MS Lync 2013

Updated: May 16, 2022 14:11

2 Introduction

Kemp's LoadMaster family of purpose-built hardware and Virtual Appliances (VLM) offer advanced Layer 4 and Layer 7 server load balancing, content switching, SSL Acceleration and a multitude of other advanced Application Delivery and Optimization (ADC) features.

Kemp's LoadMaster fully supports Microsoft's key solutions and are approved by Microsoft (Kemp is a Microsoft Gold partner). The LoadMaster efficiently distributes user traffic for Microsoft Lync 2013 so that users get the best experience possible.

The entire Kemp LoadMaster product family, including the Virtual LoadMaster (VLM) supports Microsoft Lync 2013.

For more information about Kemp, visit us online at www.kemptechnologies.com.

2.1 Microsoft Lync 2013

Microsoft Lync is a communications tool that provides services such as audio/video conferencing, Instant Messaging (IM) and Voice over Internet Protocol (VoIP). These services can all be accessible from the Internet, or from an internal network. Microsoft Lync allows companies to enhance collaboration amongst employees.

A number of enhancements have been made in Microsoft Lync 2013. The network topology setup is quite similar to the previous version but with a number of small differences. Changes include the consolidation of the archiving and monitoring features towards the front-end servers (optional feature). The Lync 2010 Director role is now optional and is not recommended anymore. Less servers are needed because front-end servers can now take the role of Director.

2.2 Document Purpose

This documentation is intended to provide guidance on how to configure Kemp LoadMaster products to provide high availability for a Microsoft Lync Server 2013 environment. This documentation is created using a representative sample environment described later in the document. As this documentation is not intended to cover every possible deployment scenario it may not address unique setup or requirements. The Kemp Support Team is available to provide solutions for scenarios not explicitly defined.

2.3 Prerequisites

It is assumed that the reader is a network administrator or a person otherwise familiar with networking and general computer terminology. It is further assumed that the Microsoft Lync Server 2013 environment has been set up and the Kemp LoadMaster has been installed.

Other LoadMaster documentation can be referred to as needed from the Kemp Documentation page.

The minimum requirements that should be met before proceeding are as follows:

Installed LoadMaster LTS firmware version or above
Configured and published Microsoft Lync Server architecture with Lync Topology builder
Installed the Microsoft Servers, Active Directories and followed other Microsoft requirements
Configured internal and external DNS entries for Front-End, Director and Edge pools
Established access to the LoadMaster Web User Interface (WUI)

3 Load Balancing Lync 2013

Deploying a Microsoft Lync environment can require multiple servers in Front-End pools and Edge server pools. Load balancing is necessary in this situation to distribute the traffic amongst these servers.

Microsoft Lync Server 2013 supports two load balancing solutions: DNS load balancing and Hardware Load Balancing (HLB). Hardware load balancers are also required to provide load balancing for the internal and external web services when DNS load balancing is used.

Different load balancing methods cannot be used on the Edge internal and Edge external interfaces, for example, DNS load balancing cannot be used on the Edge internal interface when hardware load balancing is being used on the Edge external interface. Health checking at the LoadMaster ensures that, if one of the servers becomes inaccessible, the load balancer will take the sever offline and automatically re-route and reconnect users to other functioning servers.

Kemp Technology recommend the configuration as depicted in the above diagram. If your configuration differs from the recommended configuration and there are issues deploying the LoadMaster, please contact the local Kemp Support Team for assistance.

4 Template

Kemp has developed a template containing our recommended settings for this workload. You can install this template to help create Virtual Services (VSs) because it automatically populates the settings. You can use the template to easily create the required VSs with the recommended settings. For some workloads, additional manual steps may be required such as assigning a certificate or applying port following, these steps are covered in the document, if needed.

You can remove templates after use and this will not affect deployed services. If needed, you can make changes to any of the VS settings after using the template.

Download released templates from the following page: LoadMaster Templates.

