Back in October 2011, the Update to UAG (SP1 Update 1) finally added support for Lync publishing with UAG. However, much confusion has risen around to what extent Lync publishing is supported. Many customers deduced that the new UAG feature supports the entire range of Lync features and clients…but sadly, this is not the case.
In the time since the update was released, I’ve witnesses many customers struggle with trying to make Lync Mobility and the Lync client work through UAG, as well as various blog posts that describe how to do it. Technically, there are some aspects of Lync that can be made to work, but essentially, this entails forcing UAG to do something it was not designed to do.
I’m writing this post to clarify this. At the time of writing (November 2012), UAG does not support accessing Lync using Lync Mobility on any platform, nor the use of the Lync software client. The only thing that IS supported is using the Web-based version of the Lync client. For customers who need to publish Lync for Mobility and the software client, Microsoft recommends publishing the Lync Edge server using TMG, or a comparable transparent-publishing firewall solution (note, though, that using the TMG server that’s on your UAG server is not supported for this purpose). While some companies have been able to provide some form of access via UAG to the unsupported clients, this would work only partially at best, and would not be supported by Microsoft.
As for why this doesn’t work....well, the reason is that UAG is a product that was designed to primarily interact with browsers. It also has some special functions to interact with other clients such as Mobile phones and Office applications (including Outlook), but these functions are specially designed code that doesn’t extend to other applications. Different functions of the various Lync clients behave differently and so some can be made to work, but until the UAG product team specifically designs UAG to interact with the various Lync clients, we will not have full support for it.
since TMG is death and will be end of life.
Which solution does Microsoft support for the securely publishing of Lync?
Hi Ben Ari,
Thanks for writting the blog post!
People always seems to think that Microsoft Forefront UAG is able to support all aspects of Lync and also support the SIP and RTP/RTCP protocols?
The first question I always get is "Can we use the underlying Forefront TMG!"... And then I answer with a BIG NO!!! browse to the supported boundaries : technet.microsoft.com/.../ee522953.aspx :)
Keep up the good Work!
Peter Selch Dahl
At this point in time, TMG is still available to customers, both through their account managers or through Microsoft's partners, and this will continue for a while. Also, TMG is going to be supported for many years to come, so there's no reason not to use it. If TMG is not a viable option for a customer, they can use comparable products such as those made by our partners and competitors. I can't name them all here, but you can consult marketing analysts such as Gartner or Forrester to learn about other leading options.
TMG is ONLY available for purchase until 1.dec (21 days from now). Microsoft Will support TMG until april 2015. See The Announcement below.
I recommend that you follow Ben's advice.