locked
Failure when trying to call an external client from internal client RRS feed

  • Question

  • Hi,

    We have just implemented a Lync 2013 Enterprise install consisting of the following :

    2 x Lync 2013 Front End servers

    2 x Lync 2013 Edge servers

    1 Reverse Proxy using TMG 2010

    It is a co-existence scenario with Lync 2010 and all users are in the new 2013 pool.

    We are experiencing several small issues such as missing IM message on clients however the main concern is the inability to video or audio call a client from internal to external and external to internal.  I'm using a Lync 2013 desktop client to connect to a 3G iPhone running the Lync 2013 client and the connection attempts, the recipient's phone rings, however the call fails with a 'Call failed due to network issues' message on the desktop client.  When calling the internal user, externally, the iPhone client states 'Can't connect the call'  This is affecting all users.

    Internally, video and audio are working well.

    Firewall and DNS records all look correct as per an enterprise deployment.  I've noted a failure when running the external OCS Connectivity checker when using the autodiscover options however when i manually connect using the external sip address of sip.contoso.com:443 the test is successful.  I believe this is due to our requirement for federation.

    Looking at the client logs on the desktop when this connection fails, i see the following message :

    ms-client-diagnostics: 22; reason="Call failed to establish due to a media connectivity failure when both endpoints are internal";CalleeMediaDebug="audio:ICEWarn=0x10002b,LocalSite=192.168.30.62:27486,LocalMR=192.168.4.117:3478,RemoteSite=10.212.145.64:25584,PortRange=1025:65000,LocalLocation=2,RemoteLocation=2,FederationType=0,NetworkName=NETWORK.CO.UK,Interfaces=0x2,BaseInterface=0x2,BaseAddress=192.168.30.62:21712"

    This message occurs on an internal endpoint (my desktop) when connecting to an external 3G iPhone - clearly both endpoints are not internal

    Can anyone offer some clues as to why this is happening?


    Persevere, Persevere, Per..


    • Edited by Nealus Thursday, April 17, 2014 10:26 AM
    Thursday, April 17, 2014 10:25 AM

Answers

  • This has been resolved and was found to be a problem with one of the VM hosts where one of the Edge servers resided.  This guest could not ping the DMZ gateway address or any of its own DMZ-side addresses.  It was vmotioned to another host and we were able to ping correctly.  Following this video is now working.

    Thanks


    Persevere, Persevere, Per..

    • Marked as answer by Nealus Thursday, April 24, 2014 2:44 PM
    Thursday, April 24, 2014 2:44 PM

All replies

  • Run get-CsconferencingPolicy to check the AudioBitRateKb value is 200. If not, please change it to 200.

    Also verify firewalls port is opened


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer" Mai Ali | My blog: Technical

    Thursday, April 17, 2014 6:40 PM
  • What i feel here this would happen due to the Firewall port configuration. Please refer the below link and open appropriate port which require for Lync external access

    http://blog.schertz.name/2012/07/understanding-lync-edge-server-ports/

     

    Friday, April 18, 2014 6:36 AM
  • Agree with hirantha.

    Can you call from internal desktop client to external desktop client?

    Please check that first.

    If not, check the required port requirement for Lync Edge Server:

    http://technet.microsoft.com/en-us/library/gg398798.aspx


    Lisa Zheng
    TechNet Community Support

    Friday, April 18, 2014 9:13 AM
  • Hi All - thanks for replies

    Firewall side is looking good - all tests using OCS connectivity tool pass along with manual telnet checks externally.

    I will check in to the audio bit rate and report back


    Persevere, Persevere, Per..

    Sunday, April 20, 2014 9:02 AM
  • Hi,

    this says "All endpoints are Internal" which means this is either from Firewall to External Edge Interface or from Internal Edge interface to end clients. most common scenario is that, there's no routing from internal Edge interface to client subnet. 




    Z-Hire -- Automate Lync User Account creation process ( AD / Exchange / Lync )

    Tuesday, April 22, 2014 2:39 AM
  • I've confirmed that from the internal client I was testing from (192.168.30.63) is routable via a static route on both Edge servers.  There are static routes in place for all client subnets as well as the front end server subnets


    Persevere, Persevere, Per..

    Tuesday, April 22, 2014 7:30 AM
  • Hi,

    Can you please confirm that your Edge servers have an internal facing interface and also a different external facing interface. 


    Please remember, if you see a post that helped you please click "Vote As Helpful" and if it answered your question, please click "Mark As Answer"
    Lync Sorted blog

    Tuesday, April 22, 2014 8:09 AM
  • I can confirm the Edge Servers are configured with one internal NIC and one external NIC. The external NIC has three IP addresses assigned, all of which are in the DMZ (three external IP addresses are NATd to these three DMZ IPs).

    The Edge internal NIC is pingable from any of the internal client subnets.  Additionally, there are static routes on each Edge to route internal bound traffic through the internal default gateway.


    Persevere, Persevere, Per..

    Tuesday, April 22, 2014 8:28 AM
  • This has been resolved and was found to be a problem with one of the VM hosts where one of the Edge servers resided.  This guest could not ping the DMZ gateway address or any of its own DMZ-side addresses.  It was vmotioned to another host and we were able to ping correctly.  Following this video is now working.

    Thanks


    Persevere, Persevere, Per..

    • Marked as answer by Nealus Thursday, April 24, 2014 2:44 PM
    Thursday, April 24, 2014 2:44 PM