locked
Sign in Issue RRS feed

  • Question

  • Hello All,

    I am unable to sign in to Skype for business externally. Internal is working fine. 

    Error: The server is temporarily unavailable.

    Monday, April 16, 2018 9:11 AM

All replies

  • Hi Hello 365,

    Please test SfB sign in using https://testconnectivity.microsoft.com/ to troubleshoot your problem.

    Regards

    Simon


    If you find that my post has answered your question, please mark it as the answer. If you find my post to be helpful in anyway, please click vote as helpful. Regards Simon Disclaimer: This posting is provided AS IS with no warranties or guarantees, and confers no rights.

    Monday, April 16, 2018 9:42 AM
  • Hello Simon,

    I tried to perform the test, it failed with below error:

    Could you please help on this one, as it seems the test didn't give the detailed error? Thank you.

    Tuesday, April 17, 2018 1:48 AM
  • Hi,

    Did you deploy edge server in your environment?

    If not, please deploy it because edge server is the required component for external access, for details, please refer to
    https://docs.microsoft.com/en-us/skypeforbusiness/deploy/deploy-edge-server/deploy-edge-server


    Best Regards,
    Alice Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Tuesday, April 17, 2018 5:40 AM
  • Hello Alice,

    Yes, I do have edge server deployed. Please kindly help check whether there are any possible reasons for this issue? Thank you.

    Tuesday, April 17, 2018 8:33 AM
  • Hi,

    Thanks for your response.

    For this issue, we suggest you check if there are any error/Event ID in your Edge server application log, also make sure you have correct certificate of Edge server.


    Best Regards,
    Alice Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, April 18, 2018 8:55 AM
  • Hello Alice,

    There is no error in the Event log and correct certificate is assigned. Thank you.

    Wednesday, April 18, 2018 10:00 AM
  • Hello Hello 365,

    1. Need to verify if the user account is configured with External Access policy to allow Remote sign in

    2. Verify Edge configuration is right and try with client on edge server with host entry for "access edge FQDN"

    to validate if the connection is going fine from edge external interface to sign in

    3. Are we able to telnet Edge from outside on 5061 or 443 depending on your configuration

    4. Verify that the DNS records are configured correctly

    5. Easiest way to start with logs would be to check the remote UCCAPI client log with Netmon , post flushing DNS cache


    • Edited by Prashant Bhosle Wednesday, April 18, 2018 7:54 PM
    • Proposed as answer by Alice-Wang Thursday, April 19, 2018 3:16 AM
    Wednesday, April 18, 2018 7:54 PM
  • Hello Prashant,

    1. Need to verify if the user account is configured with External Access policy to allow Remote sign in
    Yes, all users in the org are configured for allowing remote sign in

    2. Verify Edge configuration is right and try with client on edge server with host entry for "access edge FQDN" to validate if the connection is going fine from edge external interface to sign in

    3. Are we able to telnet Edge from outside on 5061 or 443 depending on your configuration
    Yes, telnet successfully on port 5061 and 442

    4. Verify that the DNS records are configured correctly
    Yes

    5. Easiest way to start with logs would be to check the remote UCCAPI client log with Netmon , post flushing DNS cache
    From the UCCAPI log, the error is as follows:

       VerifyOnEnableEvent result return ONENABLE_FAIL_SERVER_NOT_REACHABLE
       status=0x80072746
        ACTION: SERVER NOT REACHABLE
        NO MORE SERVER TO TRY
        ACTION : PERMANENT ERROR

    Please advice.

    Thursday, April 19, 2018 9:24 AM
  • Hi,

    Thanks for your response.

    Did the issue only happen to the specific user?

    If the specific user had the issue, please try to rebuild the user profile test again.


    Best Regards,
    Alice Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Friday, April 20, 2018 8:55 AM
  • Lets check the following
    A silly question - hope we have tried from different locations
    1. Verify the Port for Access Edge FQDN for Edge in Topology is 442
    2. If we are listening on 442 , lets try Manual configuration for external client
    3. With help of this article lets find out what is edge listening on
    http://blog.schertz.name/2012/07/understanding-lync-edge-server-ports/
    “netstat –abn”  = to check if the service we want is listening on the required port
    and
    best to run telnet edge.domain.local 5061 fr remote and check if TCP port is showing established on edge server
    4. Please also check the firewall logs at the same time if the connections are reaching the edge, one of the case Firewall rule was rerouting all traffic for port 443 to some thirdparty web server
    5. A seperate test from above
    a. Netmon and Ucapi (external client)
    b. Same time firewall logs
    c. Netmon and sip trace on edge
    Follow the connection from client logs should help us where is the network failing
    Friday, April 20, 2018 3:00 PM
  • @Prashant, thank you for your reply. I will try to follow your steps and get back soon.
    Monday, April 23, 2018 10:04 AM
  • Hello Prashant, 

    I followed your steps to collect NetMon logs and Ucapi log. however, i don't know how to analysis these logs. :(

    Wednesday, April 25, 2018 5:40 AM
  • Hi,

    You can send the log files to the following email address: ibsexc@microsoft.com


    Best Regards,
    Alice Wang


    Please remember to mark the replies as answers if they helped. If you have feedback for TechNet Subscriber Support, contact tnsf@microsoft.com.


    Click here to learn more. Visit the dedicated forum to share, explore and talk to experts about Microsoft Teams.

    Wednesday, April 25, 2018 7:50 AM
  • Dear Alice,

    Thank you for your information.

    I have a small query, not sure whether this is the issue. As i set sip.contoso.com to port 442 in the edge pool topology. However, from the UCCAPI log, it seems that still connect via port 443? And, if this is the issue, what can we do for fixing this?

    04/25/2018|16:00:49.716 260C:440C TRACE ::
    SIP_MSG_PROCESSOR::ResolveSipUrlAndSetRequestDestination no open connection for pszDest sip.contoso.com:443

    04/25/2018|16:00:49.759 260C:440C INFO  ::
    SockMgr: Create New Connection:DestName:(sip.contoso.com)DestPort:(443)Transport:(2)httpTunnel:(0)TLS RemotePrincipalName:(sip.contoso.com)

    Wednesday, April 25, 2018 9:21 AM
  • HEllo 365,

    Please provide me a drop box location to check the logs or mail it to me at pbhosle607@gmail.com

    • Proposed as answer by Alice-Wang Thursday, April 26, 2018 1:35 AM
    Wednesday, April 25, 2018 5:03 PM
  • Thank you all for your help.

    This issue has been resolved.

    Monday, June 11, 2018 6:09 AM