cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

Who Me Too'd this topic

Lync 2013 | Skype 2015 > How to setup Security (app-id / ports) for transparent AV/Sip/Web Services

L0 Member

Palo’s

I have searched, read these forums and have gone through many manuals, suggestions from the Internet regarding Palo (2020 Series) configuration to secure Lync 2013 / Skype Business 2015: but still experiencing some issues with how to setup our Firewall for Federation access.

From a company perspective, our Lync is working great, our external road warriors can use Lync via VPN or Publically with all functions.

The issues come up where we have Federated (open or controlled either way) with external users / other companies. Seems there is a configuration issue somewhere on our Palo where:

A Federated User:

  1. Can see us (presence status) online
  2. Can send us an IM
  3. Can send us a file
  4. Can send us a meeting
  5. Can send us a whiteboard
  6. CANNOT Lync Call Us
  7. CANNOT Desktop Share to Us..

So, our Lync is setup as close to Microsoft guides as possible, using 3x public IP’s per service. It’s the 3rd IP (av.domain.com) service that needs ports (tcp/udp/rtp) 50,000-59,999, 3478, 5061 and 443/80.

We even gone as far as using an “any” rule to test if its our Edge Server, but its not Edge… something we missed… Has anyone successfully deployed Lync 2013 / Skype Business 2015 using App-ID level? Can you share your settings just for Lync/Skype.

 

Greatly appreciated

Who Me Too'd this topic