10-17-2016 10:55 AM
I'm struggling to replace an old TMG with a SteelApp (Stingray Traffic Manager Virtual Appliance 2000 M 9.6r1).
The brocade always replies like if the client belongs to the inside network whereas all my clients are reaching the brocade (and so the Lync director Pool) from the external (Internet) network.
i.e.: the content of "/WebTicket" or "owa/hosting/directory" always is with internal DNS rather than external ones (**filtered**.group instead of **filtered**.com)
I followed the guide so I create a VIP (aka VIP_Lync) connected to a VS (aka VS-lync.services) that forward traffic to 3 differents Pool (POOL-lync.frcogdialin.**filtered**.com; POOL-lync.frcogmeet.**filtered**.com; POOL-lync.frprgcogdirp01.**filtered**.com)
The VS has a rule definition (see below), the SSL decryption and an extended timeout to 1200s. No other specific settings (all defaults).
The rule is basic redirection to the Pool like below:
$hostname = http.getHostHeader();
$url = http.getRawURL();
and the pools SSL encryption.
The director Pool (aka POOL-lync.frprgcogdirp01.**filtered**.com = 10.1.1.227:4443) has:
So when i try to connect to "https://frprgcogdirp01.**filtered**.com/WebTicket/WebTicketService.svc" from the Internet, I always receive the following answer:
You have created a service.
To test this service, you will need to create a client and use it to call the service. You can do this using the svcutil.exe tool from the command line with the following syntax:
where frprgcogwld01.**filtered**.group is the internal name for the director. It has no meaning for my computer that use the ISP DNS...
I'm probably missing something that makes the brocade requesting the Lync director from the internal rather than the external.
The DNS configuration on the brocade point to internal DNS servers
Below the IP I receive If I try to ping from the brocade the following entry:
Any comment, suggestion is more than welcome!
10-25-2016 08:25 AM
From your description above, it seems that you want to access Lync Web Service external however you are getting internal Lync web service IP.
Possible reason is /Autodiscover/AutodiscoverService.svc/root misconfig.
You must not get internal Lync web service IP when you access from external.
I assume that you have following config, if not then match the same.
1. In the Lync topology you defined internal and external web services FQDNs.
2. external Lync web service pointed to vADC external VIP (reverse proxy) and forwarding to director pool / FE Pool.
3. Internal Lync Web service pointed to internal vADC VIP (reverse proxy) which is forwarding taffic to Director Pool.
4. Your simple URL and Lyncdiscover both resolve your external VIP.
5. make sure your port bridging rule forwarding (on VIP) 443 -> 4443 and 80 -> 8080.
Can you share VIP config and Lync client log to better understanding of issue.