Lync federation error message

Standis
Standis used Ask the Experts™
on
Hi

We are getting the following event  (Lync server application log) every 10 minutes on our Lync 2010 edge server:

Event 14603, LS Protocol Stack

"The following discovered partners are sending frequent invalid SIP requests to the Access Edge Server.

Traffic from these partners is restricted to 1 message per second as a security measure.
Certificate Subject: "External company name here"; Issuer: "NL, TERENA, TERENA SSL CA"; Serial Number: Serial number here

Cause: Federated partners that were discovered through DNS SRV are sending frequent SIP requests that cause an error response from the local Lync Server deployment.
Resolution:
It is recommended that connections from these partners be blocked at the firewall."


The other company also have similar events from our system.
We are allowing federation to all partners, and federation works both with this company and others, including MSN

Anyone having similar issues?
Resolutions?

BR
Standal
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Those are just warning messages from auto federation. You can allow or block the company's listed in those warnings in Lync control panel under External User Access -> Federated Domains. More info on the federation behavior can be found at http://technet.microsoft.com/en-us/library/gg195674.aspx
By my experience this "Error" should be classified under "Warning" or even better under "Information" part of event log.
This is not official statement, it is just my opinion: You can safely ignore this message.
Workaround this with putting the domain in question under allowed domain, but in this case you will expose some additional info, like how much time your user is, for example, offline, away etc, to federated partners..

Author

Commented:
Thanx HerbertKnavs.
We get this error, similar to the preceeding:
Event description:

The following discovered partners are sending frequent invalid SIP requests to the Access Edge Server.

Traffic from these partners is restricted to 1 message per second as a security measure.
Certificate Subject: "sipfed.microsoft.com"; Issuer: "com, microsoft, corp, redmond, Microsoft Secure Server Authority"; Serial Number: 37A8DC8E000800021046
Certificate Subject: "US, California, Cupertino, Symantec Corporation, IT Security - 2, ocsedge.symantec.com"; Issuer: "US, "VeriSign, Inc.", VeriSign Trust Network, Terms of use at https://www.verisign.com/rpa (c)10, VeriSign Class 3 International Server CA - G3"; Serial Number: 7D94D674F7F9DA628434741591331F17
Certificate Subject: "US, Georgia, Alpharetta, McKesson Corp, CIT, sip.mckesson.com"; Issuer: "US, "VeriSign, Inc.", VeriSign Trust Network, Terms of use at https://www.verisign.com/rpa (c)10, VeriSign Class 3 Secure Server CA - G3"; Serial Number: 3DD7A056ECAF4394C98D1BF7892A4CD2
Certificate Subject: "US, Washington, Spokane, "Cerium Networks, Inc.", access.ceriumnetworks.com"; Issuer: "US, DigiCert Inc, www.digicert.com, DigiCert High Assurance CA-3"; Serial Number: 03D15E91C24C36C0A8BB82F0205C2C0A

Cause: Federated partners that were discovered through DNS SRV are sending frequent SIP requests that cause an error response from the local Lync Server deployment.
Resolution:
It is recommended that connections from these partners be blocked at the firewall.

So, in Lync Control Panel, which settings go where?  e.g., I suppose the Access Edge Service would be each of the bolded entries above.  The domain name would be the subject, but without the sipfed lead &like that, so Microsoft.com is the domain & sipfed.microsoft.com is the access edge?  Or, is there insufficient information in these messages to make that determination?

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial