locked
Problem connecting with Edge servers RRS feed

  • Question

  • We're standing up our 2010 Edge server but I'm running into issues getting the client to authenticate and connect.

    Couple of issues:

    For the Lync Remote Connectivity Analyzer - it generates an error about being unable to obtain the SSL certificate if I have the SRV record on port 443 - change that to port 5061 and the test completes successfully.

    We've gone so far as to do an Any rule into the Edge server and an Any from the internal interface to the Enterprise Pool and we're not seeing any traffic.  The Lync client just seem unable to communicate to past the public interface of the edge server.

    I've used telnet to test all the ports in the correct directions and we pass.  I'm scratching my head as where it's gone sideways.

    Any suggestions as to where to look?

    Monday, January 14, 2013 8:41 PM

Answers

  • Just to make sure.  Can the edge server resolve all internal Lync Servers and Pools by FQDN?  This would need to be both the enterprise edition pool name and all front-end servers in that pool.  Also any mediation servers as well.

    If you run OCS Logger on the edge server do you see the SIP Traffic attempting to authenticate?

    Thanks,

    Richard


    Richard Brynteson, Avtex, Lync MCM, Blog - www.masteringlync.com

    • Proposed as answer by Lisa.zheng Tuesday, January 29, 2013 12:42 PM
    • Marked as answer by Lisa.zheng Wednesday, January 30, 2013 3:52 AM
    Tuesday, January 15, 2013 3:44 AM
  • How many IP address did you use for you Lync edge server external interface?

    What is the listening port for your access edge server?

    There are two SRVs for Lync edge server. _sip_tls.<domainm.com> is for auto discovery listening on port 443. _sipfederationtls._tcp.<domain.com> is required for automatic DNS discovery with federated partners.

    Please try to sign in manually.

    Here is a blog for you to troubleshoot step by step.

    http://blogs.technet.com/b/nexthop/archive/2011/12/07/useful-tips-for-testing-your-lync-edge-server.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Proposed as answer by Lisa.zheng Tuesday, January 29, 2013 12:42 PM
    • Marked as answer by Lisa.zheng Wednesday, January 30, 2013 3:52 AM
    Tuesday, January 15, 2013 12:31 PM

All replies

  • Just to make sure.  Can the edge server resolve all internal Lync Servers and Pools by FQDN?  This would need to be both the enterprise edition pool name and all front-end servers in that pool.  Also any mediation servers as well.

    If you run OCS Logger on the edge server do you see the SIP Traffic attempting to authenticate?

    Thanks,

    Richard


    Richard Brynteson, Avtex, Lync MCM, Blog - www.masteringlync.com

    • Proposed as answer by Lisa.zheng Tuesday, January 29, 2013 12:42 PM
    • Marked as answer by Lisa.zheng Wednesday, January 30, 2013 3:52 AM
    Tuesday, January 15, 2013 3:44 AM
  • How many IP address did you use for you Lync edge server external interface?

    What is the listening port for your access edge server?

    There are two SRVs for Lync edge server. _sip_tls.<domainm.com> is for auto discovery listening on port 443. _sipfederationtls._tcp.<domain.com> is required for automatic DNS discovery with federated partners.

    Please try to sign in manually.

    Here is a blog for you to troubleshoot step by step.

    http://blogs.technet.com/b/nexthop/archive/2011/12/07/useful-tips-for-testing-your-lync-edge-server.aspx


    Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.

    • Proposed as answer by Lisa.zheng Tuesday, January 29, 2013 12:42 PM
    • Marked as answer by Lisa.zheng Wednesday, January 30, 2013 3:52 AM
    Tuesday, January 15, 2013 12:31 PM