We're currently testing a deployment of Lync Server 2013. Everything works fine internally, but I've noticed a strange issue when a remote user tries to join an online meeting via the Lync Web App.
Shortly after joining the meeting, a message appears saying that the call was ended due to connectivity issues. On our local network, or via a VPN connection, we do not experience this problem.
Sniffing the traffic, on the remote end, I noticed that the web app is sending out UDP packets to ports in the 55000 range (used for the call)to the LAN IP address of the Lync Server (e.g., 10.0.0.x), not the public address.
How did the external client get this local IP address? It can't be via a DNS lookup, since out internal domain name isn't valid outside. Is the meeting page somehow publishing internal domains/IPs? Where do I correct this configuration? Is this why calls are
being dropped, or could there be another cause?
We are using a reverse proxy (using Apache) to expose the Lync external web site (:4443) to the outside.
Any help will be greatly appreciated!
↧
LWA: calls being dropped, connectivity issues from remote client (local IP address being published?)
↧
Office Web Apps + Reverse Proxy (F5) : Allow External Access
Hi,
I have installed Office WEb Apps SErver and assigned an internal Certificate to it. Connecting internally with lync 2013 clients is fine. I now want to publish it externally via our Reverse Proxy (F5). The internal certificate has the following settings:
- Common Name: OFFICEWEB1.domain.local
- SAN: OFFICEWEB1.domain.local / OFFICEWEB1.domain.com / OWAS.domain.com
I then ran:
New-OfficeWebAppsFarm -InternalUrl "https://officeweb1.domain.local" -ExternalUrl "https://owas.domain.com" -CertificateName "OfficeWebApps Certificate"
Two questions for allowing external access or use of this server for lync powerpoint (not sharepoint or Exchange):
- F5 (Reverse Proxy) Certificate: Do I include only OWAS.domain.com as a SAN entry on the certificate (no need for officeweb1.domain.com?)
- What else do I run on the Office Web App server to allow or publish its use for external people?
Looking at this forum post, I think all I need to do is:
- 'publish' on the F5 and
- point OWAS.domain.com to the External/Public IP of the Reverse Proxy on our External DNS
Thanks
↧
↧
Error when accessing externally
Hi all,
Testing a Lync 2013 deployment. Everything seems to be working just fine internally. I setup an edge server and proxy server (ARR) to allow external access.
Running Remote Connectivity Analyzer, I get this error:
Testing remote connectivity to Microsoft Lync server through the Lync Access Edge server sip.xxxxxxx.com on port 443 to verify user <username>@xxxxxxx.com can connect remotely. Specified remote connectivity test(s) to Microsoft Lync server failed. See details below for specific failure reasons. Additional Details Couldn't sign in. Error: User failed to get response from MRAS server. SIP service request to MRAS server failed. Error Message: A 504 (Server time-out) response was received from the network and the operation failed. See the exception details for more information.. Error Type: PublishSubscribeException. Fault Code: . Response Code: 504. Response Text: Server time-out. Diagnostic Header: ErrorCode=1038,Source=FESERVER.xxxxxxx.com,Reason=Failed to connect to a peer server,fqdn=EDGE.xxxxxxx.com,peer-type=InternalServer,winsock-code=10061,winsock-info=The peer actively refused the connection attempt Microsoft.Rtc.Signaling.DiagnosticHeader .
I've checked my firewall and everything seems to be setup correctly. Any pointers here?
Thanks
↧
External user gets "some presenting features are unavailable due to server connectivity issues but internal users are fine
Hi,
Running Lync 2013. An external user can share a ppt file and get the message but the internal user can view the ppt file.
We're using Nestcaler with SSL offloading. Our internal users use the same vserver as the external users but only the external users fail to see the ppt file. They can apparently upload the file and if an internal user is in the meeting, only the internal user can see it.
I checked the various urls to test office apps from outside with success. Both internal and external users use the same cert on the same vserver.
There's currently only one server in the pool configured for SSL offloading.
Any troubleshooting suggestions?
rudif
↧
How do I prevent the GALContacts from downloading to a user's computer?
Hi,
It's a security risk to allow an external client to download the entire GAL in plain text.
How can we mitigate the risk of downloading the GAL in plain text?
Thanks,
rudif
↧
↧
Lync OAuth Certificate Assign Error
I have created the default cert and it is assigned.
next I created the OAuth and when it goes to assign it fails where it is unable to read the group container. am having trouble with this not understanding. Can someone teach me a bit about this?
Thanks
| Lync Server 2013 Deployment Log |
| Action | Action Information | Time Logged | Execution Result | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
↧
Lync server 2013 - Federation between 2 servers but through internal network
Hi,
I'm sorry if what I am about to ask is silly but to be honest my knowlege on Lync server is quite limited, and as usual I've been tasked to install 2 different lync server 2013 in 2 different networks with their own AD forest vlans and everything.
the task I can't seem to find an answer for is that i've been asked to federate these 2 different server but through our internal network and not through internet (the idea is to not publish them to the outside world).
