Forum Discussion

Jesus_A_Canaste's avatar
Jesus_A_Canaste
Icon for Nimbostratus rankNimbostratus
Aug 24, 2011

monitor SSL not working with Lync Front end server

I am installing a LTM 3600 in a Lync enviroment with Front end servers, but the monitor SSL does not work, any suggestions or recommended diagnostic

5 Replies

  • Ryan_Korock_46's avatar
    Ryan_Korock_46
    Historic F5 Account

    Jesus,

     

     

     

    Which SSL based monitor are you referring to? The SIP or the HTTP one?

     

     

    If you are using the SIP over SSL (TLS) monitor, you will need to supply the monitor with the Cert/Key from your Lync FEs.

     

     

    Reply if you need more details on how to do that, and I'll work on a write up.

     

  • jameshendergart's avatar
    jameshendergart
    Historic F5 Account
    Hi Jesus - glad to meet you and thanks for posting.

     

     

    In Lync 2010 Microsoft made some changes which modify the monitoring of Lync servers a bit. SIP versus TLS (encrypted SIP) port is used.

     

     

    I hope that directing you toward SIP helps a bit. Meanwhile perhaps someone a bit more technical from the community can chime in with specific port and LTM monitor hints.

     

     

    Regards,

     

    James Hendergart

     

    F5 Business Development Manager

     

     

  • thanks

     

     

    Basically we need monitoring port 4443, and 443 in this moment the F5 equipment have installed certificates and keys to the FE server, how I can validate if there is a problem with certificates?
  • mikeshimkus_111's avatar
    mikeshimkus_111
    Historic F5 Account
    hi Jesus, can you confirm that you have installed the certificates from the Lync Deployment Wizard, started the services, and checked that the servers are listening on ports 443 and 4443 using "netstat -a"? You then configured the TLS monitors to use that certificate/key, and it is still failing?

     

    thanks

     

    Mike
  • thanks

     

     

    to solve this problem use the Following link http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10209.html , I found is that the monitor the string GET / \ r \ n does not work for Lync, to change it GET / HTTP/1.1 work well