Application sharing failed with external Partner (Non-Federated)

Working with one of the vendor who is not federated with us and doing application  sharing and come-up with an strange issue which is telling many story.

First-of-All, I would like to beat Microsoft for the wrong documentation they have furnished for ports requirement into Edge Server for Media traffic.

The client will ALWAYS try to connect over the 50k (50000-59999) port range. If it fails to do this, than it will fail back to the 443/3478 ports. This is not mentioned by Microsoft at all in TechNet Documentation below.

Note: Desktop/App sharing & file transfer always use TCP port (same AV ports) not UDP.

Port summary – Scaled consolidated edge, DNS load balancing with public IP addresses in Lync Server 2013

https://technet.microsoft.com/en-us/library/jj205394(v=ocs.15).aspx

Reference:

https://social.technet.microsoft.com/Forums/en-US/faf15263-8950-44e5-af6e-6eaf8b23f0b5/lync-2013-client-still-tries-to-connect-to-lync-edge-on-ports-5000059999?forum=lyncconferencing

So, Let jump into the problem been faced and how it was working with a workaround (Guess ??).

Problem:

Corp User is doing application sharing with remote user (Non federated but use lync) from corporate network and its failed with as usual error “We Could not connect the presentation due to network issue

UserError

Troubleshooting:

I did not do many traces as I am more relying lync CDR database which tells you exact issue and help to start with a basic troubleshooting. I looked into user CDR logs and see that “ICEWarn=”0x120“;”

ICEWarning

Has generated is BYE message from client logs which itself is sufficient to explain that remote firewall is not allowing outbound TCP connections in 50000-59999 port range and hence application sharing was failing.

log2

This is the GOTCHA which is not clearly explained by MS documentations.

Solution:

Now we understand that high port range is not allowed by remote network firewall and causing this issue, So I thought to force remote user to open this conf in WEB/443 and test it.

I edited the meeting conference by adding “?sl=1” in conference URL and tried testing.

https://meetXX.domain.com/anilsingh/ABC78WR3?sl=1

Yes, Its worked now J.

I have asked remote customer to work with his network team and make sure that 50k outbound ports is opened to work.

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

Blog at WordPress.com.

Up ↑

Eine Tolle Reise

Here, you all will come to know about me, about my life and of course some common issues these days!!

Office 365 for IT Pros

The only always up-to-date eBook about the Microsoft 365 cloud Office system, covering Exchange Online, SharePoint Online, OneDrive for Business, Microsoft Teams, Planner, Azure Active Directory, and more

Chirag Patel MVP MCT

Microsoft 365 Specialist

All about Microsoft 365 & Teams

lEt's eNaBle MoDeRn WoRkPlAcE !

Arup Running

WordPress.com News

The latest news on WordPress.com and the WordPress community.

%d bloggers like this: