We have the following scenario:
All servers are installed with Windows Server 2008 R2 Service Pack 1. Lync Standard Server was configured with sip home.com.br domain and Active Directory domain is named fqdn home.intranet
Installing and configuring Edge Pool was conducted in accordance with the article: Instalação do Lync Edge Server em DMZ Double Hop (pt-BR) 


After publishing the Edge Server in the structure Lync customers exhibit the error
Calling External Limit

The following message is displayed by clicking the error

Some calls to and from people outside of your corporate network may not connect due to server connectivity problems. Try singing out and singing back in. If this problem continues, please contact your support team. 


This error occurs when traffic MRAS is not permitted from the Front End server into the Edge Server internal network card.
Enabling logging on the Lync client can see the error line


And the log of the firewall that separates the Front End Server and Edge Server can see the connection fails


To solve this problem, create a firewall rule allowing the connection on port 5062/TCP originating from the Front End Server and Edge Server destination.
In this environment, we created a protocol in TMG 2010
MRAS Authentication
Port: 5062
Protocol: TCP
Direction: Inbound

And created an access rule between server roles

With the rule created in the user log out Lync client and log in again. The error should disappear.

And the firewall log should show a successful connection to the configured port.


Other Languages

This article is also available in the following languages: