when intranet user creates online meeting, the external user can access it via url
https://meet.domain.com/user.name/meeting-code-random (send by email to external user)
this Url should be accessible via reverse proxy and ideally without login prompt.
So what is the equivalent of Microsoft's "Forward the original host header instead of the actual one" in "authorisation only" config - ref as example here http://waveformation.com/2011/02/21/lync-host-header-forwarding/
Would be nice to have screens or description of a working Juniper config of Lync.
Ah; ok, thank you for the information.
I believe that is "host header forwarding" and there is no option to do that with the authorization only URL. You may be able to configure an anonymous server realm with passthrough proxy that does that?
Sorry, I can't help with the working config information; I do not have access to a server to do testing with.
I have this set up and working. I will recreate on my lab box so I can upload some pictures. The one caveat is that there has to be internal DNS entries that match what the external users are actually hitting.
I created this example on my lab box using meet.example.com.
That should be it.
OK. You probably had a Web Resource policy that already permitted that traffic. We have specific web resources defined so a new one was needed.
I have setup my Juniper device the same way you have it and have been unsuccessful in getting this to work.
Is your configuration still working? Also, I'm confused into why you have the backend URL set to https://meet.domain.com:4443, however in your web profile configuration you have the web access control pointing to the standard 443 port. I have tried the configuraion both ways, however am unsuccessful in getting this to work this way.
With the help of support, we were able to get it to proxy through on the same port (443), however have been unsuccessful in getting traffic over to the external site on port 4443. What version of SW are you running on your juniper device? Thanks