For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Forum Discussion

Gerald_Cheminan's avatar
Gerald_Cheminan
Icon for Nimbostratus rankNimbostratus
Jan 14, 2016

Lync Server 2013 HLB

Hi all, At first I describe my environnement :   AD Local domain = internal.ad Public domain = SMTP domain = SIP domain = publicdomain.com Lync Server Enterprise Pool PoolEE.internal.ad FE01.i...
application delivery
BIG-IP
iApps
Gerald_Cheminan's avatar
Gerald_Cheminan
Icon for Nimbostratus rankNimbostratus
Jan 19, 2016

Hi Mickael, Thanks you for your answer. I'm sorry that my question is not very clear.

 

To avoid installing the root certificate from the PKI on computers that are not in the Active Directory domain, I wanted to use the BIG IP as SIP Proxy to do on the internal network and use a public certificate. I could redirect the connections to the external network through the Lync Edge but it is difficult to redirect only the computers that are not in the Active Directory domain and keep the other on the internal network.

 

If I understand your answer :

 

If I use BIG to distribute SIP connections and therefore I do not use the Round Robin DNS function, it means that BIG IP balance and redirects connections to Lync Front End ? So the traffic SIP / TLS / SRTP is established directly between the client and Lync Front End? In this case I can not use a public certificate because the Front End and Pool FQDN are private (internal.ad) and not public.

 

Thanks for your help Gérald