For more information and steps on how to import and use templates, refer to the Virtual Services and Templates, Feature Description on the Kemp Documentation page.

5 General Configuration

Some recommended general LoadMaster configuration settings are outlined below. These options can be set within the LoadMaster WUI.

5.1 Disable SNAT Globally

By default, global Server Network Address Translation (SNAT) is enabled in the LoadMaster settings. Kemp recommends disabling SNAT globally when using the LoadMaster with a Lync 2013 Edge deployment. To disable SNAT globally, follow the steps below:

1. In the main menu, select System Configuration.

2. Select Miscellaneous Options.

3. Select Network Options.

4. Clear the Enable Server NAT check box.

5.2 Subnet Originating Requests

When the LoadMaster is deployed in a two-armed configuration, Kemp recommends enabling Subnet Originating Requests. When this option is enabled, the LoadMaster will use its local IP address, instead of the IP address of the Virtual Service, when communicating to the Real Servers.

Subnet Originating Requests can be enabled on a per-Virtual Service or a global basis.

It is recommended that the Subnet Originating Requests option is enabled on a per-Virtual Service basis.

To enable Subnet Originating Requests globally, follow the steps below:

1. In the main menu of the LoadMaster WUI, select System Configuration > Miscellaneous Options > Network Options.

2. Select the Subnet Originating Requests check box.

5.3 Change Drop Connections Settings

The LoadMaster must be configured to drop connections on Real Server Failure to have fast failover for clients to another Real Server.

1. To configure dropping connections, click System Configuration.

2. Click Miscellaneous Options.

3. Click L7 Configuration.

4. Select the Drop Connections on RS failure checkbox.

5.4 Increase the Connection Timeout

The Loadmaster Connection Timeout must be set to one day. The reason why this value can be set so high is because the LoadMaster monitors client connection to Real Servers and if a server fails then the LoadMaster can drop the associated client connections to that real server. Clients are disconnected from the LoadMaster and then reconnected to the LoadMaster to connect to another Real Server.

One day is the maximum value for this setting and it must be used in conjunction with the Drop Connections on RS failure option.

1. To configure the Connection Timeout, click System Configuration.

2. Click Miscellaneous Options.

3. Click L7 Configuration.

4. Enter 86400 (1 day) in the L7 Connection Drain Time (secs) field and click Set Time.

5.5 Connection Scaling For Large Scale Deployments

Execution of this procedure is optional and should be used only in cases where network traffic is expected to be greater than 64,000 server connections at any one particular time.

L7 Transparency must be disabled to use connection scaling.

1. To use connection scaling, click System Configuration.

2. Click Miscellaneous Options.

3. Click L7 Configuration.

4. Select the Allow connection scaling over 64K Connections checkbox.

5. Click Virtual Services.

6. Click View/Modify Services.

7. Click the Modify button of the appropriate Virtual IP Address.

8. Expand the Advanced Properties section.

9. In the Advanced Properties panel, input a list of Alternate Source Addresses. Multiple IPV4 addresses must be separated with a space; each must be unallocated and allow 64K connections.

10. Click the Set Alternate Source Addresses button.

6 Configuring Virtual Services for Lync 2013

This deployment guide covers three types of Virtual Service; DNS Only, HLB only and those that are common to both types of environment. To configure the Virtual Services using the Application Programming Interface (API), refer to the RESTful API on the Kemp Documentation Page.

The table in each section outlines the API settings and values. You can use this information when using the Kemp LoadMaster API and automation tools.

6.1 DNS Only Configuration

Refer to the sections below for settings when using a DNS only configuration.

Microsoft recommends that DNS load balancing is used for Session Initiation Protocol (SIP) traffic. Microsoft also recommend that web services are configured to override FQDN for internal web services.

Source-IP Persistence

Source IP persistence can be used but take care before enabling it because:

Clients from behind a NAT device show up as a single IP
It can result in uneven connection distribution

Cookies

If cookies are used, there is no negative impact. However, there are some requirements:

The cookie must be named MS-WSMAN
It must not expire
It must not be marked httpOnly
Cookie optimization should be turned off

To find out the recommended API parameter settings for the various Front-End Virtual Services, refer to the sections below.

