locked
Lync Server not listening on port 5060 RRS feed

  • Question

  • I have Lync Enterprise Servers setup with a Front End Pool that are not listening on port 5060.  I have gone into the topology builder and setup a PSTN Gateway listening on Port 5060, set the mediation pool TCP port to 5060 and setup the front end pool to listen for TCP on 5060.  When I try to telnet to the server on port 5060 I do not get an answer.  I have run netstat and do not see 5060 listening.  Anyone have an idea?

    Thursday, January 6, 2011 9:21 PM

Answers

  • Run Get-CsService cmdlet. Look at the section "Identity                  : Registrar:lync001.contoso.local". The only Sip Port listed should be 5061. To me, looks like 5060 is also used for SIP: ...set the mediation pool TCP port to 5060 and setup the front end pool to listen for TCP on 5060..."

    If you want to listen for un-encrypted connections on your server, the mediation must be either set to listen on 5066 (or any other than used server ports) or you will need stanalone mediation.

     

    Drago


    http://ocsdude.blogspot.com | MVP Snom OCS Edition
    • Marked as answer by jyoungjr Friday, February 4, 2011 2:43 PM
    Friday, January 7, 2011 6:02 PM

All replies

  • Take a look at this blog article to verify that you have the configuration correct: http://www.confusedamused.com/notebook/enabling-unencrypted-tcp-connections-to-lync-on-port-5060/
    Jeff Schertz, Microsoft Solutions Architect - Polycom | MVP | MCITP: Enterprise Messaging | MCTS: OCS
    Thursday, January 6, 2011 9:41 PM
  • I read the article and ran the commands.  Got the following error:

    Set-CsRegistrar : PortNumber "5060" with UrlPath "/" causes a port sharing conf

    lict for IPAddress "0.0.0.0" on Machine "lync001.contoso.local" for the

    se service ports.

     

    Thursday, January 6, 2011 10:12 PM
  • Is the mediation pool colocated with front end pool?
    Johann Deutinger | MCTS Exchange 2007/2010 / OCS 2007 | ucblog.deutinger.de
    Friday, January 7, 2011 3:09 PM
  • Yes.  I can now see that the server is lsitening on port 5060.  I can telnet to the port but I am still getting a rejected call.
    Friday, January 7, 2011 4:27 PM
  • Run Get-CsService cmdlet. Look at the section "Identity                  : Registrar:lync001.contoso.local". The only Sip Port listed should be 5061. To me, looks like 5060 is also used for SIP: ...set the mediation pool TCP port to 5060 and setup the front end pool to listen for TCP on 5060..."

    If you want to listen for un-encrypted connections on your server, the mediation must be either set to listen on 5066 (or any other than used server ports) or you will need stanalone mediation.

     

    Drago


    http://ocsdude.blogspot.com | MVP Snom OCS Edition
    • Marked as answer by jyoungjr Friday, February 4, 2011 2:43 PM
    Friday, January 7, 2011 6:02 PM
  •  

    Hi..

    Is there any special way to do this, if the Mediation server is colocated with the FE, it gives a

    "Set-CsRegistrar : PortNumber "5060" with UrlPath "/" causes a port sharing conf"  error.

    Thank You

    Tuesday, February 15, 2011 2:15 PM
  • What do you want to achieve? Normally there is no reason to change port assignment on an FE server. Colocated Mediation server by default listens for TLS on 5067 and for TCP on 5068. Ports lower than that are used by other roles.


    Johann Deutinger | MCTS Exchange 2007/2010 / OCS 2007 | ucblog.deutinger.de
    Tuesday, February 15, 2011 2:21 PM
  • If the Mediation is collocated you'll need to leave the Mediation listening on port 5068, not 5060 as you've changed it to. 
    Friday, February 18, 2011 1:54 AM
  • Let’s summarize:

    By default, Lync does not listen on TCP port 5060. This is because TCP (unlike TLS) is not encrypted traffic and the signaling cold be captured easily, thus compromising user/or company secrets.

    It might be necessary, however to enable SIP over TCP on Lync by running “Set-CsRegistrar "registrar:fepool.domain.local" –SipServerTcpPort 5060”. In this case the following must be considered:

    1.       Once the command is run, the server will begin listen on port 5060, and no other application will be able to use this port.

    2.       This scenario explains why when we enable Co-located Mediation Server on FE pool and “Enable TCP port”, the default offer is 5068 – the goal is to avoid “potential” port conflict.

    3.       Now days many companies utilize SIP Trunking with providers, who, if not Lync certified, offer service over the standard port 5060. If this is the case, one of the two could be applied:

    -          If the server MUST utilize signaling over TCP, AND you use SIP trunk provider who does SIP over TCP on port 5060 only, you cannot co-locate Mediation role on SE FE pool.

    -          If you MUST co-locate Mediation with SIP trunk over TCP 5060, you cannot enable TCP signaling on this pool.

    ***I must amend this post. Just realized, that the above would apply if we have a pool with single IP address thus use SNAT and DNAT to connect to the SIP provider on port 5060. With dual NIC’s, when PSTN IP address is explicitly specified, the situation is different, since the Primary IP address specified in the topology would be used to listen for TCP calls to the Lync server, while the PSTN – for calls from the provider.

     

    Drago

    Friday, February 18, 2011 2:37 AM