Lync Client to Client Call failed to establish due to a media connectivity failure when both endpoints are internal

Hi All,

My setup is

Collocated front end server with mediation server(enterprise lync environment), separate Database server & separate Monitoring & archiving server. I do'nt have Edge server as of now. I am using Lync to make calls internally.all internal calls within network working fine without any issues. I used to access lync to make calls via VPN client from home, but I am getting "Call failed due to network issue" message when I make call from home via vpn client. My user Lync extension number starts from 5000, my user extension number is 5001 but I am not able to dial extenion 5002 from home via vpn client. But I am able to dial my Conference bridge number i.e. 5000..I do;nt know what's the issue.. As per Lync snipper I am getting below error message

22; reason="Call failed to establish due to a media connectivity failure when both endpoints are internal";CallerMediaDebug="audio:ICEWarn=0x80020,LocalSite=192.168.100.12:11008,RemoteSite=192.168.1.100:3754,PortRange=1025:65000,LocalLocation=2,RemoteLocation=2,FederationType=0"

192.168.100.12 is my machine IP which is connected to my network via VPN client.. Any help will be appriciated.. Thanks

 

June 10th, 2011 2:27pm

An obvious question maybe;

Are there any firewalls between your VPN client and the other client subnets? As long as you do not ave an edge, and your clients are internally. They expect to set up the media stream p2p.

There has to be routing between subnets: 192.168.1.X and 192.168.100.X. Ports must be opened in both direction.

(I wanted to point this out as network admins often allow VPN -> Server -> VPN connection. But not VPN - > Client subnet connections.)

 

KR,

Lasse Wedø

Free Windows Admin Tool Kit Click here and download it now
June 10th, 2011 2:44pm

make sure that you have included the routes (add route x x x x) on the Edge server so it can hit the appropriate subnets/sites.
June 10th, 2011 7:05pm

It is not uncommon for enterprises to configure VPNs to only allow access from VNP clients to subnets used for servers and not allow access to subnets where client PCs reside, could this be the issue?
Free Windows Admin Tool Kit Click here and download it now
June 10th, 2011 10:13pm

Hi,Real007,

Please check your VPN  and ports configuration as Lasse and Mike pointed out.

And also here is a good article about Lync server ports and audio/media negotiation for you to understand the internal media connection more clearly.

http://www.shudnow.net/2010/12/06/lync-server-2010-port-ranges-and-audiomedia-negotiation/

Regards,

Sharon

June 14th, 2011 10:10am

Hi,Real007,

How is your issue going on?

Any progress please let us know.Thanks!

Regards,

Sharon

Free Windows Admin Tool Kit Click here and download it now
June 20th, 2011 3:39pm

I m working with my network guy on the same, I will update the status.
June 20th, 2011 3:44pm

Hi,Real007,

Any updates?

If you have fixed it please kindly share your experience with us,thanks!

Regards,

Sharon

Free Windows Admin Tool Kit Click here and download it now
June 23rd, 2011 11:52am

still no luck so far..

 

I am able to make calls if I use 3G USB modem to connect to the Company Network via Cisco VPN client. No issues observed.  But my Lync calls fails if I use CIsco ASA 5510 firewall (my machine inside cisco asa 5510 network)  to connect to the company network via Cisco VPN client.. I am getting same error,

 

22; reason="Call failed to establish due to a media connectivity failure when both endpoints are internal";CallerMediaDebug="audio:ICEWarn=0x80020,LocalSite=192.168.100.12:11008,RemoteSite=192.168.1.100:3754,PortRange=1025:65000,LocalLocation=2,RemoteLocation=2,FederationType=0"

192.168.100.12 is my machine IP which is connected to my network via VPN client... I do'nt have edge server in my environment. 
Even I opened prot 1024 - 65535 on Cisco firewall...

 

 

August 18th, 2011 12:49pm

You should have at least 50000-59999 TCP and UDP opened in both directions. From the client to any possible endpoint. And from any possible endpoint back to the client (for audio/video RTP) Make sure you don't use SIP fixup.
Free Windows Admin Tool Kit Click here and download it now
August 19th, 2011 11:15pm

hi,

did you resolve this issue? we are getting a similar issue and trying to figure out what is happening.  let me ask you a few questions.

1. when you come into the CISCO VPN are the end points technically on the same network?

2. from a p2p can the internal PC reach the PC that you are calling from?

 

here is what i think is happening:

1. when you call in assuming this is a lync call.  the session tries to establish a p2p call, but fails.

2. so the two end points then try to connect to the edge server. in this case the edge server is internal.

3. Lync is dropping the p2p call i think because it knows the two end points are internal and they should do p2p.

this is change with Lync, since OCS alllows you do this.  can you comfirm your enviroment?

 

 

November 25th, 2011 8:39pm

Hey All,

Still I am facing same issues if I use Cisco VPN from home to make calls/IM...   All required ports are opened for Cisco VPN client Users.  As said by Anonymous11205  when you come into the CISCO VPN both end points technically on the same network.

Now I have implement Edge server to resolve above issue.. Now everything is working fine. No issues observed..

No issues..

Cheers!!!!

 

 

 

Free Windows Admin Tool Kit Click here and download it now
November 28th, 2011 8:26am

Hi All,

I am stuck up with similar problem 

Error - 

22; reason="Call failed to establish due to a media connectivity failure when both endpoints are internal"; CallerMediaDebug="application-sharing:ICEWarn=0x220,LocalSite=10.20.XX.XX:32224,LocalMR=12.XX.XX.XX:50089,RemoteSite=10.6.XX.XX:30041,PortRange=1025:65000,LocalMRTCPPort=50089,LocalLocation=2,RemoteLocation=2,FederationType=0"

Note - we get error intermittently with only few users.

Any suggestions, would be appreciated 

June 16th, 2014 8:30pm

not sure about with a VPN, but I had this error because of a client having their public IP address changed, and someone forgot to update the Public IP for the AV Edge service. Which in turn broke both external conferencing and MRAS internally.

Need to make sure the correct ports are open to the Internal NIC of the Edge servers, as well as the Public IP address of the AV Edge service is also set correctly in the topology.  If you have to change it, wait for replication and then restart the Edge services...

With regards to Lync clients coming in through the VPN, make sure that VPN subnet can again connect to the Edge internal interface.  Although the better choice is not to have Lync clients come in through a VPN, double-encryption and lousy Audio and Video.

Free Windows Admin Tool Kit Click here and download it now
January 30th, 2015 1:35am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics