Masuk
 
AwalPerpustakaanWikiPelajariUnduhDukunganKomunitasForum
Resources for IT Professionals >
One user frequently disconnecting

Answered One user frequently disconnecting

  • 29 Februari 2012 18:14
     
     
    Masuk untuk Memilih
    0

    We have recently deployed Lync and it's working fine, except for one user. They keep getting disconnected and sending messages to them get dropped very often. This is only happening for one user.

    I looked in the event log on the frontend server and see some events that keep popping up:

    WARNING

    At least one attempt to reference stale (non-existent or deleted) security association was detected.

     

    There were 1 messages with signature that referenced stale (non-existent or deleted) security association in the last 38 minutes. The last one was this SIP message:

    ERROR

    Lost connection to the Web Conferencing Edge Server

     

    Edge Server Machine FQDN: edge.domain.local

     

    Cause: Service may be unavailable or Network connectivity may have been compromised.

     

    Any ideas??

    Makolyte, Software Developer + System/Network Admin

     

Semua Balasan

  • 29 Februari 2012 20:00
     
     
    Masuk untuk Memilih
    1

    Have tried this user by signing in on to another computer if not please try and let me know. enable lync logging on client side and on server side then connect this user and try to send and receive message to see what exactly is going on. For the error related to edge server it seems FE disconnected with Edge server due to instability of network.

    For how to enable logging on Lync http://www.misdivision.com/blog/using-the-lync-logging-tool-to-debug-sip-issues

    For client logging go to options on the general page in the bottom there is an option for the logging.

    Also see this thread as it relates to ocs but look in to this, he was having same error but problem was different http://social.technet.microsoft.com/Forums/en-US/ocsconferencing/thread/f8905094-eeab-447b-ac34-e341b4e96c0e 

    If answer is helpful, please hit the green arrow on the left, or mark as answer. Salahuddin | Blogs:http://salahuddinkhatri.wordpress.com | MCITP Microsoft Lync

     
  • 29 Februari 2012 21:38
     
     
    Masuk untuk Memilih
    0
    Thank you, i will try enable logging on both the server and client and see what i can find out.

    Makolyte, Software Developer + System/Network Admin

     
  • 29 Februari 2012 23:22
     
     
    Masuk untuk Memilih
    0

    Hi,

    Also run and provide us the output.

    get-CsManagementStoreReplication

     
  • 01 Maret 2012 15:28
     
     
    Masuk untuk Memilih
    0

    I looked through the client event log and also turned on server logging.

    1. On the client's event log i see this:

    A SIP request made by Communicator failed in an unexpected manner (status code 0). More information is contained in the following technical data:

    with additional info about the user's login etc...

    2. On the server i found an error when i analyzed the SIP and S4 logs. The ms-diagnostics section said this:
    ms-diagnostics: 1008;reason="Unable to resolve DNS SRV record";domain="domain";source="lync.domain.com"

    I looked through the forums for this error and found that nslookup for _sip_tls.domain should point to port 443, whereas mine points to 5061. I am changing this on the public DNS, which may take awhile. This could be causing this error, but i'm not sure if this would affect the user's connection problems?

    Makolyte, Software Developer + System/Network Admin

     
  • 01 Maret 2012 19:16
     
     
    Masuk untuk Memilih
    0

    On my client when a message fails:

    03/01/2012|13:21:51.269 1554:1558 INFO  :: Data Received - 10.1.1.82:5061 (To Local Address: 10.1.1.210:56023) 912 bytes:
    03/01/2012|13:21:51.269 1554:1558 INFO  :: SIP/2.0 504 Server time-out
    Authentication-Info: TLS-DSK qop="auth", opaque="54F86745", srand="85C33BA8", snum="201", rspauth="4f8355d476507d28aa2f06f577b7a8cc99aa5c63", targetname="LYNCMAIN.Domain.local", realm="SIP Communications Service", version=4
    From: "Makolyte"<sip:makolyte@domain.com>;tag=2e293764a9;epid=f8294a84bf
    To: <sip:k@domain.com>;epid=806ab2018f;tag=0587C51773F9EB1F4F32C8659D53927F
    Call-ID: 24704f76f3e74c24b6f6081d5fa69f05
    CSeq: 1 INVITE
    Via: SIP/2.0/TLS 10.1.1.210:56023;ms-received-port=56023;ms-received-cid=217700
    Server: RTC/4.0
    ms-diagnostics: 1006;reason="Error routing on client connection";WinsockFailureDescription="The socket is no longer connected";WinsockFailureCode="10057(WSAENOTCONN)";Peer="k@domain.com";Destination="10.1.1.219";source="LYNCMAIN.domain.local"
    Content-Length: 0