6.1.1 Director DNS

The Lync Director DNS template contains one Virtual Service:

Lync Director 2013

6.1.1.1 Deploy Director DNS Template

To add the Virtual Services for Lync Director DNS with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Director 2013 DNS template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.1.1.2 Configure Director DNS Virtual Service

To configure the Lync Director Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Director Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.1.1.2.1 Director DNS Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	443
prot	tcp
ForceL7	1
ExtraPorts	444,4443
Transparent	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.1.2 Front-End Internal DNS

The Lync Front-End Internal DNS template contains two Virtual Service

Lync Internal WebSvc HTTP
Lync Internal WebSvc HTTPS

6.1.2.1 Deploy Front-End Internal DNS Template

To add the Virtual Services for Lync Front-End Internal DNS with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Internal 2013 DNS template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.1.2.2 Configure Front-End Internal WebSvc HTTP Virtual Service

To configure the Lync Front-End Internal Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal WebSvc HTTP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 80 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.1.2.2.1 Front-End Internal WebSvc HTTP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	80
prot	tcp
Transparent	0
Extra Ports	8080
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.1.2.3 Configure Front-End Internal WebSvc HTTPS Virtual Service

To configure the Lync Front-End Internal WebSvc HTTPS Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal WebSvc HTTPS Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.1.2.3.1 Front-End Internal WebSvc HTTPS Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	443
prot	tcp
ExtraPorts	4443
Transparent	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.2 HLB Only Configuration

Refer to the sections below for settings using an HLB only configuration.

6.2.1 Director HLB Only

The Lync Director HLB Only template contains two Virtual Services:

Lync Director
Lync Internal Director SIP

6.2.1.1 Deploy Director HLB Only Template

To add the Virtual Services for Lync Director HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Director 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.2.1.2 Configure Director Virtual Service

To configure the Lync Director Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Director Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.1.2.1 Director HLB Only Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	443
prot	tcp
ExtraPorts	444,4443
Transparent	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.2.1.3 Configure Director SIP Virtual Service

To configure the Lync Director SIP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal Director SIP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 5061 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.1.3.1 Director SIP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

6.2.2 Internal Front End HLB Only

The Lync Internal 2013 HLB Only template contains four Virtual Services:

Lync Internal WebSvc HTTP
Lync Internal WebSvc HTTPS HLB Only
Lync Internal Front-End SIP
Lync Internal Front-End DCOM

6.2.2.1 Deploy Internal Front-End HLB Only Template

To add the Virtual Services for Lync Internal HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Internal 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.2.2.2 Configure Internal Front-End WebSvc HTTP Virtual Service

To configure the Lync Internal Front-End WebSvc HTTP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal WebSvc HTTP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 80 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.2.2.1 Internal Front-end WebSvc HTTP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	80
prot	tcp
Transparent	0
ExtraPorts	8080
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.2.2.3 Configure Internal Front-End WebSvc HTTPS Virtual Service

To configure the Lync Internal Front-End WebSvc HTTPS Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal WebSvc HTTPS HLB Only Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.2.3.1 Internal Front-End WebSvc HTTPS Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

Option	Value
port	443
prot	tcp
ForceL7	0
ExtraPorts	444,4443
Transparent	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.2.2.4 Configure Internal Front-End SIP Virtual Service

To configure the Lync Front-End SIP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal Front-End SIP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 5061 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.2.4.1 Internal Front-End SIP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	5061
prot	tcp
VStype	gen
ForceL7	1
ExtraPorts	448,5070-5073,5075,5076,5080
Transparent	0
ServerInit	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.2.2.5 Configure Internal Front-End DCOM Virtual Service

