none
EDGE SERVER NIGHTMARE!!!!!

    Dotaz

  • hi all,

    I'm literally pulling my hair out. I have an Lync edge server at our us site, which is in the dmz with two nic's, dms has3 ip's and lan has 1 .

    Using www.testocsconnectivity.com eveything works fine on 443, but when I go to 5061 I get a failure. When i debug on the edge i get "Remote access is not enabled on this port".

    I have checked my topology and sip-us.domain.net is set to 5061 TLS , webconf-us and av-us are pointing to 443. This is all normal.

    Please help.

    7. února 2012 3:28

Odpovědi

  • Have you tried a telnet from an external PC to sip-us.domain.net  on port 443 and 5061

    If telnet answers, the you know the port are open.

    You can also try the the : Remote UC Troubleshooting Tool:    http://www.insideocs.com/Tools/RUCT/RUCT.htm


    If a post is helpful, please take a second to hit the green arrow on the left, or mark as answer, thanks.


    Jean-Philippe Breton | Senior Microsoft Consultant | MCTS, MCITP, MCT, Lync MVP

    7. února 2012 4:22
  • Hi,

    Is there any features of External user access did not work? Would you please tell more detailed error information about testing port 5061 and your topology structure?

    The port of Edge Server issue may be caused by the stopped or undefined Edge services. I suggest you try to verify if Edge services were started. If the services are started, there maybe something wrong with external connections, such as external DNS records or certificates. Here are some suggestions for you:                                                                                                

    1) Check the external DNS records. We can check the external DNS requirements according Microsoft TechNet document:

    http://technet.microsoft.com/en-us/library/gg398758.aspx

    2) Please also check the certificate requirements for External User Access.

    http://technet.microsoft.com/en-us/library/gg398920.aspx

    3) Please also make sure the setting of inbound/outbound traffic on your firewall is correct.

    4) Please refer to the following document to verify all ports of Edge Server have set correctly.

    http://technet.microsoft.com/en-us/library/gg425891.aspx

    5) In addition, please make sure you put in the hostname of the director server in the hosts file on the edge service if you have Director Server deployed.

    Best Regards,

    Kent HX

     

    9. února 2012 10:36

Všechny reakce

  • Have you tried a telnet from an external PC to sip-us.domain.net  on port 443 and 5061

    If telnet answers, the you know the port are open.

    You can also try the the : Remote UC Troubleshooting Tool:    http://www.insideocs.com/Tools/RUCT/RUCT.htm


    If a post is helpful, please take a second to hit the green arrow on the left, or mark as answer, thanks.


    Jean-Philippe Breton | Senior Microsoft Consultant | MCTS, MCITP, MCT, Lync MVP

    7. února 2012 4:22
  • Hello

    I assume you trying to test your federation with the 5061 test? Dont forget your sip (edge) service also need port 443 open for sip (tls) traffic.

    5061 is used for federation.

    Also make sure you have the correct external access policy set in your Lync Control Panel

    Regards

    8. února 2012 22:44
  • HI Reinhart,

    Just a quick correction, the Access Edge can also listen to 5061....could listen to basically any port.

    Of course this means that port X  needs to be open where ever the external Lync is...in order to work.  And 443 is usally open outbound everywhere.

    We have small client that have 1 or 2 public IP.... and use this config:

    Access Edge/federation :  5061

    Webconf:  443

    A/V: 444


    If a post is helpful, please take a second to hit the green arrow on the left, or mark as answer, thanks.


    Jean-Philippe Breton | Senior Microsoft Consultant | MCTS, MCITP, MCT, Lync MVP

    8. února 2012 23:28
  • Idd we use it aswell in some scenario's, i was a bit confused with "but when I go to 5061".

    8. února 2012 23:36
  • Hi,

    Is there any features of External user access did not work? Would you please tell more detailed error information about testing port 5061 and your topology structure?

    The port of Edge Server issue may be caused by the stopped or undefined Edge services. I suggest you try to verify if Edge services were started. If the services are started, there maybe something wrong with external connections, such as external DNS records or certificates. Here are some suggestions for you:                                                                                                

    1) Check the external DNS records. We can check the external DNS requirements according Microsoft TechNet document:

    http://technet.microsoft.com/en-us/library/gg398758.aspx

    2) Please also check the certificate requirements for External User Access.

    http://technet.microsoft.com/en-us/library/gg398920.aspx

    3) Please also make sure the setting of inbound/outbound traffic on your firewall is correct.

    4) Please refer to the following document to verify all ports of Edge Server have set correctly.

    http://technet.microsoft.com/en-us/library/gg425891.aspx

    5) In addition, please make sure you put in the hostname of the director server in the hosts file on the edge service if you have Director Server deployed.

    Best Regards,

    Kent HX

     

    9. února 2012 10:36
  • Hi,Vteckz,

    Any updates here?

    If you have fixed the issue please kindly share us the solution.Thanks!

    Regards,

    Sharon


    Sharon Shen

    TechNet Community Support

    ******************************************************************************************************************************************************* Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community memb

    13. února 2012 9:52
  • Hi Guys,

    I found the solution to this problem was actually the fact the edge server and lync server needed to be restarted after you change the ports on the topology to listen on 5061, instead of 443 (internally).

    Trick for young players... :)

    Thanks for all your advice.

    26. února 2012 20:40
  • Weird,

    You usally don't need to reboot the server to make them listen to port 5061.

    Well....glad it worked for you :-)

    Good old reboot :-)


    If a post is helpful, please take a second to hit the green arrow on the left, or mark as answer, thanks.


    Jean-Philippe Breton | Senior Microsoft Consultant | MCTS, MCITP, MCT, Lync MVP

    26. února 2012 22:52