Is there any way i can make these 2 diffenret servers to federate and of course users from lync server 1 to talk to users in lync server 2 ?
↧
Problem Command line Lync Server 2013 MOC 2036B
Hey guys good morning
I'm MCT, and I doing the training of the lynk server 2013, but in the exercise number 2 of the Lab 3. Existe more command line for execut in the powershell.
I have a problem in the command line bellow.
foreach ($user in $users){Enable-CsUser -Identity $user -RegistrarPool $csPool -SipAddressType SAMAccountName -SipDomain $sipDomain;}
After make the comando on the powershell, I recive the Messenger error about this sintaxe.
I need the correct sintaxe for make this exercise. When I wait for answer, I go to add the all users on the lynk control panel.
A hug.
Marcus
↧
Can Only the Push Notifications Feature Be Deployed?
Can the only functionality deployed be the Microsoft Push Notifications Service? What I need to do is send 4M push notifications per sec and don't want to waste cycles with other activities on my servers. I want to optimize Lync Server to support the Windows Push Notification Services (WNS).
↧
↧
Can Existing Windows Push Notification Services Support An Additional 4M Transactions Per Sec?
Or should I seek a different solution?
↧
Failed to get WebTicket error on 2013 iPad - Lync 2013
Hi,
Users in my Lync 2013 Standard environment can't log into 2013 iPads internally. 2010 iPad clients are fine. We have deployed an RP and Edge although external access has not been implemented at this stage.
CU7 installed
I'm seeing this error on 2013 iPad client logs. Refers to the webticket service on the front-end. Can anyone shed light on this error and why internal ios clients can't log in?
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"><s:Body><s:Fault><faultcode xmlns:a="http://docs.oasis-open.org/ws-sx/ws-trust/200512">a:InvalidScope</faultcode><faultstring xml:lang="en-GB">The AppliesTo element of web ticket request points to a different web server or site.</faultstring><detail><OCSDiagnosticsFault xmlns="urn:component:Microsoft.Rtc.WebAuthentication.2010" xmlns:i="http://www.w3.org/2001/XMLSchema-instance"><Ms-Diagnostics-Fault><ErrorId>28037</ErrorId><Reason>The AppliesTo element of web ticket request points to a different web server or site.</Reason></Ms-Diagnostics-Fault><NameValuePairs xmlns:a="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/></OCSDiagnosticsFault></detail></s:Fault></s:Body></s:Envelope></ReceivedResponse> 2013-09-12 16:34:13.502 Lync[91:6cc0000] INFO TRANSPORT CHttpRequestProcessor.cpp/266:Sending event to main thread for request(0x6ac76c8) 2013-09-12 16:34:13.503 Lync[91:3bb12b88] INFO TRANSPORT CWebTicketSession.cpp/587:Received webticket resposne with status E_InternalServerError (E2-3-13) 2013-09-12 16:34:13.503 Lync[91:3bb12b88] INFO TRANSPORT CWebTicketSession.cpp/1433:Raising WebTicketEvent for https://lyncweb.qvh.nhs.uk/ucwa/v1/applications and https://lyncsrv1.xqvh.nhs.uk/webticket/webticketservice.svc with status E_InternalServerError (E2-3-13) 2013-09-12 16:34:13.504 Lync[91:3bb12b88] INFO TRANSPORT CAuthenticationResolver.cpp/323:Token retrieval for url https://lyncweb.qvh.nhs.uk/ucwa/v1/applications completed with status E_InternalServerError (E2-3-13) 2013-09-12 16:34:13.504 Lync[91:3bb12b88] ERROR TRANSPORT CAuthenticationResolver.cpp/399:Failing the original request as we weren't able to get thewebticket 2013-09-12 16:34:13.504 Lync[91:3bb12b88] INFO TRANSPORT CRequestManager.cpp/275:Failing secure request with status E_InternalServerError (E2-3-13) 2013-09-12 16:34:13.504 Lync[91:3bb12b88] INFO APPLICATION CAlertReporter.cpp/64:Alert received! Category 2, Type 300, level 2, error E_InternalServerError (E2-3-13), context '', hasAction=false 2013-09-12 16:34:13.504 Lync[91:3bb12b88] INFO APPLICATION CAlertReporter.cpp/117:Alert cleared of Category 2, Type 300, cleared 0 alerts 2013-09-12 16:34:13.505 Lync[91:3bb12b88] INFO APPLICATION CTransportRequestRetrialQueue.cpp/692:Response received for req. POST-Application(0x6ae23f8): E_InternalServerError (E2-3-13) (RemoteNetworkTemporaryError); (Re-)Queuing req.; Schedule retrial in 113sec. 2013-09-12 16:34:13.505 Lync[91:3bb12b88] INFO UI CMAlertViewController.mm/93:ObservableListItem Added event received
Persevere, Persevere, Per..
↧
FQDN for internal Edge when deploying LHPv2.
