Skype for Business - external connection issues

  • So we had Lync setup and working (except external connectivity) internally as a proof of concept. It didn't get approved so it just sat. Then we got the go ahead to setup Skype for Business. The topology is all setup, upgraded from Lync, firewall rules stayed in place. Good to go pretty much. Internal works fine. We've done every support step we can find, short of calling in Microsoft just yet. There is something important I must be missing. Any ideas what we're missing to establish external connectivity? Topology is broken out to 3 servers... Skype, Skype-Edge, and Skype-Reverse-Proxy (the topology that Microsoft lists as officially supported). Also, we have Skype for Business on-premise (not hosted).

  • Service Provider

    Internal, not hosted?

  • @scottalanmiller Correct. Every article I find references Office 365... but we don't have a hosted Skype for Business.

  • I've also gone through the Skype for Business Server 2015 Control Panel console, and ensured Federation and External Access has the proper allowances.

  • I'm asking a question out of shear ignorance as I've never used Lync or Skype for Business, where are the SIP lines coming from for a locally hosted SfB?

    How is SfB local different from a FreePBX setup - in otherwords, don't you have to provide your SIP trunks?

  • @Dashrender I am pretty new to this area... The trunking is configured in the control panel of Skype. There is a trunking section. Configured locally on the SfB server. I hope that is what you were looking for...

  • 0_1451949341188_SfB.PNG

  • @BBigford said:

    @Dashrender I am pretty new to this area... The trunking is configured in the control panel of Skype. There is a trunking section. Configured locally on the SfB server. I hope that is what you were looking for...

    OK so you get the trunks from Microsoft through a Skype control panel - is that through an O365 subscription?

  • @Dashrender O365 wouldn't play any role in this as Skype isn't hosted. If Skype was hosted for us, there would be a Skype module in our O365 Admin Console. In that module, there is an external connection section. But since ours is on-premise, O365 has zero play in this one. It is merely an email filtering tool in our environment.

  • @Dashrender It would be rolled into the price we would pay for Skype for Business, much like we would have paid the rolled up cost for Lync. They charge based on the user count, all in one lump cost.

  • Oh, didn't know that SfB (or Lync) was sold as a full end to end phone solution (PBX onsite or hosted plus connectivity to the outside world (SIP trunks)).

  • @Dashrender I could be dead wrong or giving false information somewhere. Our phone solution is a Polycom system by InCom, but obviously there have to be trunks somewhere for SfB. Maybe I don't have the breadth of knowledge in SfB yet to answer your question accurately...

  • Nor do I to ask the right type of questions.

  • @Dashrender In theory, IM shouldn't have the same kind of connection as calling, so if I could even get a connection setup to IM, I could troubleshoot the calling issues afterward. SfB would process IM communication, but drop calls if improperly configured. I just don't know where to even start troubleshooting for the external connection cause everything looks good but obviously it isn't.

  • So the SfB client can't IM outside of your network?

  • @Dashrender Correct. Down the road, it would be nice to use our phones and not have to VPN into the network to chat. Also being able to use SfB in place of WebEx/etc for video conferencing.

  • Here's a screenshot of the test breakdown if that helps at all...

  • It indicates that the From account on the test isn't an admin one, which it is... But still, I can't get any user to connect outside of running the test.

  • Additional Details

    Couldn't sign in. Error: Error Message: Not authorized to perform the requested operation, request is refused.
    Error Type: AuthenticationException.
    Error Code: 0.
    Realm: .
    Response Code: 403.
    Response Text: Forbidden.
    Diagnostic Header: ErrorCode=4004,Source=server.domain,Reason=Credentials provided are not authorized to act as specified from URI,authenticatedidentity=DOMAINusername
    Elapsed Time: 386 ms.

  • I ran that with my domain admin account. If i use an account that is [email protected], I get the following (that account was used for a long time, and has the highest network credentials by far):

    Additional Details

    Exception details:
    Message: Invalid Uri: parsing problem (no viable alternative): <
    Parameter name: value
    Type: System.ArgumentException
    Stack trace:

    Server stack trace:
    at Microsoft.Rtc.Signaling.SipUriParser..ctor(String value)
    at Microsoft.Rtc.Signaling.RealTimeAddress..ctor(String uri)
    at Microsoft.Exchange.Tools.ExRca.Lync.TestOcsCore.DoMRASServiceRequest()
    at Microsoft.Exchange.Tools.ExRca.Lync.TestOcsCore.Initialize()
    at Microsoft.Exchange.Tools.ExRca.Lync.OcsSignInTest.PerformTestReally()
    at Microsoft.Exchange.Tools.ExRca.Tests.Test.PerformTest()
    at Microsoft.Exchange.Tools.ExRca.Tests.Test.PerformChildren()
    at Microsoft.Exchange.Tools.ExRca.Tests.Test.PerformTest()
    at Microsoft.Exchange.Tools.ExRca.Tests.TopLevelTest.PerformTest()
    at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Object[]& outArgs)
    at System.Runtime.Remoting.Messaging.StackBuilderSink.AsyncProcessMessage(IMessage msg, IMessageSink replySink)

    Exception rethrown at [0]:
    at System.Runtime.Remoting.Proxies.RealProxy.EndInvokeHelper(Message reqMsg, Boolean bProxyCase)
    at System.Runtime.Remoting.Proxies.RemotingProxy.Invoke(Object NotUsed, MessageData& msgData)
    at Microsoft.Exchange.Tools.ExRca.Website.PerformTestAsyncDelegate.EndInvoke(IAsyncResult result)
    at Microsoft.Exchange.Tools.ExRca.Website.TestExecutionManager.<>c__DisplayClass8.<TestCompleted>b__6()
    at Microsoft.Exchange.Common.IL.ILUtil.DoTryFilterCatch(Action tryDelegate, Func2 filterDelegate, Action1 catchDelegate)
    at Microsoft.Exchange.Tools.ExRca.Website.TestExecutionManager.TestCompleted(IAsyncResult asyncResult)
    Exception details:
    Message: Invalid Uri: parsing problem (no viable alternative): <
    Type: Microsoft.Rtc.Internal.Sip.SipException
    Stack trace:
    at Microsoft.Rtc.Internal.Sip.SipUri.ParseUriString()
    at Microsoft.Rtc.Signaling.SipUriParser..ctor(String value)