Lync Edge and TMG server firewall requirements

​Installing a Lync server for a customer, and along with it a new TMG server as Reverse Proxy, I got a little reload on firewall requirements.

The customer did not have their perimeter set up as MSFT describes to be best practice, so that was also something to take care of in the process.

As the customer also was short on public IP addresses, the Edge was set up using only a single IP – discriminating services only through different ports on the external NIC. Documentation on this matter is a little scarce (see this article for some input), and since the TMG server is better off domain joined the official documentation​ on Lync falls short as to specify what firewall exceptions are needed for that.

Continue reading


Adding DFS Shares in Topology Builder

​Today I ran into an issue, as a customer I am currently installing Lync Server 2010 for was looking to use their already established DFS file share with Lync. This feature has been supported since the dawning of OCS14, but funny enough not something that could be accomplished in the TB.

Since CU5 in February this was something that MSFT fixed, as stated in the KB article. Nevertheless, I could not get it working. Entering a DFS root and the share name (Share name = dfsroot\share) only resulted in an error. This was despite that CU5 had been applied to the Administrative Tools, TB included.

Continue reading