To configure the Lync Front End DCOM Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Internal Front-End DCOM Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 135 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.2.5.1 Internal Front-End DCOM Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	135
prot	tcp
VSType	Gen
ForceL7	1
Transparent	0
ServerInit	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.2.3 Mediation HLB Only

The Lync Mediation 2013 HLB Only template contains one Virtual Services:

Lync Mediation

6.2.3.1 Deploy Mediation 2013 HLB Only Template

To add the Virtual Services for Lync Mediation HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Mediation 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.2.3.2 Configure Mediation Virtual Service

To configure the Lync Mediation Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Mediation Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 5070 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.3.2.1 Mediation Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	5070
prot	tcp
VStype	gen
ForceL7	1
Transparent	0
ServerInit	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5070

6.2.4 Edge Internal HLB Only

The Lync Edge Internal 2013 HLB Only template contains three Virtual Services:

Lync Edge Internal AV Media TCP
Lync Edge Internal AV Media UDP
Lync Edge Internal SIP

6.2.4.1 Deploy Edge Internal 2013 HLB Only Template

To add the Virtual Services for Lync Edge Internal 2013 HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Edge Internal 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.2.4.2 Configure Edge Internal AV Media TCP Virtual Service

To configure the Lync Edge Internal AV Media TCP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge Internal AV Media TCP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.4.2.1 Edge Internal AV Media TCP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	443
prot	tcp
VStype	gen
ForceL7	1
Transparent	0
ServerInit	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	TCP Connection Only
CheckPort	5061

6.2.4.3 Configure Edge Internal AV Media UDP Virtual Service

To configure the Lync Edge Internal AV Media UDP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge Internal AV Media UDP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 3478 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.4.3.1 Edge Internal AV Media UDP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	3478
prot	udp
ForceL7	0
Transparent	1
Persist	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	icmp

6.2.4.4 Configure Edge Internal SIP Virtual Service_D39

To configure the Lync Edge Internal SIP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge Internal SIP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 5061 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.2.4.4.1 Edge Internal SIP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	5061
prot	tcp
VStype	gen
Transparent	0
ExtraPorts	5062
ServerInit	0
Persist	src
PersistTimeout	1200
Useforsnat	1
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.3 Edge Configuration

Refer to the sections below for settings using a Lync Edge configuration.

When load balancing external interfaces of Edge pools, the shared interface IP should be used as the default gateway on all Edge interfaces. Also, a publicly routable IP with no NAT or port translation must be used.

6.3.1 Edge External HLB Only

The Lync Edge External HLB Only template contains three Virtual Services:

Lync Edge External SIP
Lync Edge External SIP Federation
Lync Edge External XMPP

6.3.1.1 Deploy Edge External HLB Only Template

To add the Virtual Services for Lync Edge External HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Edge External 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.3.1.2 Configure Edge External SIP Virtual Service

To configure the Lync Edge External SIP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge External SIP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.3.1.2.1 Edge External SIP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	443
prot	tcp
ForceL7	1
Transparent	0
Persist	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.3.1.3 Configure Edge External SIP Federation Virtual Service

To configure the Lync Edge External SIP Federation Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge External SIP Federation Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 5061 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.3.1.3.1 Edge External SIP Federation Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	5061
prot	tcp
ForceL7	1
Transparent	0
Persistent	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.3.1.4 Configure Edge External XMPP Virtual Service

To configure the Lync Edge External XMPP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge External XMPP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 5269 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.3.1.4.1 Edge External XMPP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	5269
prot	tcp
ForceL7	1
Transparent	0
Persist	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.3.2 Edge External AV HLB Only

The Lync Edge External AV HLB Only template contains two Virtual Services:

Lync Edge External AV Media TCP
Lync Edge External AV Media UDP

6.3.2.1 Deploy Edge External AV HLB Only Template

To add the Virtual Services for Lync Edge External AV HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Edge External AV 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.3.2.2 Configure Edge External AV Media TCP Virtual Service

