Thanks Sharon for the response.
I am able to ping the FE pool from both sides (I can ping to the pool name as well as the individual servers). I also did some tests with telnet and I'm able to connect via TCP ports 5061, 444 135, 5062, 80, 443, and 4443. So from doing that
it appears that connectivity seems to be configured and working properly. I am double-checking TMG with our network guys today.
I did some further investigating over the weekend using the Lync Logging Tool, and I found the following error that seems to be related to my problem:
=====
TL_INFO(TF_PROTOCOL) [0]1794.0A48::07/01/2013-01:58:23.467.0006ed72 (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 1004622838
Instance-Id: 00002405
Direction: incoming
Peer: lync.us.domain.com:5061
Message-Type: response
Start-Line: SIP/2.0 400 Malformed Edge Proxy header
From: "John Doe"<sip:john.doe@domain.com>;tag=0a5032cf14;epid=afa7c1a66c
To: <sip:lync.us.domain.com@domain.com;gruu;opaque=srvr:HomeServer:Px6rUUtzm1GDVP0WuVZ3NgAA>;tag=3082720ED9A76DCD35D7560B6B0FC837
CSeq: 1 SUBSCRIBE
Call-ID: aaf969f269404fdda04477175b0e377f
Via: SIP/2.0/TLS 10.3.28.152:52132;branch=z9hG4bK1EFADB4D.6F28782C0768BDAF;branched=FALSE;ms-received-port=52132;ms-received-cid=60900
Via: SIP/2.0/TLS 10.110.29.61:64585;ms-received-port=64585;ms-received-cid=9700
ms-diagnostics: 1018;reason="Parsing failure";source="US-LYNC2.domain.com"
Server: RTC/4.0
Content-Length: 0
Message-Body:
$$end_record
======
And also this error:
=====
TL_WARN(TF_DIAG) [0]1794.0A48::07/01/2013-01:58:23.467.0006edf7 (SIPStack,SIPAdminLog::TraceDiagRecord:SIPAdminLog.cpp(145))$$begin_record
LogType: diagnostic
Severity: warning
Text: Routing error occurred; check Result-Code field for more information
Result-Code: 0xc3e93f30 SIPPROXY_E_INVALID_EDGE_PROXY_HEADER
SIP-Start-Line: SIP/2.0 400 Malformed Edge Proxy header
SIP-Call-ID: aaf969f269404fdda04477175b0e377f
SIP-CSeq: 1 SUBSCRIBE
Peer: lync.us.domain.com:5061
Data: info="0xc3e93f30 SIPPROXY_E_INVALID_EDGE_PROXY_HEADER"
$$end_record
=====
Searching around on this error, I'm seeing recommendations at looking at the certificate and confirming that it works. I am using one GoDaddy certificate for ALL certificates with in Lync (FE Internal, Edge Internal, and Edge External). The GoDaddy
cert has several SANs on it, including the names of all servers, FE pools, and edge servers. I'm not sure what else to really check on the certificate?
Any help on my problem would be greatly appreciated.
Thanks!