Ever since Microsoft decided to retire the TMG, Everyone’s concern about what would be the platform that can be used to Publish Lync Server external web services URLS. It’s obvious that these URLs need to be reverse proxy in to the Front End pool and there’s not much options available to get the job done.

This is where the ISS ARR (Internet Information Service Application Request Routing) comes in to the picture. URL Re-Routing option was there since 2011 but it was never highlighted since the ISA\TMG was doing it’s job. Now both the ISA\TMG is going out, ARR is in the front row for the Reverse Proxy job.

Now let’s deploy the IIS ARR Server. I used the Server 2008 R2 Application Server with IIS deployed with default options. use http://blogs.iis.net/wonyoo/archive/2011/04/20/how-to-install-application-request-routing-arr-2-5-without-web-platform-installer-webpi.aspx link to download and install ARR component on top of the IIS Application Server.

Now to configure SSL over port 443 and assign the certificate.

Note that this certificate must contain all the SAN records that associate to all the web farms that getting created within this ISS Server.

Configure the Web Farm. I’ll take “meet.contoso.com as an example here. Set the farm as “On Line”.

Configure the Server Address. This will be the Next Hop that URLs getting Reverse Proxy in to. It can be a Front End pool or a Director. Set the ports as 8080 for HTTP and 4443 as HTTPS. Add the server once done.

Click on “Yes” to confirm to proceed with creating the rule.

Server is added and Farm is online.

Go in to Caching and take out the “Enable Disk Cache” check box. Apply the changes and go back to the farm.

Select the “Proxy” option. Set everything as default and increase the “Keep Alive” time more than 180. I’ve set it as 200.

Go in to the “Routing Rules” and take out the SSL offloading. Apply the changes and go back to the server farm.

Select the IIS Server and select “URL Rewrite” option.

In URL Rewrite, there will be two options, HTTP and HTTPS\SSL. HTTP option can be removed as we are not interested in HTTP.

Edit the HTTPS\SSL rule. in Conditions, click on Add to add another rule.

In Add Condition, Start typing {HTTP_… and select {HTTP_HOST} from the list.

Leave it as “Match the Pattern” and set the pattern as meet.* set the option “Ignore Case”.

Test the pattern to verify that the configured pattern functions as expected. Go back to the URL Rewrite once done.

The newly created rues should looks like this.

Now test the published URL from outside of the domain and it should reverse proxy in to the Front End pool

Now publish the rest of the URL and create Web Farms in ISS ARR accordingly.

For Mobility clients, you might experience that the “Server configuration have changed. Please restart the client” alert keep on coming. To fix this, set the Proxy time out parameter to 960 instead of 200 in lyncdicover.domain.com ARR rule.

For the Office Web App external URl publishing, It’s little different than the rest of the ARR rules. Not only the server proxy ports has top be 443 and 80 instead of 8080 and 4443, the ARR rule need to be configured to use Regular Expressions instead of Wildcards. Below is the standard configuration of a ARR rule for WAC server.