Proxy HTTPS, follow the steps below: 3. Enter 443 in the Port field. 4. Enter a recognisable Service Name, for example Lync Director Reverse Proxy HTTPS. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 33

5. Ensure that TCP is set as the Protocol. SSL Properties SSL Acceleration Enabled Reencrypt Enabled Standard Options Source IP Address 8. Add the Real Servers: Checked Port 5061 Click Set Check Port. a) Expand the Real Servers section. b) Click Add New. c) Type the address of the Real Server for the Director(s). d) Type 4443 as the Port. Ensure to not use 443 as the Real Server Port. e) Click Add This Real Server. f) Repeat the steps above to add more Real Servers as needed, based on the environment. 5.3.4 Lync Front End Reverse Proxy HTTP Virtual Service To configure a Virtual Service for Lync Reverse Proxy HTTP, follow the steps below: 3. Enter 80 in the Port field. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 34

4. Enter a recognisable Service Name, for example Lync Front End Reverse Proxy HTTP. 5. Ensure that TCP is set as the Protocol. Standard Options Force L4 Disabled Transparency Disabled Source IP Address 8. Add the Real Servers: Checked Port 5061 Click Set Check Port. a) Expand the Real Servers section. b) Click Add New. c) Type the address of the Real Server. d) Type 8080 as the Port. Please do not use 80 as the Real Server Port. e) Click Add This Real Server. f) Repeat the steps above to add more Real Servers as needed, based on the environment. 5.3.5 Lync Front End Reverse Proxy HTTPS Virtual Service To configure a Virtual Service for Lync Reverse Proxy HTTPS, follow the steps below: 3. Enter 443 in the Port field. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 35

4. Enter a recognisable Service Name, for example Lync Front End Reverse Proxy HTTPS. 5. Ensure that TCP is set as the Protocol. SSL Properties SSL Acceleration Enabled Reencrypt Enabled Standard Options Source IP Address 8. Add the Real Servers: Checked Port 5061 Click Set Check Port. a) Expand the Real Servers section. b) Click Add New. c) Type the address of the Real Server. d) Type 4443 as the Port. Do not use 443 as the Real Server Port. e) Click Add This Real Server. f) Repeat the steps above to add more Real Servers as needed, based on the environment. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 36

6 Additional Information 6 Additional Information Some additional information that may be of use is contained within the sections below. 6.1 Server Maintenance When blocking traffic to a server during maintenance, removing the server IP entry from the pool Fully Qualified Domain Name (FQDN) is not sufficient. The server entry must be removed from the DNS. As the server to server traffic is topology-aware, in order to block server to server traffic the server must be removed from the DNS topology. 6.2 Loss of Failover while using DNS Loss of failover when load balancing Edge pools using DNS is possible in the following scenarios: Federation with organizations running OCS versions older than Lync 2010 PIM connectivity with Skype, Windows Live, AOL, Yahoo! and XMPP partners UM Play on Phone functionality Transferring calls from UM Auto Attendant 6.3 Hardware Load Balancing If hardware load balancing is being used, a list of the ports that must be open can be found here: http://technet.microsoft.com/en-us/library/gg398833.aspx Hardware load balancing Edge servers requires N+1 Public IP addresses. Refer to the two links below for further information on hardware load balancing: http://technet.microsoft.com/en-us/library/gg398739.aspx http://technet.microsoft.com/en-us/library/gg398478.aspx Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 37

7 References 7 References The following sources are referred to in this document: KEMP Technologies website www.kemptechnologies.com KEMP Technologies Documentation page http://kemptechnologies.com/loadmaster-documentation. MS Lync 2013 Single Pair Addendum, Deployment Guidehttp://www.kemptechnologies.com/documentation Web User Interface (WUI), Configuration Guide http://www.kemptechnologies.com/documentation Virtual Services and Templates, Feature Description http://www.kemptechnologies.com/documentation Ports and Protocols for Internal Servers 1. http://technet.microsoft.com/en-us/library/gg398833.aspx Port Summary - Scaled Consolidated Edge with Hardware Load Balancers 2. http://technet.microsoft.com/en-us/library/gg398739.aspx Scaled Consolidated Edge with Hardware Load Balancers 3. http://technet.microsoft.com/en-us/library/gg398478.aspx Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 38

Last Updated Date Last Updated Date This document was last updated on 11 January 2018. Copyright 2002-2018 KEMP Technologies, Inc. All Rights Reserved. 39

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback