Saturday, May 24, 2014

Using IIS ARR as a Reverse Proxy for Lync Server 2013

There are several nice guides available on how to configure IIS ARR as a Reverse Proxy for Lync.

For example:
Using ARR for Reverse Proxy with Lync 2013
Using IIS ARR as a Reverse Proxy for Lync Server 2013
Installing and configuring IIS ARR Reverse Proxy
Using IIS Application Request Routing (ARR) as a TMG Replacement

All these guides will take you through the steps of installing ARR, creating a server farm and configuring caching, proxy, and routing rules for the farm.

When adding a server to the server farm you need to specify on which ports the reverse proxy should pass on the traffic to the internal side. In Lync we have internal webservices, to be used by internal clients using ports 80 and 443, and we also have external webservices (i.e. an IIS Web site) using ports 8080 and 4443. Hence, you should set these ports to 8080 and 4443, and also make sure your internal firewall allows this communication.

Now once this server is added there is actually nowhere in the IIS ARR user interface where you can go back and validate these port settings. So if you need to double-check what port numbers you used, you will actually have to open up the applicationHost.config file, found in C:\Windows\System32\inetsrv\config. At the end of this file you will find the <webfarms> settings and check what ports were configured.