I think we'll wrap up the setup/config of the Lync 2010 Reverse Proxy today.
We started in Part 1 with Installation & some initial Setup
Then, in Part 2 we continued setup and got to the TMG Control Panel
Today we'll pick up (and finish) with the Web Publishing & Web Listener configuration.
Firewall Policy -> New -> Web Site Publishing Rule
Give your rule a useful name. Click Next.
We are creating an "Allow" Publishing Rule. Click Next.
We are choosing the top option. Click Next.
This is the destination - in our case, the Consolidated Front End. Next.
We want all traffic involved. Click Next.
The Public Name is the "External Web Services" entry from our topology. Click Next.
Now we create a new Web Listener. Click New.
Give your Web Listener a useful name. Click Next.
We're requiring SSL here. Click Next.
Where does the Web Listener - "listen" - on? This is a single NIC - so - the Internal Network is the choice here. Check that and click "Select IP Addresses" option.
We only have one IP on our one NIC. Choose that and click move it to the Selected IP Addresses part of this screen. Click OK.
So, this is a good place to remind you of something. You need to import the Public SSL certificate to your Reverse Proxy. I should have probably said something earlier. You've already exported and imported SSL certificates through our Lync process - so - go get the SSL certificate that's from a Public CA - this is the same SSL you assigned to the "External Web Services" option on your Front End box. Choose that certificate here - sip.mirazon.com is ours. Click Select.
Assign that SSL to the right IP Address. Click Next.
No authentication necessary here. This is done on the Front End External IIS instance. Click Next.
Web Listener configured. Click Finish.
Now that the Web Listener is done, we can continue with our Web Publishing Rule setup. Click Next.
Choose appropriate option. Click Next.
All Users. Click Next.
Verify & Finish. Now, Apply settings as you've already learned.
Almost done. We need to finish the final setup of the Web Access Policy. Click Properties on the rle we just created.
Double Check the "To" Tab.
Now on the Listener Tab, Click Properties.
Double Check the Connections Tab. Click OK.
Back to the Bridging Tab. Make sure we redirect to 8080/4443 as appropriate. These ports were the ports chosen in your Topology for the External Web Services.
Finally, go to the Public Name Tab. We want to Add more websites here for this Lync Rule.
Add our Simple URLs - meet and dialin - and now you're done. Click OK until you're back at the TMG Control Panel.
Apply your new settings. And once the new settings are committed to TMG 2010, we're ready to completely test. You did it! You've now setup your TMG 2010 Reverse Proxy for all of the associated/appropriate External Web Access needs for Lync 2010.