Topic Last Modified: 2013-11-07

In this documentation, we use the term external user to define a large category of users who communicate with your Lync Server 2013 and Lync 2013 users from outside the firewall. External users that you can authorize to communicate Lync Server 2013 with internal users (that is, users who sign in to Lync Server from inside the firewall) can include the following:

Your edge deployment provides external access for the following types of communication:

In order to control communications, you can configure one or more policies that define how users inside and outside your organization communicate with each other. You can also configure settings and apply policies for individual internal users or for specific types of external users to control communications with external users.

Lync Server 2013 roles that are used to provide external access:

Edge Server   The Edge Server is a server or a pool of servers that run the services that allow external access to IM and presence, conferencing, audio/video, and other media (for example, file transfer) services. Optionally, you can configure the Edge Server to federate with other Lync Server or Office Communications Server 2007 R2 deployments, and other XMPP deployments. The optional public IM connectivity feature is enabled and configured through the Edge Server.

Director   The Director is an optional server or server pool running the Lync Server 2013 Director role that pre-authenticates user requests and routes requests to the users’ home Front End Server or Front End pool, but does not home any user accounts.

Reverse Proxy   A reverse proxy is a general term for specialized servers that publish resources available on the internal network and retrieve information for clients from the published resource. Lync Server 2013 uses the reverse proxy to publish a number of features, such as conferencing meetings, conference join locations, the address book, distribution list expansion, downloading meeting content, device updates, Mobility services, and more. Any reverse proxy that can meet the requirements for publishing the necessary resource locations can be used. Microsoft Forefront Threat Management Gateway (TMG) 2010 is used as an example for the purposes of illustrating the publishing rules necessary, but Forefront TMG 2010 is not required.

Lync Server 2013 supports both IPv4 and IPv6. Windows Server 2008 R2, Windows Server 2012, and Windows Server 2012 R2 use a dual stack that can use both IPv4 and IPv6 concurrently. This is important because of the transitional nature of a deployment moving from IPv4 to IPv6. IPv4 can be supported in some areas, where in other areas of the deployment, IPv6 can be used. This is especially important where the Internet and internal deployments are concerned. External clients must communicate through the reverse proxy to use services such as mobility, meetings, address book download, and others. Currently, Forefront Threat Management Gateway 2010 and Internet Security and Acceleration Server 2006 do not support IPv6 addressing, regardless of the operating system version that they are deployed on. You must plan accordingly in relation to your use of IPv6 and IPv4 as they relate to external clients.