Now everything has been done, it’s time to perform last step. Once certification assignment is done, open Lync control panel in Lync FE server and go to Federation and External access.Ĭhange External access policy as shown below.Ĭhange Access Edge configuration policy as shown below. Now, It’s time to assign certificate to Edge services. Import generated certificates into Personal store.įollow same step to import Edge Public cert also. Import root CA onto Trusted Root Certification Authority. Once you have generated the certificates open mmc and add certificates (Local Computer) via add/remove snap-in to import the generated certificates. As we are doing this setup in our lab, so we will use our internal AD CA. Once you have generated certificate request, can send these request to your certification authority to generate the certificates for you. (Note: If you want to use same public certificate for Reverse proxy also, add additional SAN’s for reverse proxy:, ,, ) Now, it’s time to request and assign certificates.įollow the steps to request the Edge Internal Certificate. Now, Run “Setup or Remove Lync Server Components”.
Login to the Edge Server with administrative privilege and run Microsoft Lync Server 2013 setup and follow the steps.Īfter installing Lync 2013 core components, open Lync server 2013 deployment wizard.Ĭlick on “Install or Update Lync Server System”.īrowse Edge configuration file which you had exported in Lync FE server.Ĭross verify the installation through log file. Open Lync management shell with administrative privilege on Lync FE server and export the configuration. Next hop server will be your Lync pool if you don’t have director otherwise next hop will be your director pool. That’s why I am taking a different IP address.)ĭefine the next hop server. (In my case, the deployment has been done in LAB and don’t have public IP address. Please specify the Public IP address which will be NAT to the A/V edge service. Now specify the external IP address for all services. Specify the IP address for Edge server internal NIC. (Note: If you have selected “Use a Single FQDN and IP address” then you will have to use different port numbers for all three FQDNs). Specify external FQDN and associated port numbers. Select IP versions and NAT option according to your requirement. Select appropriate features as per your requirements. Right click on Edge Pool and select New Edge Pool. Open Lync Server Topology Builder on Lync Front-End / Standard Edition Server. Now add the persistent route for internal traffic. Now run route print and note the Interface List ID of the internal NIC. Run “ipconfig /all” and note down the physical address and Ethernet adapter description of internal NIC. Open command prompt with administrative rights on Edge Server. So, we will have to route traffic from 172.25.33.10 to internal network via 172.25.33.100. IP address on internal firewall is 172.25.33.100 which will act as a gateway for communication between perimeter network and internal network, IP address on External firewall is 10.1.1.100.Īs internal NIC of Edge server is behind internal firewall and don’t have gateway in internal network address. I am using .x/16 IP addressing for Internal Network, 172.25.x.x/16 IP addressing for Perimeter Network and 10.x.x.x/8 IP addressing for External Network. Let’s start the preparation for deploying standalone Edge server role. Edge server deployment provides external access to different communication modalities IM & Presence, Web Conferencing and Audio/Video Conferencing.Įdge server deployment is not as simple as other Lync server roles and requires attentive preparation before jump into the installation.
It provides connectivity to Remote, PIC, Mobile, Federated and Anonymous users. Lync server 2013 Edge server role take care of external connectivity of Lync users.
Lync server consists of multiple roles and Edge server role is one of them.