    03/01/2012|13:21:51.269 1554:1558 INFO  :: End of Data Received - 10.1.1.82:5061 (To Local Address: 10.1.1.210:56023) 912 bytes

    On other user's

    <reportError xmlns="http://schemas.microsoft.com/2006/09/sip/error-reporting"><error toUri="sip:m@domain.com" callId="bc59ae23e96f4de9862a95a1b8abb7d2" fromTag="01cb6f06c7" contentType="application/sdp;call-type=im" responseCode="0" requestType="INVITE"><diagHeader>52099;reason="Time out occurred while waiting for conference details";OriginalPresenceState="3000";CurrentPresenceState="3000";MeInsideUser="Yes";ConversationInitiatedBy="2";SourceNetwork="2";RemotePartyCanDoIM="Yes"</diagHeader><progressReports/></error></reportError>

    On the server

    TL_INFO(TF_PROTOCOL) [0]0B9C.02BC::03/01/2012-13:31:49.709.008f2f69 (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
    Trace-Correlation-Id: 1275396404
    Instance-Id: 0001CF27
    Direction: outgoing;source="local"
    Peer: 10.1.1.219:63985
    Message-Type: response
    Start-Line: SIP/2.0 401 Unauthorized
    From: <sip:k@domain.com>;tag=83ab21eae3;epid=806ab2018f
    To: <sip:k@domain.com>;tag=0587C51773F9EB1F4F32C8659D53927F
    CSeq: 1 REGISTER
    Call-ID: 2f9b109c5a094f1cb910601024751549
    Date: Thu, 01 Mar 2012 18:31:49 GMT
    WWW-Authenticate: NTLM realm="SIP Communications Service", targetname="LYNCMAIN.domain.local", version=4
    WWW-Authenticate: Kerberos realm="SIP Communications Service", targetname="sip/LYNCMAIN.domain.local", version=4
    WWW-Authenticate: TLS-DSK realm="SIP Communications Service", targetname="LYNCMAIN.domain.local", version=4, sts-uri="https://lyncmain.compasstechnologies.local:443/CertProv/CertProvisioningService.svc"
    Via: SIP/2.0/TLS 10.1.1.219:63985;ms-received-port=63985;ms-received-cid=21EF00
    ms-diagnostics: 1000;reason="Final handshake failed";HRESULT="0xC3E93EDF(SIP_E_AUTH_STALE_SA)";source="LYNCMAIN.domain.local"
    Server: RTC/4.0
    Content-Length: 0
    Message-Body: –
    $$end_record

    Makolyte, Software Developer + System/Network Admin

     
  • 06 Maret 2012 8:12
    Moderator
     
     Jawab
    Masuk untuk Memilih
    1

    Hi Makolyte,

    Yes, _sip._tls. <domain> should point to port 443.

    During DNS lookup, SRV records are queried in parallel and returned in the following order to the client:

    • _sipinternaltls._tcp.<domain> - for internal TLS connections
    • _sipinternal._tcp. <domain> - for internal TCP connections (performed only if TCP is allowed)
    • _sip._tls. <domain> - for external TLS connections

    The last two queries are for clients that are connecting from outside your internal network. When creating SRV records, it is important to remember that they must point to a DNS A record in the same domain in which the DNS SRV record is created.

    In addition, provide some Useful Tips for Testing Your Lync Server 2010 Edge Server. Hope helps.

    Noya Lau

    TechNet Community Support