Hi.
We are having problems understanding part of the deploymentguide fore the hosting pack.
7.5 Deploy Edge Servers The guidance in this section and in the “Provisioning Tenant Organizations and Tenants” section later in this document describes how to implement these configurations. Follow the standard guidance in “Deploying External User Access” in the TechNet Library at http://technet.microsoft.com/en-us/library/gg398918(v=ocs.15).aspx unless otherwise directed as follows: • When you follow the steps in “Configure DNS for Edge Support” in the TechNet Library at http://technet.microsoft.com/en-us/library/gg398756(v=ocs.15).aspx , you must configure the DNS records for the initial test SIP domain. Configure the SRV record to point to the Edge Server pool. • When you perform the steps in “Configure the DNS Suffix for Edge Servers” in the TechNet Library at http://technet.microsoft.com/en-us/library/gg398756(v=ocs.15).aspx, set the DNS suffix to the value to the name of the external domain used by the Lync Server deployment.
The line " Set the DNS suffix to the name of the external domain used by the Lync Server Deployment"
To make an exampel i will use mydomain.local as internal and mydomain.com as external. So as I understand. I must define the Edgepool INTERNAL FQDN, to be named Edgepool.mydomain.local. But every host in the pool should set to an FQDN like Edgehost01.mydomain.com. ? is this correct. And can anyone tell us why.
↧
Where are my databases placed?
I have Lync server 2013 Enterprise deployed next to Lync Server 2010 in a new VLAN. The first time I deployed this, I used an SQL server sql01 for the Lync 2013 databases. Later I decided to use another SQL server, lets say sql02.
All databases are succesfully installed on sql02, sql01 is completely removed from the topology and Lync Server 2013 is functioning fine. When I try cmdlet 'Test-CsDatabase -SqlServerFqdn sql01.domain.local -ConfiguredDatabases' I get
'Test-CsDatabase : Command execution failed: "sql01.domain.local" is not a known computer in the topology.' Which is what it should be.
However I still see connections on network level from my 2013 frontends to the sql01 and as soon as i take the Lync 2013 databases offline on the sql01, for example cpsdyn, I get lots of errors in my 2013 frontend eventlogging and Lync Server 2013 stops functioning.
What is happening and how can I completely decommission this old sql01?
↧
↧
Rename Branch Office Site
Hello, I was wondering if anyone could possibly please let me know the impact of renaming a branch site via the topology builder. I have a requirement to rename a branch site as the customers location has changed, however I have been unable to source any information detailing any potential impacts this may have. Any feedback would be appreciated.
Regards.
http://www.b4z.co.uk
↧
Certificates on Front End Server
Here is my dilemma. my FE server name ends with Domain.local, I have no problem creating a cert using my internal CA but when I create a csr for my public cert and submit it to GoDaddy it doesn't like the .local. I understand and read about all the new rules on certs, my question is how do I get around this? I even tried a digicert utility and rekeying the cert but that didnt work either. Please HELP :-) FYI I have two FE servers and plan on using an Edge server all Windows Server 2012 64bit but all the servers names end with .local.
Thanks in advance.
↧
Lync 2013 and Federation
We are deploying Lync 2013 with Front End server and Edge Server. We have partner organizations which have Lync 2010/2013 as well as Office 365 Lync.
We want to integrate our Lync system with our partner Lync servers as well as partner Lync systems which are deployed using Office 365.
Can you Kindly guide me what needs to be done to achieve this?
↧
is media and signaling encrypted between Lync and Skype clients?
Like with existing Lync federation - is media and signaling encrypted between Lync and Skype clients? or is unencrypted as with PIC?
↧
↧
Lync Front End Server is not getting discovered in our SCOM environment
Hi,
I have a installed the SCOM agent on a Lync FE server. Though the server appears in the Agent managed view it does not appear under MS Lync Server 2010 Health folder. I have checked and confirm that the Agent proxying is enabled for this server still the issue persists.
When i checked in the Discovery State View under Topology Discovery folder i could see this server in critical state and has the following event...
|
|
↧
Lync 2013 HA (pool pairing) and Lync Client 2010
HA-Scenario
2 Lync 2013 SE Frontend Pools
50 Lync 2013 Clients
500 Lync 2010 Clients
In Lync 2013 we have the pool pairing feature for HA. Do we need the Lync Cient 2013 do use this feature or does it also work with Lync Client 2010 and what is the user experience for the Lync 2010 Clients.
Best Regards
Bueschu
Bueschu
↧
LYNC 2013: How to add more frontend servers in Upgrade Domain
HI,
We have 8 frontend sevrers in pool and we have only one pool. The upgrade doamin is having subsets of 3 frontend servers in pool.
Is there anyway to add all 8 frontend servers in upgrade domain as a subsets of frontend servers by using below attributes:
PrimaryPoolBackupUserServices
PrimaryPoolBackupRegistrars
PrimaryPoolMachinesInPreferredOrder
Thanks
jitender
↧