To configure the Lync Edge External AV Media TCP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge External AV Media TCP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.3.2.2.1 Edge External AV Media TCP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	443
prot	tcp
Transparent	1
ForceL7	1
Persist	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.3.2.3 Configure Edge External AV Media UDP Virtual Service

To configure the Lync Edge External AV Media UDP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge External AV Media UDP Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 3478 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.3.2.3.1 Edge External AV Media UDP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

Option	Value
port	3478
prot	udp
Transparent	1
Persist	src
PersistTimeout	1200
Schedule	rr
Useforsnat	1
CheckType	icmp

6.3.3 Edge External Conferencing HLB Only

The Lync Edge External Conferencing HLB Only template contains one Virtual Services:

Lync Edge External Conferencing

6.3.3.1 Deploy Edge External Conferencing HLB Only Template

To add the Virtual Services for Lync Edge External Conferencing HLB Only with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Edge External Conferencing 2013 HLB Only template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.3.3.2 Configure Edge External Conferencing Virtual Service

To configure the Lync Edge External Conferencing Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Edge External Conferencing Virtual Service.

3. Expand the Real Servers section.

4. Click Add New.

5. Enter the Real Server Address.

6. Confirm that Port 443 is entered.

7. Click Add This Real Server.

8. Add additional Real Servers as needed.

6.3.3.2.1 Edge External Conferencing Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	443
prot	tcp
ForceL7	1
Transparent	0
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.4 Common to Both

The Virtual Services listed below are common to both DNS and HLB configurations.

6.4.1 Office Web App

The Lync Office Web App template contains one Virtual Services:

Office Web App Servers

6.4.1.1 Deploy Office Web App Server Template

To add the Virtual Services for Lync Office Web App Servers with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Office Web App Servers 2013 template from the Use Template drop-down list.

4. Click Add This Virtual Service.

6.4.1.2 Configure Office Web App Virtual Service

These steps assume a TLS Certificate has already been added to the LoadMaster. More information on certification, refer to the SSL Accelerated Services document on the Kemp Support Site.

To configure the Lync Office Web App Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Office Web App Server Virtual Service.

3. Expand the SSL Properties section.

4. Select a valid certificate that was previously imported and click the > button to assign the certificate.

5. Click Set Certificate.

6. Expand the Real Servers section.

7. Click Add New.

8. Enter the Real Server Address.

9. Confirm that Port 443 is entered.

10. Click Add This Real Server.

11. Add additional Real Servers as needed.

6.4.1.2.1 Office Web App Servers Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	443
prot	tcp
Transparent	0
SSLAcceleration	1
SSLReencrypt	1
Persist	super and src
PersistTimeout	1800
Schedule	rr
Idletime	1800
CheckType	https
CheckPort	443
CheckURL	/hosting/discovery
CheckUse	1
CheckUseGet	GET

It is optional to add a HTTP redirector Virtual Service. Whether you require one or not depends on your environment.

6.4.2 Director Reverse Proxy

The Lync Reverse Proxy template can be used for both Director and Front-End. If using both roles in Lync 2013 you must rename the Virtual Services such as Lync Director Reverse Proxy and Lync Front-End Reverse Proxy as shown in the steps below.

The Lync Directory Reverse Proxy template contains one Virtual Services:

Lync Director Reverse Proxy HTTP
Lync Director Reverse Proxy HTTPS

6.4.2.1 Deploy Director Reverse Proxy Template

To add the Virtual Services for Lync Director Reverse Proxy with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Office Web App Servers 2013 template from the Use Template drop-down list.

4. Click Add This Virtual Service.

5. Rename Virtual Service to Lync Director Reverse Proxy 2013.

6.4.2.2 Configure Director Reverse Proxy HTTP Virtual Service

To configure the Lync Director Reverse Proxy HTTP Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Director Reverse Proxy HTTP Virtual Service.

3. Expand the SSL Properties.

4. Expand the Real Servers section.

5. Click Add New.

6. Enter the Real Server Address.

7. Confirm that Port 8080 is entered.

8. Click Add This Real Server.

9. Add additional Real Servers as needed.

Ensure that port tcp/80 is not used for the Real Servers.

