Answered by:
Issues with Hosted Exchange, UM and Lync 2013.

Question
-
Hello everyone!
I am trying to deploy UM with Office 365 Hosted Exchange. We are using one Lync 2013 Standard Edition FE and have deployed one edge server. We have set up our firewall to host the Reverse Proxy.
We do not use wildcard certs. External DNS resolves the _sipfederation and sip._tls SRV records to the external face of the edge server. The edge server functions as it should for remote users and mobility.
I have tried to follow these instructions to the letter three times over to no avail.
http://y0av.me/2014/01/07/lyncum365/
Neither Snooper or Event Viewer show any particular issue, though when I try to dial out to voice mail I will get one to two rings and then 5 seconds of silence a fast busy, and finally "Call Unsuccessful".
When checking the firewall logs I notice a seemingly random 10.x.x.x address being sent to the firewall by the external leg of the edge server. Wireshark captures it as STUN packets on port 3478 being sent to port 3478. These are being dropped by our firewall. I believe them to be RTP packets but I do not know if this is normal behavior. Has anyone any ideas?
- Edited by Donnie Derickson Wednesday, June 18, 2014 3:27 PM Needed to enter greeting.
Wednesday, June 18, 2014 3:17 PM
Answers
-
Confirm you have correct static routes on your Edge's internal nic to all Lync Server and Lync Client subnets. Have you restarted the Edge server? If NATing the External interface of the Edge server make sure the NAT is bidirectional.
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.- Marked as answer by Donnie Derickson Thursday, June 19, 2014 3:50 PM
Wednesday, June 18, 2014 4:16 PM
All replies
-
Did you run Snooper on the Edge server? Running on the Front End doesn't give much details for Hosted voice mail.
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.Wednesday, June 18, 2014 3:38 PM -
My mistake. Here is the snooper result.
TL_INFO(TF_PROTOCOL) [edge\edge]0C4C.05E4::06/18/2014-15:43:34.153.0000000C (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(265)) [3770767507]
Trace-Correlation-Id: 3770767507
Instance-Id: 2E5A
Direction: incoming;source="external edge";destination="internal edge"
Peer: exap.um.outlook.com:5061
Message-Type: response
Start-Line: SIP/2.0 488 Compression algorithm refused
From: sip:sip.domain.net;tag=08FB9ED133BA396696FE6546EA6F3031
To: sip:exap.um.outlook.com;tag=B8FFE4E9267ED6ECB78ADCC60126B53F
Call-ID: 66602CE1F9980BFA94AD
CSeq: 1 NEGOTIATE
Via: SIP/2.0/TLS 10.11.11.23:50752;branch=z9hG4bK2132316E.5B3AF52DE2753A36;branched=FALSE;received=207.46.5.9;ms-received-port=50752;ms-received-cid=60172700
Content-Length: 0
Server: RTC/5.0
TL_INFO(TF_NETWORK) [edge\edge]0C4C.05E4: :06/18/2014-15:43:34.153.0000000D (SIPStack,NegotiateLogic::SetCompressionType:NegotiateLogic.cpp(2701)) [559249495]( 00000079B1274FB8 ) Compression type is now CompOff
TL_INFO(TF_NETWORK) [edge\edge]0C4C.05E4: :06/18/2014-15:43:34.153.0000000E (SIPStack,NegotiateLogic::ProcessCompressionResponse:NegotiateLogic.cpp(2217)) [559249495]( 00000079B1274FB8 ) Peer refused [488] our request for compression
TL_INFO(TF_NETWORK) [edge\edge]0C4C.05E4: :06/18/2014-15:43:34.153.0000000F (SIPStack,NegotiateLogic::AdvanceOutboundNegotiation:NegotiateLogic.cpp(910)) [559249495]( 00000079B1274FB8 ) Outbound negotiation sequence is complete
$$end_record
And finally..
