Hi,

Thanks for the answer and clarification regarding support of this solution. I've not found such a statement anywhere in docs.

With the B2BUA application i get to "Unknown failure" status.

Looking at the VCS and Lync logs i see that VCS sends OPTIONS SIP packet to Lync and Lync replies with 404 with reason "From and To domain combination invalid" (by memory)

I am setting it up with TLS, but with TCP it's the same issue.

I suspect invalid configurion in the Lync, but i have no administrative access to it. I have only sent the deployment guide to the Lync Administrator and he says that everything is configured.

He used thess examples:

New-CsTrustedApplicationPool -Identity vcs.ciscodomain.com -ComputerFqdn vcs.ciscodomain.com -Registrar feppool.msdomain.com -site 1 -RequiresReplication $false -ThrottleAsServer $true -TreatAsAuthenticated $true

New-CsTrustedApplication -ApplicationId VCSApplication1 -TrustedApplicationPoolFqdn vcs.ciscodomain.com -Port 65072

Enable-CsTopology

vcs.ciscodomain.com is resolveable to our VCS's public IP. this is in the VCS server certificate as well.

Is there anything special that should be configured on the Lync side?

I have installed the Lync's CA certificate in VCS so there should be no certificate issues.

In this configuration the B2BUA signaling dest address should be the Lync Edge Server public hostname, right?

Hi,

you can't really apply the configuration steps intended for a regular VCS-C/B2BUA deployment for this "experimental" deployment, and as Alok states, what you are attempting to do is neither supported nor tested.

That being said, on a general note, for any communication between a Lync Edge server and a foreign device (Such as the Lync Edge server of a remote company), the way to make the Edge server even attempt to communicate back properly to the foregin device is by means of federation, that goes for all Lync traffic via a Lync Edge. The "From and To domain combination invalid" message you are seeing indicates that federation has not been properly set up between the Lync domain in question and the SIP domain used by the foregin device, in this case the VCS Expressway.

There is in any case no point in adding trusted applications or application pools for a deployment where you will be communicating with the Lync environment through its Edge server, federation would be the way to go then, but as I mentioned initially, this type of deployment is not something that has been tested for the VCS and is therefore not supported.

Happy testing

- Andreas

Thanks Andres. Your post really helped me understand the picture.

One more question:

Quote from page 16 of Cisco_VCS_Microsoft_OCS_2007_R2_and_Lync_2010_Deployment_Guide_X7-1:

OCS/Lync deployments may also contain Edge servers to allow MOC/Lync clients to register from outside the local network through the Edge server to OCS/Lync. Communicating with MOC/Lync devices outside the edge server requires both the Edge Server and the VCS Expressway connecting to the public Internet. (Calls involving a Microsoft Edge server require the VCS to have the Enhanced OCS Collaboration option key installed, as this key allows for ICE to be used for media connectivity, which is required in this scenario.)

Am i 100% required to have the Enhanced OCS Collaboration option key installed to be able to realize that?

I can't really answer that question, since what you are attempting to deploy is entirely outside the scope of our OCS/Lync deployment guides.

In general, the Enhanced OCS Collaboration option key enables two features on the OCS/Lync B2BUA:

1) It enables the B2BUA to use encrypted RTP media (SRTP) between itself and OCS/Lync

2) It enables the B2BUA to use TURN services with a TURN server, which is required for connectivity with OCS/Lync clients connected via an Edge server, when integrating OCS/Lync with a VCS Control

I guess that for your theoretical deployment, point 1) would apply while point 2) would not really be applicable since no VCS-C would be in the mix.

Again, this is just theoretical and I wouldn't recommend having any expectations of getting this solution to work.

- Andreas

I just came across this vedio and thought to share..!!

again its talking about creating lync fedretion between company A and B edge server as pointed by Andeas!!

http://www.youtube.com/watch?v=5IMkFxMwnwg

Cheers,

Alok

Hi!

Yea, the video shows the pretty standard deployment, so this should possibly work for most federated deployments

when they have their own internal (gw)-vcs with b2bua.

In general the standard deployment is that the customer with the lync install wants to use a vcs

in his network to enable standard based endpoint communication. lync2lync in between organizations

would always go via edge&federation.

From how I understood the case here, its the remote organization which wants to talk directly VCS2edge.

By today I would say, thats the right idea, but at least not scalable. Without b2bua anyhow the good old

freezing problem would occur and with the remote domain would need to be added and the b2bua only

supports one domain. Besides other problems which might lock it up.

So this looks more like a feature request to me, but I am in as well on it: +1