Reverse Proxy Installation

If a reverse proxy already exists in the organization, it can be used to also publish Lync Server web services. There is no requirement for a reverse proxy to be dedicated only to Lync Server, but if no reverse proxy exists, one should be deployed when an Edge Server is provisioned. The following section details how to use the Microsoft Forefront Threat Management Gateway 2010 as a reverse proxy for Lync Server.

Forefront Threat Management Gateway 2010 Prerequisites

This section discusses the hardware, operating system, and software requirements necessary for installing Forefront Threat Management Gateway.

Hardware Requirements

The Forefront Threat Management Gateway server processor requirement is as follows:

• 1.86 GHz dual processor or dual-core processor

The Forefront Threat Management Gateway server memory requirement is as follows:

• 2 GB RAM (4 GB recommended)

The Forefront Threat Management Gateway disk requirement is as follows:

• Local storage with at least 2.5 GB free space

The Forefront Threat Management Gateway server network requirements are as follows:

• One network adapter for communication with the internal network

• An additional network adapter for each network connected to the Forefront TMG server

Operating System Requirements

Forefront Threat Management Gateway supports the following operating systems:

• Windows Server 2008, x64 Standard Edition with Service Pack 2

• Windows Server 2008, x64 Enterprise Edition with Service Pack 2

• Windows Server 2008, x64 Datacenter Edition with Service Pack 2

• Windows Server 2008 R2, Standard Edition

• Windows Server 2008 R2, Enterprise Edition

• Windows Server 2008 R2, Datacenter Edition

The Windows Server Core, Web, and High Performance Computing editions for any operating system version are not supported for deployment.

Software Requirements

The Forefront Threat Management Gateway server requires installation of the following components:

• .NET Framework 3.5, Service Pack 1

• Windows Web Services API

• Windows Update

• Windows Installer 4.0

Server Roles and Features

In addition to the operating system and software requirements listed previously, the Forefront Threat Management Gateway requires several Windows server roles, role services, and features to be installed. The following roles and features can either be preinstalled or installed automatically by the Forefront Threat Management Gateway preparation tool.

• Network Policy Server

• Routing and Remote Access Services

• Active Directory Lightweight Directory Services Tools

• Network Load Balancing Tools

• Windows PowerShell

Forefront Threat Management Gateway 2010 Installation

This section discusses installing a standalone Forefront Threat Management Gateway 2010 server to support the reverse proxy functionality required for external access. For detailed instructions on configuring an array of Threat Management Gateway servers or centralized management options, refer to TechNet.

1. Launch the Forefront Threat Management Gateway 2010 installation media.

2. If the required server roles and features have not applied, click Run Preparation Tool.

3. Click Next to begin the Preparation Wizard.

4. Select I accept the terms of license agreements and then click Next.

5. Select Forefront TMG services and Management and then click Next.

6. Select Launch Forefront TMG Installation Wizard and then click Finish.

7. Click Next to begin the installation.

8. Select I accept the terms in the license agreement and then click Next.

9. Enter a username, organization, and product serial number. Then click Next.

10. Enter an installation path and then click Next.

11. Click the Add button to begin entering internal network ranges.

12. Click Add Adapter, select the network adapter, and then click OK.

13. Verify the start and end addresses account for the internal network ranges of the Lync Server servers. Include additional ranges, and then click OK and Next.

14. Click Next and then Install to begin the installation.

15. Click Finish when the installation completes.