none
Lync over VPN on ipad config RRS feed

  • Question

  • Hello. Recently we were tasked with allowing users to access our internal Lync server from an ipad using a vpn client. I know this is frowned upon vs an edge server, but they will only be using this for messaging. For whatever reason, the client will not connect, however I am reaching the interal domain controller, so I can see the login attempt. Just trying to figure out if there is something in the Lync server config that I might be missing. I went through the Client Version Policy and removed the iPadLync user agent block.

    Edit: I have also installed the internal CA cert. The error is "We couldnt sign you in. Please check your sign-in info and try again"

    • Edited by MattJ016 Thursday, August 24, 2017 1:44 PM
    Thursday, August 24, 2017 1:43 PM

All replies

  • Many of the VPN issues I see with Lync are due to the DNS presented.  Make sure you're presenting the Internal DNS server.  Also, make sure that you can resolve and reach lyncdiscover.domain.com and your external web services FQDN (which should be different than your pool name) over the VPN.  The two records should both accept requests on port 443 and redirect to port 4443.  This is what the iPad will use to connect to Lync.

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    Thursday, August 24, 2017 3:10 PM
  • Thanks for the suggestions. I can ping the lyncdiscover.domain.com. We also have another dns record called lyndiscoverinternal that I can hit. 

    I'm a novice when it comes to this lync server, so you'll have to excuse my ignorance, is there anything to check in the lync control panel I should check as well?

    Thursday, August 24, 2017 3:53 PM
  • When you resolve them on the VPN, do they resolve to internal IPs or external?  Also, what about the external web services FQDN?

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    Thursday, August 24, 2017 3:58 PM
  • They resolve to the internal IP. We do not have lync public facing if that's what you mean by external web services.
    Thursday, August 24, 2017 5:37 PM
  • Even if it's not public facing you still need that web service available internally and redirecting to the proper ports to the iPad client to work.  It's by design, a bit different than the Windows client.

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    Thursday, August 24, 2017 5:38 PM
  • Hi.

    VPN is not good for Lync. Low level performance for connection.

    It's ok for 25 users, but if you have more it's not working.

    Enabling Lync Media to Bypass a VPN Tunnel


    MCITP, MCSE. Regards, Oleg

    Thursday, August 24, 2017 7:31 PM
  • I believe I've got this working. I did make some changes client version policy, so I'm not sure if that helped. 

    I also had to use my full email address for the sign in, then specify the username in the advanced options.

    I appreciate the help.

    Thursday, August 24, 2017 8:42 PM
  • Glad to hear it's working!

    Please remember, if you see a post that helped you please click "Vote" on the left side of the response, and if it answered your question please click "Mark As Answer". SWC Unified Communications This forum post is based upon my personal experience and does not necessarily reflect the opinion or view of Microsoft, SWC, their employees, or other MVPs.

    Thursday, August 24, 2017 9:23 PM
  • Hi MattJ016,

    Thanks for your sharing, you could mark your reply as an answer because it will help others who has similar issue.


    Regards,

    Alice Wang


    Please remember to mark the replies as an answers if they help and unmark them if they provide no help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, August 25, 2017 4:06 AM
    Moderator