locked
sipfed.online.lync.com - The peer forced closure of the connection RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote

    TL_ERROR(TF_CONNECTION) [edgepool\connyun-cce05]0900.08E4::10/24/2019-14:05:30.286.00002006 (SIPStack,SIPAdminLog::WriteConnectionEvent:SIPAdminLog.cpp(470)) [987116950] $$begin_record
    Severity: error
    Text: Receive operation on the connection failed
    Local-IP: 192.168.179.201:5061
    Peer-IP: 52.112.233.9:57546
    Peer: sipfed.online.lync.com:57546
    Connection-ID: 0x800
    Transport: M-TLS
    Result-Code: 0x80072746
    Data: fqdn="sipfed.online.lync.com";ip-address="52.112.233.9";peer-type="SharedAddressProvider";winsock-code="10054";winsock-info="The peer forced closure of the connection"
    $$end_record

    What does this error mean?

    Is our EdgeCertificate rejected? what root certificates are accepted by the sipfed.online.lync.com endpoint?

    This started while migrating our skype CCE to a new domain.

    Thaks

     Martin

    Thursday, October 24, 2019 2:28 PM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Martin,

    It seems a certificate issue.

    In my research, there is a document seems related to your issue.

    You can run nslookup sipfed.online.lync.com, then you will get IPs. One is different from 52.112.233.9.

    You could force sipfed.online.lync.com to resolve to the different one via hosts file, then restart edge Lync services and have a try.

    Please refer to the link: https://social.technet.microsoft.com/Forums/ie/en-US/f2907b92-7f30-4b65-9e72-0671dfd57fd2/event-12248-error-0x80072746-failed-to-complete-tls-negotiation-with-a-federated-peer-server?forum=lyncdeploy

    Best Regards,
    Sharon Zhao

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Friday, October 25, 2019 2:12 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Sharon,

    Thanks for the reply. I tried the suggestion to set a different IP in the hosts file.

    I was able to use the HOSTS file to point skype cce to a different IP.

    Please have a look at the following log entry, the same error occurs on a different address.

    Is this because our SSL certificate is rejected by the skype servers?

    our certificate has the following chain;

    Thx

     Martin

    -------- root

    Issuer: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE

    Subject: CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE

    ----------- intermdiate 1

    Subject: CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US

    ------------- intermediate 2

    Subject: CN=GoGetSSL RSA DV CA, O=GoGetSSL, L=Riga, C=LV

    ------------ our skype cce edge certificate

    Subject: CN=sip-cce.koerber.digital, OU=GoGetSSL Multi-Domain SSL, OU=Domain Control Validated

    ----------------------------------- cce log --------------

    TL_ERROR(TF_CONNECTION) [edgepool\connyun-cce05]0890.0A04::10/25/2019-12:36:11.669.00002002 (SIPStack,SIPAdminLog::WriteConnectionEvent:SIPAdminLog.cpp(470)) [987096081] $$begin_record
    Severity: error
    Text: Receive operation on the connection failed
    Local-IP: 192.168.179.201:5061
    Peer-IP: 52.112.233.9:36677
    Peer: sipfed.online.lync.com:36677
    Connection-ID: 0x100
    Transport: M-TLS
    Result-Code: 0x80072746
    Data: fqdn="sipfed.online.lync.com";ip-address="52.112.233.9";peer-type="SharedAddressProvider";winsock-code="10054";winsock-info="The peer forced closure of the connection"
    $$end_record
    Friday, October 25, 2019 9:22 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Martin,

    After you migrating your Skype for Business CCE to a new domain, do you modify the configure?

    You can try to Ping Skype for Business Frontend server on Edge server.

    Best Regards,
    Sharon Zhao

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Wednesday, October 30, 2019 10:09 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Martin,

    Is there any update on this case?

    Please feel free to drop us a note if there is any update.

    Have a nice day!

    Best Regards,
    Sharon Zhao

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Thursday, November 7, 2019 5:51 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Microsoft Support denies that it is a certificate issue and keeps asking for client side traces.

    They are slow to work on the details, I had to escalate the ticket.

    Thursday, November 7, 2019 8:35 AM
  • Question
    Sign in to vote
    0
    Sign in to vote

    Hi Martin,

    I understand your situation and mood very well.

    I will also keep looking for the root cause.

    Moreover, if you have some solutions over there, please remember to share it here. It will help more people with the same problem.

    Best Regards,
    Sharon Zhao

    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.

    Tuesday, November 12, 2019 9:16 AM