I just wanted to get some clarification on the correct traffic flow between internal Lync clients and the Edge server.
From all the diagrams I've looked at I was under the impression that if internal clients need to hit the Edge server to talk to external clients they should always do so through the Edge Internal interface which bridges to the Edge External interface and out to the internet. Specifically port 3478 from the Edge AV External interface to the internal clients.
We aren't seeing that in our environment. When internal clients are talking to external clients we see the Edge AV External interface communicating directly with the internal client. In fact we found this out because after the migration to Lync 2013 external users couldn't created a AV connection to internal users on either the Lync servers. We saw traffic on 3478 being dropped between the Edge AV External interface and the internal client. Once we opened that port AV traffic worked.
We never put this rule in until we introduced Lync 2013. Lync 2010 didn't seem to require it.
Is that the correct flow?