Forum Discussion

Danims_19205's avatar
Danims_19205
Icon for Nimbostratus rankNimbostratus
Jan 21, 2013

lync 2013 whit TMG as reverse proxy

Hello all:

 

we have problems with lync 2013 with TMG as reverse proxy between f5´s. The scenario would be as follows:

 

internet->f5(external)->TMG->f5(internal)->edge server

 

f5 version 10.2.4.

 

We have problems in first balance when f5 send packets to TMG server. We found some manuals about solutions with TMG for owa and sharepoint, but we never found documents about lync 2013 with tmgs

 

We have implemented in vserver snat because in our net is necessary.We install a network monitor in tmg´s and we see that f5 send syn packet and tmg send back syn ack packet, but f5 never send response with ack packet . All traffic is allowed between f5 and tmg´s servers . In tmg log , we can see that the request https from f5 is not evaluate and we think that is problem is about the ack packet.

 

Most curious is that is balanced is working ok whit ACE (cisco) load balancer with a simple configuration..... Could you help us? Is there some kind of documentation with TMG and LYNC?

 

 

Regards!

 

 

 

 

microsoft
partner

6 Replies

Sort By
  • What_Lies_Bene1's avatar
    What_Lies_Bene1
    Icon for Cirrostratus rankCirrostratus
    Jan 21, 2013
    If this works with ACE I can't see any reason it won't with an F5. Can you elaborate on the SSL at all, where is it terminated?

     

     

    Are you sure the TMG response is getting back to the F5 via the same VLAN? Can you do a capture on the F5 itself using tcpdump, that might be more useful in determining if the SYN/ACK actually does arrive at the F5.
  • Danims_19205's avatar
    Danims_19205
    Icon for Nimbostratus rankNimbostratus
    Jan 22, 2013

    In the capture with whireshark we can see that traffic in tmg is getting back to f5 via same vlan thah is coming. today afternoon we want to test capturing tcpdump in f5.

     

    Thank´s!!