6.4.2.2.1 Director Reverse Proxy HTTP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameters	API Value
port	80
prot	tcp
ForceL7	1
Transparent	0
Persist	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.4.2.3 Configure Director Reverse Proxy HTTPS Virtual Service

These steps assume a TLS Certificate has already been added to the LoadMaster. More information on certification can be found in the SSL Accelerated Services document on the Kemp Support Site.

To configure the Lync Director Reverse Proxy HTTPS Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Director Reverse Proxy HTTPS Virtual Service.

3. Expand the SSL Properties section.

4. Expand the Real Servers section.

5. Click Add New.

6. Enter the Real Server Address.

7. Confirm that Port 4443 is entered.

8. Click Add This Real Server.

9. Add additional Real Servers as needed.

Ensure that port tcp/443 is not used for the Real Servers.

6.4.2.3.1 Director Reverse Proxy HTTPS Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	443
prot	tcp
Transparent	0
SSLAcceleration	1
SSLReencrypt	1
Persist	src
PersistTimeout	1200
Schedule	rr
Idletime	1800
CheckType	tcp
CheckPort	5061

6.4.3 Front-End Reverse Proxy

The Lync Reverse Proxy template can be used for both Director and Front-End. If using both roles in Lync 2013, you must rename the Virtual Services such as Lync Director Reverse Proxy and Lync Front-End Reverse Proxy as shown in the steps below.

The Lync Front-End Reverse Proxy template contains two Virtual Services:

Lync Front-End Reverse Proxy HTTP
Lync Front-End Reverse Proxy HTTPS

6.4.3.1 Deploy Front-End Reverse Proxy Template

To add the Virtual Services for Lync Front-End Reverse Proxy with the template, follow the steps below:

1. Click the Add New button.

2. Enter a Virtual Address.

3. Select the Lync Reverse Proxy 2013 template from the Use Template drop-down list.

4. Click Add This Virtual Service.

5. Rename Virtual Service to Lync Front-End Reverse Proxy 2013.

6.4.3.2 Configure Front-End Reverse Proxy HTTP Virtual Service

To configure the Lync Front-End Reverse Proxy Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Front-End Reverse Proxy HTTP Virtual Service.

3. Expand the SSL Properties section.

4. Expand the Real Servers section.

5. Click Add New.

6. Enter the Real Server Address.

7. Confirm that Port 8080 is entered.

8. Click Add This Real Server.

9. Add additional Real Servers as needed.

Ensure that port tcp/80 is not used for the Real Servers.

6.4.3.2.1 Front End Reverse Proxy HTTP Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.

API Parameter	API Value
port	80
prot	tcp
ForceL7	1
Schedule	rr
Transparent	0
Persist	src
PersistTime	1200
Idletime	1800
Useforsnat	1
CheckType	tcp
CheckPort	5061

6.4.3.3 Configure Front-End Reverse Proxy HTTPS Virtual Service

These steps assume a TLS Certificate has already been added to the LoadMaster. More information on certification can be found in the SSL Accelerated Services document on the Kemp Support site.

To configure the Lync Front-End Reverse Proxy HTTPS Virtual Service, follow the steps below:

1. Select View/Modify Services under Virtual Services in the left-hand navigation.

2. Click Modify on the Lync Front-End Reverse Proxy HTTP Virtual Service.

3. Expand the SSL Properties section.

4. Expand the Real Servers section.

5. Click Add New.

6. Enter the Real Server Address.

7. Confirm that Port 4443 is entered.

8. Click Add This Real Server.

9. Add additional Real Servers as needed.

Ensure that port tcp/443 is not used for the Real Servers.

6.4.3.3.1 Front End Reverse Proxy HTTPS Virtual Service Recommended API Settings (optional)

This table outlines the API parameters and values set using the Kemp application template. These settings can be used with scripts and automation tools.