Who Me Too'd this topic

Palo’s

I have searched, read these forums and have gone through many manuals, suggestions from the Internet regarding Palo (2020 Series) configuration to secure Lync 2013 / Skype Business 2015: but still experiencing some issues with how to setup our Firewall for Federation access.

From a company perspective, our Lync is working great, our external road warriors can use Lync via VPN or Publically with all functions.

The issues come up where we have Federated (open or controlled either way) with external users / other companies. Seems there is a configuration issue somewhere on our Palo where:

A Federated User:

1. Can see us (presence status) online
2. Can send us an IM
3. Can send us a file
4. Can send us a meeting
5. Can send us a whiteboard
6. CANNOT Lync Call Us
7. CANNOT Desktop Share to Us..

So, our Lync is setup as close to Microsoft guides as possible, using 3x public IP’s per service. It’s the 3^rd IP (av.domain.com) service that needs ports (tcp/udp/rtp) 50,000-59,999, 3478, 5061 and 443/80.

We even gone as far as using an “any” rule to test if its our Edge Server, but its not Edge… something we missed… Has anyone successfully deployed Lync 2013 / Skype Business 2015 using App-ID level? Can you share your settings just for Lync/Skype.

Greatly appreciated