We help IT Professionals succeed at work.

Lync with ASA

Recently my provided automatically decided to turn off the VPN connection to my Lync server.  Now they want me to configure a SIP truck from them to us over the internet.  
I am new to this so not sure i am doing it right.  Using generic ip's can someone give me an example how to do this and publish external ip of the lync server to allow the calls through

My lync server has ApplicationServer, CentralManagement, Conferencing server, MediationServer, Registrar and UserServer all in one and I am using an ASA firewall and the ASDM interface.

Can some please help


If anyone needs more info please let me know.
Comment
Watch Question

Author

Commented:
oh yea...currently when trying to call out I get.

"Call unsuccessful.  Cannot complete the call due to restrictions on you account."
Top Expert 2010
Commented:
So for starters, it sounds like you need to create the sip trunk between to hosts.  

On the ASA, you need a static IP for a 1 to 1 nat, or you can do a port forward.   Either way, you are going to want to open up port 5060 for the SIP registration.  

Now if you have clients on the public net that used a VPN to connect into lync, you can still provide the functionality with a Lync Edge Server running in your DMZ with 5061 forwarded and open to it for public clients.  

BEst wasy to proceed would be to have you paste a sanitized config from the ASA and let me know the IP of the internal Lync.   We would also need to have the remote IP for the far end.  

Author

Commented:
So internal IP for Lync is 10.1.5.2 and the other side(provider) is 206.80.250.104  they are

supposedly trying to currently connect to my external IP of my Lync Server 207.164.155.129.

I will get the cleansed config and paste it but this is for starters

Author

Commented:
It's ok I figure it out my access rules were wrong
Distinguished Expert 2018

Commented:
As fair warning, a colocated mediation server on the front-end server is *not* a supported configuration with SIP trunk configurations. You will either need to prop up a separate mediation server or a SBC gateway, depending on the SIP trunk features and supported codecs.

-Cliff

Author

Commented:
Part of the solution was my rules.