Working with one of the vendor who is not federated with us and doing application sharing and come-up with an strange issue which is telling many story.
First-of-All, I would like to beat Microsoft for the wrong documentation they have furnished for ports requirement into Edge Server for Media traffic.
The client will ALWAYS try to connect over the 50k (50000-59999) port range. If it fails to do this, than it will fail back to the 443/3478 ports. This is not mentioned by Microsoft at all in TechNet Documentation below.
Note: Desktop/App sharing & file transfer always use TCP port (same AV ports) not UDP.
Port summary – Scaled consolidated edge, DNS load balancing with public IP addresses in Lync Server 2013
So, Let jump into the problem been faced and how it was working with a workaround (Guess ??).
Corp User is doing application sharing with remote user (Non federated but use lync) from corporate network and its failed with as usual error “We Could not connect the presentation due to network issue”
I did not do many traces as I am more relying lync CDR database which tells you exact issue and help to start with a basic troubleshooting. I looked into user CDR logs and see that “ICEWarn=”0x120“;”
Has generated is BYE message from client logs which itself is sufficient to explain that remote firewall is not allowing outbound TCP connections in 50000-59999 port range and hence application sharing was failing.
This is the GOTCHA which is not clearly explained by MS documentations.
Now we understand that high port range is not allowed by remote network firewall and causing this issue, So I thought to force remote user to open this conf in WEB/443 and test it.
I edited the meeting conference by adding “?sl=1” in conference URL and tried testing.
Yes, Its worked now J.
I have asked remote customer to work with his network team and make sure that 50k outbound ports is opened to work.