TL_INFO(TF_PROTOCOL) [edge\edge0C4C.05E4::06/18/2014-15:43:49.379.0000002E (SIPStack,SIPAdminLog::ProtocolRecord::Flush:ProtocolRecord.cpp(265)) [962697980]
Trace-Correlation-Id: 962697980
Instance-Id: 2E61
Direction: incoming;source="internal edge";destination="external edge"
Peer: fe1.domain.net:61254
Message-Type: request
Start-Line: BYE sip:uminternal.um.prod.outlook.com:5066;transport=Tls;ms-fe=CO1PR02MB111.namprd02.prod.outlook.com SIP/2.0
From: <sip:user@domain.net>;tag=b736386270;epid=9bcee72318
To: <sip:user@domain.net;opaque=app:voicemail>;tag=eced411395;epid=07C3F2A933
Call-ID: 4266a095bdef8280d67c7e7df58446fc
CSeq: 2 BYE
Via: SIP/2.0/TLS 10.10.10.25:61254;branch=z9hG4bKC848F11A.A88BCA6858661A50;branched=FALSE
Via: SIP/2.0/TLS 10.10.10.125:49156;ms-received-port=49156;ms-received-cid=401200
Route: <sip:edge.domain.net:5061;transport=tls;opaque=state:Si;lr>
Route: <sip:exap.um.outlook.com:5061;transport=tls;epid=07C3F2A933;lr;ms-key-info=AAEAARc45bIQE6UJAYvPAR8eV4QTvCH3EE2Kxtie7I2PMCSj-2aArKHP8dStYlJe-9jphIkz_mDEkCD_v8hY-mghQEHD6-F12E7E14YG-TJ2gEcQE0Bx2r_rDB3LrzRZzgQ0WVvxreLPWGI80elWF-xfbc_X3JE8mOR2OB9KQM8-e9WOjfq2kj6CnDGeL0yzgz4OB8zm-ao03Yo4gMZ-BpwaxC3BNuvvVDJo9wqrYftq_Z3MIVewWrqcDt5Td4vxCsMiXdwEqtEIRKVvQoqboleBJAyQl-C3qGgfEoSkUnApFuTSnQYRa4kbZ1iPaACpdKT-VTQGjc9HXfps48YJCsIXW0Ab_NSM2uvhUyw900men1ukXSmoZoWZbwqe5siuWVUcFoQl1h1Jcy4lCyZUfDZoqPzDioLqTk9iUmS8fa-PAJjsq72yGjVB_y1aJSxtHVsw7MiDqOGOPqT3dmF-sINkeyuokCy8UCf_cQHmEHwVzZLUJqaVccr3QNCLsBzhcWSypnC60ZZphOKuwl6RvUXWICPf0ubLTL2ppC3tWEgFdUUWOPVd84uGlMcqRLKGb1qrmpj8Nu6Lte7t5n2pMEBCfgAe79t4GO0C5KScdKT_XBM1iIBRXdNkPKHfSgC-wPQgRikdw7vRD-hOWlN5Lay7-zkQ4Ag6rauszFTAwbft99OieAOxKIsgYcxXxcG6;ms-route-sig=fiEMuzbN4_PyEz_I5gG3g8FtqNAonwgZCoRnOq-ByfYEtywTZp-Hk_eAAA>
Max-Forwards: 69
Content-Length: 0
ms-client-diagnostics: 22; reason="Call failed to establish due to a media connectivity failure when both endpoints are internal";CallerMediaDebug="audio:ICEWarn=0x40003a0,LocalSite=10.10.10.125:6735,LocalMR=10.11.11.23:51430,RemoteSite=10.27.46.15:5286,RemoteMR=207.46.5.80:54106,PortRange=1025:65000,LocalMRTCPPort=51430,RemoteMRTCPPort=54106,LocalLocation=2,RemoteLocation=2,FederationType=0"
$$end_recordWednesday, June 18, 2014 3:56 PM -
Confirm you have correct static routes on your Edge's internal nic to all Lync Server and Lync Client subnets. Have you restarted the Edge server? If NATing the External interface of the Edge server make sure the NAT is bidirectional.
Please mark posts as answers/helpful if it answers your question.
Blog
Lync Validator - Used to assist in the validation and documentation of Lync Server 2013.- Marked as answer by Donnie Derickson Thursday, June 19, 2014 3:50 PM
Wednesday, June 18, 2014 4:16 PM -
Interestingly enough, I enabled NAT on the A/V Edge service in Topology Builder and entered the NAT enabled public IP address, exported the configuration over to the edge, rebooted and all is well.
It very well could have been just simply rebooting the server. Thanks for your thoughts and ideas.
Thursday, June 19, 2014 3:50 PM