Forum Discussion

pspecht_152507's avatar
pspecht_152507
Icon for Nimbostratus rankNimbostratus
May 20, 2015

I will post my question here because it is specifically about Lync.

 

Rusty, did you add static hosts for all your Lync addresses?

 

I am using this document for Lync access. https://technet.microsoft.com/en-us/library/gg398758.aspx

 

I am testing only with the internal records in the list, but I believe the Lync client caches the SVR record _sipinternaltls._tcp.domain address and keeps using it.

 

I do not want to block the internal IPs of the Lync servers, as I need RDP access to them over VPN, and dont want to RDP to another server to then RDP to the Lync servers.

 

  • pspecht_152507's avatar
    pspecht_152507
    Icon for Nimbostratus rankNimbostratus
    May 27, 2015
    I have this corrected "I believe" The Lync Client Configuration Information shows the inside user status as false now. we have split-brain DNS I have added the following static hosts to the Network Access List in the access policy lyncdiscoverinternal. - set to 1.1.1.1 so it times out _sipinternaltls._tcp. - set to 1.1.1.1 so it times out sip. - set to external IP I also have other external DNS records in there. not sure if they are needed or not. I believe the sip. was the key as that is resolved from the SVR records for _sip._tls. maybe someone else can chime in to verify the proper records to have.
  • Lee_Payne_53457's avatar
    Lee_Payne_53457
    Icon for Cirrostratus rankCirrostratus
    Nov 16, 2015
    we're looking to do the same thing, I've followed your instructions but it still hits the internal address (we block the external address from connecting at the moment so I can be sure when it works), which other external records did you have in there? I currently only have the three you specified.