Resources For IT Professionals
Post an article
Wikis - Page Details
Options
RSSSubscribe to Article (RSS)
Can You Improve This Article?
Positively! Click Sign In to add the tip, solution, correction or comment that will help other users.

Report inappropriate content using these instructions.
Wiki  >  TechNet Articles  >  Troubleshooting: Limited External Calling in Lync Client

Troubleshooting: Limited External Calling in Lync Client

Troubleshooting: Limited External Calling in Lync Client

Overview


I have the following scenario
All servers are installed with Windows Server 2008 R2 Service Pack 1, Lync Standard Server was configured with sip home.com.br domain and Active Directory domain is named fqdn home.intranet
 
Installing and configuring Edge Pool was conducted in accordance with Article Instalação do Lync Edge Server em DMZ Double Hop (pt-BR) 

Symptom

After publish the Edge Server in the structure Lync customers exhibit the error
 
Calling External Limit
 

The following message is displayed by clicking on the error
 

Some calls to and from people outside of your corporate network may not connect due to server connectivity problems. Try singing out and singing back in. If this problem continues, please contact your support team. 

Cause

This error occurs when traffic MRAS is not permited from the Front End server into the Edge Server internal network card.
Enabling logging on the Lync client can see the error line

 
And the log of the firewall that separates the Front End Server and Edge Server can see the connection fails
 

Solution

To solve this problem create a firewall rule allowing the connection on port 5062/TCP originating from the Front End Server and Edge Server destination.
In this environment I created a protocol in TMG 2010
MRAS Authentication
Port: 5062
Protocol: TCP
Direction: Inbound
 


And created an access rule between server roles
 

With the rule created in the user log out Lync client and login again. The error should disappear
 

And the firewall log should show a successful connection on the configured port
 


 

Other Languages


This article is also available in the following languages:


This article was originally written by:
Fernando Lugão Veltem
blog: http://flugaoveltem.blogspot.com 
twitter: @flugaoveltem  
, , , , , , , , , , [Edit tags]
Leave a Comment
  • Please add 1 and 5 and type the answer here:
  • Post
Wiki - Revision Comment List(Revision Comment)
Sort by: Published Date | Most Recent | Most Useful
Comments
  • 12 Feb 2013 7:42 PM

    Ed Price - MSFT edited Revision 5. Comment: Removing "(en-US)" from the title. Adding tags.

  • 14 Mar 2012 10:05 AM

    Fernando Lugão Veltem edited Revision 1. Comment: added portugues version  

Page 1 of 1 (2 items)
Wikis - Comment List
Sort by: Published Date | Most Recent | Most Useful
Posting comments is temporarily disabled until 10:00am PST on Saturday, December 14th. Thank you for your patience.
Comments
  • Posted by
    on 13 Mar 2012 7:40 AM

    Hi,

    The traffic rule for MRSA should be "outbound" as the traffic flow accros the TMG is from "internal to external" i.e the traffic is going out of the TMG into the DMZ.

    Ben.

  • Posted by
    on 13 Mar 2012 7:06 PM

    Hello Bibbleq,

    I tried the rule with "outbound" configuration but the TMG droped my connections. When I configured the protocol "inbound" everything work fine.

    The networks on TMG are configured with route relations, not NAT. I think that's make a difference.

    Have you tried this scenario?

  • Posted by
    on 14 Mar 2012 10:05 AM

    Fernando Lugão Veltem edited Revision 1. Comment: added portugues version  

  • Posted by
    on 12 Feb 2013 7:42 PM

    Ed Price - MSFT edited Revision 5. Comment: Removing "(en-US)" from the title. Adding tags.

Page 1 of 1 (4 items)