Solved: Re: SA / MAG 7.1R5 Lync Reverse Proxy Support - Page 3

KennyLamb_ · ‎01-07-2013

we have been having the same issue - searching still does not reveal a suitable resolution for either the MAG or Lync..

We found that using the MAG to forward to port 4443 just would not work, would not sign in - all other aspects of Lync functions (Dialin & Meeting, etc worked OK) just wouldn't sign into Mobility. We ended up forwarding the traffic through the MAG on the same port (443) and using the firewall (DMZ-Trust) & PAT to 4443 on the firewall policy.

This enabled us to keep the Lync install standard without modifying IIS ports, all other supporting configurations (F5 iApp) are also kept as standard.

zanyterp_ · ‎01-08-2013

Yes, you are correct that the MAG will not be able to accept 4443.

Do you mean that you are not handling the Lync traffic through the MAG or that the firewall is translating the 4443 traffic to the MAG to handle on 443?

KennyLamb_ · ‎01-09-2013

we found that the MAG handled accepted the 443 and converted to 4443 (to the backend URL) without issue for most Lync requirements (Dialin & Meeting). The only issue was supporting the sign in for the Lync client.

All Lync based traffic still goes through the MAG but only 443 - we are translating the 443 to 4443 after leaving the MAG, traversing the firewall before being presented to our load balancers then onto Lync.

zanyterp_ · ‎01-10-2013

Very cool; thank you