locked
Two problems with Federation to public free Skype RRS feed

  • Question

  • Hey guys. I posted a question leading up to this in a separate thread but I actually thought it may be more appropriate to post this in a brand new thread as the issue has changed somewhat. So I have enabled federation in my environment and recreated the Skype federated provider per this article:

    https://blogs.technet.microsoft.com/canitpro/2015/11/09/step-by-step-skype-connectivity-configuration-with-on-premise-skype-for-business-2015/

    I have actually followed that entire article just as an FYI, including Microsoft registration (which they emailed confirming it was completed) Now the fun has started. The first problem that I am having is that internally I can search the public Skype directory and find my free account. I can then send it a contact request and I will receive the request on my free account. But when I accept the request on my free account, it seems like it doesn't makes it back to my S4B account as the request just stays in "Pending - Skype" Google doesn't come up with anything helpful so hopefully you guys may have some ideas here. I do have port 4443 open from my front end servers to my edge servers so I don't think it's anything as simple as opening a firewall port. Additionally, as this this a test lab, I have outgoing from my edge servers wide open right now as the plan is to get outbound locked down once everything is running perfectly.

    My next issue is that from external clients (my desktop at home for example) I cannot even search Skype public contacts. It says "An error occurred during the search. Please try again, and contact your support team if the problem continues". I have my deployment set up properly for federation from what I can tell based off of the various bits and pieces of documentation that I can find, but I must be missing something here. Any thoughts on this one?

    Thanks guy. I'll check back in on this first thing tomorrow morning and take it from there. Thanks again!

    Thursday, July 28, 2016 2:37 AM

Answers

  • Hi

    I suggested port 4443 open from your Edge to the Internet not Fe to Edge. Skype Directory Search requires 4443 TCP outbound from the access edge IP.

    Without SDS you can add Skype consumer addresses if you know their SKype ID only.

    Have you run clslogging to capture the federating traffic to see if it is a certificate error or some other kind of error as I also suggested?

    thanks


    Note: Please remember to `Mark as Answered` a post that answers your question and/or `Vote as Helpful` posts that have helped you. This will help others find answers to similar problems. For more Skype for Business help visit: http://www.skype4b.uk Please note that answers are based on my experience and opinion only and do not necessarily represent the views of my employer.

    • Marked as answer by Brolide Thursday, July 28, 2016 11:21 PM
    Thursday, July 28, 2016 9:45 AM

All replies

  • Hi

    I suggested port 4443 open from your Edge to the Internet not Fe to Edge. Skype Directory Search requires 4443 TCP outbound from the access edge IP.

    Without SDS you can add Skype consumer addresses if you know their SKype ID only.

    Have you run clslogging to capture the federating traffic to see if it is a certificate error or some other kind of error as I also suggested?

    thanks


    Note: Please remember to `Mark as Answered` a post that answers your question and/or `Vote as Helpful` posts that have helped you. This will help others find answers to similar problems. For more Skype for Business help visit: http://www.skype4b.uk Please note that answers are based on my experience and opinion only and do not necessarily represent the views of my employer.

    • Marked as answer by Brolide Thursday, July 28, 2016 11:21 PM
    Thursday, July 28, 2016 9:45 AM
  • Hey Mark:

    Thanks for the replies on both threads and i have made some progress but have not 100% resolved my issues. Here is where I am.

    On my internal client I can still search for and add contacts. The two test requests i sent out last night seem to have finally gone through, but it was not instant. I would like clarification on if this is supposed to be instant or not because it seems like there is an 8-10 hour delay between accepting the contact request from public Skype and both ends seeing the other as accepted/available. I can live with this if this is considered normal but wouldn't mind optimizing if possible.

    External clients are still erroring out when searching. For clarification, I do have outbound from my edge servers completely open so there should not be any firewall rules in place blocking the traffic. I have started researching cslogging to try to determine how to best utilize this to capture the traffic you mentioned but I have never used this as i am extremely new to Skype/Lync on the whole. In the meantime while I am researching, do you have any specific instructions on how i can use this utility to get that info? The regular windows event viewer is coming back clean.

    Sorry for asking so many questions, this has been a difficult deployment and I am on an extremely tough timeline so I certainly appreciate all of the help I have been getting here!

    Thursday, July 28, 2016 4:48 PM
  • Hello: This ultimately worked itself out in the literal sense. I left it alone for a couple of hours to work on something else and when i came back it was working. The only thing that changed was that i deployed a reverse proxy server to get mobility up, but it had been indicated to me that this was not necessary so I'm not really sure what happened.
    Thursday, July 28, 2016 11:25 PM