I just installed JetNexus in my company’s virtual lab for testing, as we are looking for a replacement for our TMG reverse Proxy.
Big thanks to the JetNexus team for the great help they provided me. If you guys interested in another solution to replace your reverse proxy, give this one a try, even if you don’t have any experience on how to work with or configure JetNexus, their team will call you, invite you for an online meeting and show you their lab and how to configure it and work with this solution.
So download the virtual appliance from here , it is supported on most of the Virtual hosts out there (Hyper-V, VMWare…)
I’m using Hyper-V (I’m a Microsoft Technology guy), and it’s very easy to deploy the VA after downloading, just unzip the folder you get (should be around 850MB)
· On Hyper-V use the “Import Virtual Machine…” option
· Browse to where your unzipped the VA
· When you reach the “Choose Import Type”, make sure to use “Copy the virtual machine (Create a new unique ID)”
· Attach the VM to the correct network you want to use (in my case it is the DMZ)
Then you are done, fire up the new VM.
Good thing about JetNexus, it comes with an application in my case “jnDiscover_v3_6_1.exe” that show you current IP-address the VA took, and you can use it to assign the IP-address you want to the machine.
· Two Lync 2013 Enterprise Frontend servers in VLAN 192.168.1.x
· DMZ where I deployed the reverse proxy in VLAN 172.19.71.x
So using the Jetnexus discover tool, I configured the static IP of the appliance
· Click on the address you see in the tool and then hit F2 or right click and select “Configure”
· Assign the IP-address you want to give to the appliance, and click “Apply”
Connect to JETNexus
Now that you have the appliance alive, you can connect to the web configuration page by using URL = https://jetnexus-IP:port/
Default credentials are:
Once you are in, first thing is to change the credentials.
· In right Menu go to “Configure” then >> Security
· Change the credentials there
· Don’t forget to always click on “Update” when you change anything in the configurations
Configure the Reverse Proxy for Lync
Here the fun begins,
· In left menu go to “Setup” >> “Appliance”
· Under “Adapter Details” make sure that eth0 is attached to your DMZ IP-address.
· To edit the entry, you can double click into the IP-address or the entry you want to change and put the new value
· In left menu, go to “Network” and there you can assign default gateway IP-address to specific Adapter you want from the drop down menu.
· If you need to add any Network routing rules, you can also create them in this page.
This is what I found interesting with JetNexus and helpful, they have ready configuration templates (configuration text file) for publishing your services no matter it was Lync or Exchange, they are called JetPack.
All you need to do is download the one you need from JetNexus website, and edit the IP-addresses of the Lync Servers or Exchange in the text file to point to your servers.
When you read the configuration file, you can know what are you configuring by reading the line “ServiceDesc”.
Again, JetNexus team is really helpful and I’m sure they will explain this part better when they contact you.
So I downloaded the Lync reverse proxy JETPack and edited the IP-addresses to point to my both Lync Enterprise servers.
Import JetPack to JetNexus
· In left menu select “Advance” then >> “Update Software”
· Under “Configuration” click on “Browse” and select the JetPack file
· Click “Upload”
· In left Menu, go to “Setup” then >> IP-services
· You will see now under “Channel Details” the DMZ IP-address of your appliance, port it’s listening to, and the service name
· And also should see down under “Content Servers” the name, IP-address of your Lync Frontend server(S) and the port it will forward traffic on
Bing SSL certificate
Now last part is to Import your SSL certificate to the appliance and bind it to the services
· In left menu go to “Configure” >> then SSL
· Under SSL , select “Import Certificate”
· Give a name for the certificate, put the Key password
· Browse to the location of the certificate and upload it
Now let’s bind it to the services:
· In left menu, go to “Setup” then >> IP-service
· Under “Channel Details” select the Channel you want to bind the certificate to by clicking on it
· Going down in the page you find a tab called “Action”
· Click on it
· In “SSL” drop down menu, select your SSL certificate you want to assign to this service
Don’t forget to Click “Update” every time you change something 🙂
That’s it you are now online my friend.