hi
I have issues with Hair-Pining for lync mobile, the infrastructure is the next:
1 Front End Standar Edition
1 TMG RP with 2 Interfaz (Internet & Lan)
The register DNS internal is:
Lyncdiscoverinternal.domain.com FE
WebServicesExternal.domain.com FE
DNS External
Lyncdiscoverdoamin.com Interfaz external RP
In this moment all device can connect to Lync mobile Internal & External bat device with WP8 cant to connect internal only external.
El log the WP8 is the next:
2013-06-24 15:13:43.832-5 : Info : 1 : LogonSession : New LogonSession internal state = SigningIn
2013-06-24 15:13:43.921-5 : Warning : 8 : HttpRequestPump : Got a WebException while reading the response for IssueWT.
2013-06-24 15:13:43.921-5 : Warning : 8 : SoapWebRequest : Found SOAP fault code {http://docs.oasis-open.org/ws-sx/ws-trust/200512}InvalidScope.
2013-06-24 15:13:43.921-5 : Warning : 8 : SoapWebRequest : