IT tutorials
 
Technology
 

Deploying Microsoft Lync Server 2013 Mobility (part 3) - Network and Security Considerations for Mobility, Steps to Enable Mobility

4/11/2014 2:44:36 AM
- Free product key for windows 10
- Free Product Key for Microsoft office 365
- Malwarebytes Premium 3.7.1 Serial Keys (LifeTime) 2019

4. Network and Security Considerations for Mobility

Given the requirements to direct all mobile users to the external web services through a reverse proxy, even for internal clients, a unique hairpin situation is created. In some environments, hair pinning is not allowed. This scenario can arise when the internal traffic is egressing an interface and attempting to immediately ingress on the same interface.

This functionality must be allowed for the Mobility Services to work. A potential workaround for this issue is to deploy the reverse proxy solution separately from the firewall (that is, do not allow RP traffic to traverse the corporate firewall to prevent issues with hair-pinning). In that configuration, the traffic will egress the reverse proxy interface, and then ingress the reverse proxy interface. In the event that the traffic must still pass through the external firewall, it is important to work with the firewall administrators to provide an exception to the hairpin rule for this traffic.

Firewall Rules Required for Lync Mobile

Lync mobile clients connect through the external web services connection, which should be published on port 443 TCP. This requirement should be fairly standard and should be implemented with all Lync deployments involving external users. Apple iOS devices that are connected to the internal infrastructure will require a unique firewall rule for push notification connectivity. When an Apple iOS device attempts to connect to the Apple Push Notification Service, the device initiates an outbound connection on port 5223 TCP. It is important to ensure that this connectivity is allowed outbound from the corporate network for these devices to functional properly.

5. Steps to Enable Mobility

Deploying Mobility Services in Lync Server 2013 is relatively simple. Following the guidance in previous sections, follow the high-level steps that follow to enable Mobility in a Lync Server 2013 environment.

DNS Configuration for the LyncDiscover Service

DNS records will be required for the LyncDiscover service for both internal and external users.

Create an internal DNS A record for LyncDiscoverinternal.<sipdomain> that points to the internal web services IP address or VIP of the Hardware Load Balancer.

Create an external DNS A record for LyncDiscover.<sipdomain> that points to the external reverse proxy interface for the external web services.

Configurations for Proper Certificate Configuration

If LyncDiscover services are being deployed over HTTPS, a SAN must be created on all web service certificates for the appropriate LyncDiscover URLs.

Configurations for Push Notifications

After the federation connection has been established, use the Set-CSPushNotificationConfiguration cmdlet to enable this functionality. An example is provided here:

Set-CsPushNotificationConfiguration -EnableApplePushNotificationService $True -EnableMicrosoftPushNotificationService $True

To test the push notification configuration, use the cmdlet Test-CSMCXPushNotification. An example is provided here:

Test-CSMCXPushNotification -AccessEdgeFQDN InternalEdgeName.Companyabc.com

 
Others
 
- Deploying Microsoft Lync Server 2013 Mobility (part 2) - Federation Requirements for Push Notifications , Reverse Proxy and Hardware Load Balancer Considerations for Mobility
- Deploying Microsoft Lync Server 2013 Mobility (part 1) - Certificate and DNS Requirements
- Sharepoint 2010 : Export the Contents of a List to Microsoft Excel
- Sharepoint 2010 : Use Alerts (part 2) - Create an Alert - Create an Alert on a Library or List
- Sharepoint 2010 : Use Alerts (part 1) - Create an Alert - Create an Alert on a File or List Item
- Sharepoint 2010 : Switch List Views in Lists and Libraries (part 2) - Switch to the Quick Edit View
- Sharepoint 2010 : Switch List Views in Lists and Libraries (part 1)
- Sharepoint 2010 : Change Sorting and Filtering of a List or Library
- Windows Server 2012 : Performance Monitoring (part 12) - Server Manager - Performance Alerts, BPA Results
- Windows Server 2012 : Performance Monitoring (part 11) - Server Manager - Manageability Alerts,Services Alerts
 
 
Top 10
 
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 2) - Wireframes,Legends
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Finding containers and lists in Visio (part 1) - Swimlanes
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Formatting and sizing lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Adding shapes to lists
- Microsoft Visio 2013 : Adding Structure to Your Diagrams - Sizing containers
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 3) - The Other Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 2) - The Data Properties of a Control
- Microsoft Access 2010 : Control Properties and Why to Use Them (part 1) - The Format Properties of a Control
- Microsoft Access 2010 : Form Properties and Why Should You Use Them - Working with the Properties Window
- Microsoft Visio 2013 : Using the Organization Chart Wizard with new data
Technology FAQ
- How do I change the letter of a mapped drive?
- bulk collect - amount of return
- Need a driver for sm bus controller on Dell d620
- Where can I find a service manual for a Gateway MD2414u Laptop?
- How to stablish a proper setup in MS Outlook 2003 encrypting mails
- Initialization failed for opening on premisis exchange server
- Firebird AutoID VB.net code
- HOW TO: remove the Anonymous User from the Everyone Group....
- Multi Homed Windows 2008 Server
- OCS 2007 R2 and Cisco call manager
programming4us programming4us