we have been having the same issue - searching still does not reveal a suitable resolution for either the MAG or Lync.. We found that using the MAG to forward to port 4443 just would not work, would not sign in - all other aspects of Lync functions (Dialin & Meeting, etc worked OK) just wouldn't sign into Mobility. We ended up forwarding the traffic through the MAG on the same port (443) and using the firewall (DMZ-Trust) & PAT to 4443 on the firewall policy. This enabled us to keep the Lync install standard without modifying IIS ports, all other supporting configurations (F5 iApp) are also kept as standard.
... View more