Issues Joining external Meeting with Lync 2013

Jeff Glover
Jeff Glover used Ask the Experts™
on
We have a Lync 2013 internal setup with 2 FE servers, DNS load balanced, an edge pool with one Edge server, and a Reverse Proxy (TMG2010). Internally we can have meetings with no issue. Users join the meeting with audio and video. However, if internal users try to join a meeting from another company, they get kicked out as soon as they try to use Audio or Video. They can IM only. If I connect from home on my work laptop, using Lync Full client, I am able to connect and use Audio and Video. We have open federation enabled through the edge and I have the AV Edge set as NATTed. We have verified the DNS records and have even gone as far as opening the internal and external firewalls wide open (just to test) and it has no effect. This affects all internal clients regardless of location (we have multiple sites, all use same Lync FE pool.) Has anyone seen behavior like this?
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
Steven SheeleyConsulting SW Engineer - Lync/Skype4Business

Commented:
So this is when internal users attempt to connect to a Lync meeting from a different company? All users, no matter physical location, can do meetings internally?
Jeff GloverSr. Systems Administrator

Author

Commented:
Yes. All users internally can meet. We have tested Video, Audio, Sharing,(desktop, app, whiteboard, etc...) Even internal users who are not VPN'd in at the time (connecting through Edge)
Steven SheeleyConsulting SW Engineer - Lync/Skype4Business

Commented:
Internal User gets meeting request from external company
Internal User connects to external company using the link provided in the meeting request
Internal User is able to join meeting and can IM, however, the instant that they attempt to connect with Video or Audio, the meeting terminates.

Quesiton. Before they attempt audio or video, are they receiving audio or video from the external meeting?
CompTIA Network+

Prepare for the CompTIA Network+ exam by learning how to troubleshoot, configure, and manage both wired and wireless networks.

Jeff GloverSr. Systems Administrator

Author

Commented:
No
Steven SheeleyConsulting SW Engineer - Lync/Skype4Business

Commented:
First suggestion is to run client logging on the client side and have them connect to an external meeting, then enable video or audio and capture the failure.  When you restart the client, disable logging and then grab that log and view it using Snooper.  Look and see what Lync is saying when or just before it crashes.
Jeff GloverSr. Systems Administrator

Author

Commented:
Well, tried Client logging and still am a little lost. Tried to pick out the meeting from all the background messages and it looks like this. Client tried to Subscribe With adhoclist and category list Required and got a Forbidden, Cannot route this type SIP message to Federated Partners.. Tried again without the required items and got a Not found, Previous Hop federated peer did not report diagnostic information. Sent an INvite, got a Not found (same message) then gets an Ack and it seems to move over to Anonymous. (sip:247d8899-f72c-4161-97a7-515f4d69caf5@anonymous.invalid becomes the From address) First invite gets a 401 unauthorized. Then it seems to start talking. Ack, Inbvite, Trying, Session progress, etc. I don't see where the Audio kills it.
Consulting SW Engineer - Lync/Skype4Business
Commented:
You may need to get Microsoft to look at the logs
Jeff GloverSr. Systems Administrator

Author

Commented:
Had to contact Microsoft. After spending half a day looking over things, We found that one of our SRV records (Sipfederationtls) was misconfigured. Also the tech had us open TCP 3478 and TCP 50000-59999 inbound to the AV edge, Not sure which part actually fixed it but now it is working.
Dare PojuSkype for business Solutions Architect

Commented:
Opening the ports is what fixed your issue and not the sipfederationtls. Here is the breakdown. Federation will always use the 5061/443 which you have confirmed it worked by been able to connect via the edge and IMs. The AV Edge uses UDP 3478 ( inbound and outbound) for audio and video -media. TCP 50000-59,999 ( for those companies using previous UCS 2007 platform). Read Lync 2013 poster very well and you will understand what I meant.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial