Solved

Lync 2013 Deployment DNS, Mobile Clients and Conferencing Issues

Posted on 2014-02-05
8
600 Views
Last Modified: 2014-05-05
The deployment is:

1 F.E. Server 2008r2 Lync 2013 fully patched single nic internal network
1 Reverse proxy- 2008r2 with TMG 2010 fully patched two nics, one internal one on DMZ
1 Edge server 2008r2 fully patched 4 nics one internal, one for access, one for av and one for webconf
1 Webapp server 2008r2 fully patched single nic on internal network no external dns entries
2 mediation servers 2012 fully patch single internal nic (used for enterprise voice) they share a VIP for the mediation pool services
1 2012 server that has 2012 SQL Enterprise installed as I will be moving the central management store off the F.E. so I can deploy a front end enterprise pool for LB across multiple sites

I can test all urls from reverse proxy and the rules pass.

I think my issues with mobile phones not connecting, as this does not have anything to do with edge, is with the DNS records. Id like someone to verify the internal DNS entries that are needed maybe I have one pointing to the wrong server. Its possible.

Conferencing fails once more than two people are chatting or sharing their desktops. If a third person is invited or joins ID 504 event 239 is display in the chat box.

Eventually I will have four F.E. servers in a Enterprise pool as well as four edge servers. This started as a single server deployment just for internal IM purposes. Then they wanted external (edge) then external without the need for VPN (reverse proxy and edge) now finally Enterprise voice so they can have dial in conferencing. so its roll has expanded four times in less than a year.

Any help is greatly appreciated.
0
Comment
Question by:MXadmin
  • 5
  • 3
8 Comments
 
LVL 12

Expert Comment

by:Jeff_Schertz
Comment Utility
It's hard to say without knowing your numbers but on the surface this looks a little over-scaled.  For example, 4 physical NICs in each Edge server is most likely overkill; 2 NICs would be the best approach.

The mobile clients do not use Edge for connections, only media relay you should look more closely at the reverse proxy configuration.
0
 

Author Comment

by:MXadmin
Comment Utility
these are VMS. Its four IPS not Nics, my apologies, its two nices with the external nic on the DMZ having three seperate ips for services. What on the RP should be looked at? All the rules pass, I am forwarding the header and the authentication is set to client can auth direct.
0
 
LVL 12

Expert Comment

by:Jeff_Schertz
Comment Utility
OK, that makes more sense.

Do the mobile clients sign-in but media fails, or do they not even sign-in in at all?  Could be Lyncdiscover related in the latter.
0
 

Author Comment

by:MXadmin
Comment Utility
They actually cant sign in. They were working just fine when I had a FE with an Edge, I just put in a ton of direct routes and host file enteries and everything worked fine. Once they said put in the reverse proxy and the host files went away on the edge is when things started to break. The internal DNS records right now I have the lyncdiscover and lyncdiscoverinternal pointing to the external IP of the reverse proxy. One thing noticed is the RP with TMG is using the SSL cert on its listner, this should ideally be the domain cert from the FE server so im going to export out that cert install and reboot the RP and test. Im concerned about the internal DNS records not being correct as this was not part of my implementation and wanted to double check prior to changing the enteries.
0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 12

Expert Comment

by:Jeff_Schertz
Comment Utility
I shouldn't have both lyncdiscover and Lyncdiscoverinternal deployed in the internal DNS.  Also the fact that it worked prior to publishing tells me that the deployment was incorrect as Lync 2013 mobile clients are ONLY supported as external clients.

I recommend reading through these two articles as they address all your questions:
http://blog.schertz.name/2013/07/understanding-lync-2013-mobility
http://blog.schertz.name/2013/11/lync-mobility-media-paths
0
 

Author Comment

by:MXadmin
Comment Utility
Ive read those blogs a few times. I have mobility working just fine. The issue was certificates which an ssl on all boxes resolved. My issue now is still confercing failing. Users get 504 event id 239 when doing a multi person chat.
0
 

Accepted Solution

by:
MXadmin earned 0 total points
Comment Utility
I was able to resolve the issues by changing the configuration of the reverse proxy and adjusting the firewall rules that I was not aware was in place....thanks to the network "Gurus" :)
0
 

Author Closing Comment

by:MXadmin
Comment Utility
The network admins had NAT rules affecting the proxy services. Since the server should have been place outward facing, ie in the dmz, which I was given an associated IP block to use for that purpose. Once the VLAN was adjusted to place the proxy outside the internal network the translation rules on the reverse proxy were properly resolving and pointing to the front end pool and not the BE servers.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

I don't know if many of you have made the great mistake of using the Cisco Thin Client model with the management software VXC. If you have then you are probably more then familiar with the incredibly clunky interface, the numerous work arounds, and …
Resolve DNS query failed errors for Exchange
This tutorial will give a an overview on how to deploy remote agents in Backup Exec 2012 to new servers. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as connecting to a remote Back…
This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now