At this point, the prerequisites should have been fulfilled and we can continue with the Reverse Proxy setup. This setup is similar to the setup for the Lync Internal Web Services.

To configure the Virtual Service, follow the steps below:

  1. Enter a valid Virtual Address. In our example, this is the NATed IP listener in the DMZ: 10.154.11.5.
  2. Enter 443 (HTTPS) as the Port.
  3. Enter a recognizable Service Name, such as ESPforLYNC.
  4. Click Add this Virtual Service.
  5. Expand the SSL Properties section.

  6. Select Enabled.
  7. Click OK.
  8. Select Reencrypt.
  9. Select the relevant certificate in the Available Certificates box.
  10. Click the right arrow to move the certificate to the Assigned Certificates box.
  11. Click Set Certificates.
  12. Expand the Standard Options section.

  13. Set the Persistence Options as needed.
    Note: In Lync 2013, cookie persistence is now optional. If you choose to use cookie persistence, set the parameters as follows: - Mode: Active Cookie - Cookie name: MS-WSMANAlternatively, Source IP Address persistence can be used.
  14. Set the Timeout to 20 Minutes.
  15. Set the Scheduling Method to least connection.
  16. Enter 1800 in the Idle Connection Timeout text box and click Set Idle Timeout.
  17. Expand the ESP Options section.

  18. Select Enable.
    Note: The ESP options are what makes the LoadMaster act as a Reverse Proxy.
  19. Ensure that each of the ESP Logging options are selected.
    Note: As this acts as a security layer in-between, we recommend enabling all logging options for analysis.
  20. Do not select an SSO Domain.
    Note: An SSO domain should not be set because Lync does not support pre-authentication.
  21. Enter the Allowed Virtual Hosts:
    • WS-EXT.MYCLOUD.AG
    • MEET.MYCLOUD.AG
    • DIALIN.MYCLOUD.AG
    • SCHEDULER.MYCLOUD.AG
    • LYNCDISCOVER.MYCLOUD.AG
  22. Click Set Allowed Virtual Hosts.
  23. Enter /* in the Allowed Virtual Directories text box.
  24. Click Set Allowed Directories.
  25. Expand the Real Servers section.

    Note: The LoadMaster requires information on what it can check to see if the defined server/service is up and running. You can either copy your own HTML file on the external web service (IIS) or you can use a Lync defined path, for example /abs/handler.
  26. Enter 443 in the Checked Port text box.
  27. Click Set Check Port.
  28. Enter /healthcheck.html in the URL text box and click Set URL.
  29. Click Add New.

  30. Enter the Real Server Address.
  31. Enter 4443 as the Port.
    Note: The Reverse Proxy needs to address the correct internal IIS web page on the assigned port 4443. This should be set the same for each Real Server.
  32. Click OK.

  33. Add the second Real Server.
  34. Click Back.
    Note: The Real Server details will be displayed at the bottom of the Virtual Service modify screen.

  35. Click the View/Modify Services link in the main menu.

The Virtual Services will be displayed. The Status should be Up.