[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 3610
  • Last Modified:

Lync SIP Packets Contain Internal IP Address Preventing External Routing

Hi,

We have signed up with a Microsoft certified Lync SIP Trunk provider. The issue we are having is the SIP packets sent from Lync contain the internal IP address of the Lync server not the routable WAN IP address and calls fail as a result.


Our setup is a Lync 2010 Standard server with co-located mediation server. We are using a Fortigate 80c Router / Firewall which is doing NAT / PAT for Lync. We have implemented SIP ALG on the Fortigate.

Our setup has worked but is intermittently dropping out the calls, our provider says this is due to the information Lync is sending.

Can you please advise how to change the SIP packet information to send the WAN IP and not the internal.

Packet traces attached (images anyway, couldn't upload the Wireshark capture)

Thank

Liam
200-OK-RTP-Issue.png
Call-To-0280046323.png
Call-To-0280046509-0280077270.png
0
dino_alexandratos
Asked:
dino_alexandratos
  • 2
  • 2
1 Solution
 
Cliff GaliherCommented:
You are looking at some network changes. A colocated mediation server is not supported with SIP trunking. You'll need to set up a separate mediation server with two NICs. One NIC will be internal to your LAN and connect to your front-end server/pool and the other will have an externally routable IP address and will connect to your SIP trunk provider.
0
 
dino_alexandratosAuthor Commented:
Hi,

You are incorrect a collocated mediation server is supported, this is not a resolution to our issue (see below and link). Please look further into the issue, this is very common with Lync surely someone has worked out an acceptable solution.

Collocation

We also recommend that you collocate the Mediation Server on a Front End pool when you have deployed IP-PBXs or connect to an Internet Telephony Server Provider’s Session Border Controller....

http://technet.microsoft.com/en-us/library/gg398537.aspx 

BTW, we did not "Accept as Solution" and this issue has not been resolved.
0
 
Cliff GaliherCommented:
It does seem that Microsoft has gone through and revised most of their documentation and replaced "not supported" (which was the case and is still in the printed version of the Lync documentation I have on my shelf) to "strongly recommended" regarding the standalone topology.  

Still, as noted here:

http://technet.microsoft.com/en-us/library/gg398399

and here:

http://technet.microsoft.com/en-us/library/gg398622

and here:

http://technet.microsoft.com/en-us/library/gg398720

In all cases, MS still "strongly recommends" a standalone mediation server in SIP trunking topologies. And since you are traversing NAT based on the topology you described, you will continue to have issues. The link you provided is only applicable ti IP-PBXs or to ITSP SBCs where they've set up private routes. With NAT, you need to do as mentioned and set up multiple NICs. Alternatively, you can use your own SBC that supports B2B SIP and keep the mediation server collocated. Something like an AudioCodes would do the trick.

The point is that right now you are getting mangled by NAT and geting a collocated mediation server to play nice with two NICs is ugly at best as the mediation server routing engine just falls over when trying to hand off media to the front-end server and it is on the same box. There is a reason it was unsupported and is still not recommended, and highlighted in yellow alert boxes in most of the technet documents referring to SIP trunking, of which several I have linked to. It just doesn't work well otherwise.

-Cliff
0
 
dino_alexandratosAuthor Commented:
Thanks Cliff
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now