Monday, March 14, 2011

Lync 2010 Deployment Guide (adding Edge Role - part I)

Now we will go a step further and prepare to deploy an Edge server in our lab. To me, in complexity, Edge is no more complicated than any other role, but looks like many folks are having troubles.

Perhaps the most important (and often omitted) step is… to relax, pull back for a moment and think – “What is that I want to achieve and what resources I have on hand”.

All right, what do we have…?

I will deploy my Edge in “DMZ”. While I don’t really have DMZ in my lab and don’t have time to build one, I will place the Edge on the same subnet where the Lync server is, but the presumption is that you will definitely separate your internal resources from the “Big, bad Internet”.

I will use two different FQDN’s – sipint.drago.local for the machine name (SIPINT with domain suffix applied) and for external access.

Because I “have” only one public IP address available, this is what I will use when configuring the topology.

edgein.drago.local         (mapped to; port 5061         (mapped to; port 444         (mapped to; port 443

***Note that I will use the same Public IP address for all Edge Interfaces, and so, I must be sure the ports are not overlapping.

Upon completion, I expect to have:

    - External access for my users
    - Federation with other domains
    - IM, Video, Audio and desktop sharing with federated domain uses

Because this is a lab, I do not expect to complete PIC federation (IM and A/V session with MSN network users).
Preparing the server to host Edge Role

My server is already named “EDGEINT”.

However, I MUST apply the domain suffix or later the MTLS will fail.

…and restart when done. Now the “Full Computer Name” is FQDN.

Next I will provision the IP addresses on my server, where I will use a public DNS server and add my Lync FE to the hosts file.

…and now EDGEINT resolves our

We can now proceed with satisfying the software prerequisites as described here:

Again, I will run this command:

servermanagercmd -install Net-Framework Net-Framework-Core Net-Win-CFAC Net-HTTP-Activation NET-HTTP-Activation WAS WAS-Process-Model WAS-Net-Environment WAS-Config-ApIs

TechNet talks about this update:, but since I user Windows 2008 R2 SP1, the presumption is that the fix have been incorporated in the SP1 and I will sclip this step.
Next we will add our Edge server to the Topology.


Mohammad Ravaghi said...

hi drago
i have some Qs,may u guide me how configured ur Internal and external Interfaces of Edge,and how u mapped Public IP address and external IP addresses needed there,and what about ports needed too ?

Drago said...

When comes to ports, it depends which scenario you use - single IP or three IP addresses. Take a look at the "Microsoft Lync Server 2010 Protocol Workloads Poster" for detail information.


Murali said...

This is exactly how I have deployed my setup. Int and Ext interfaces are in the same subnet. Added an entry for front-end in the hosts file. Able to ping Front-end from Lync edge. However, when trying to sign-in from public n/w, Edge doesn't seem to forward any packet to Front-end server.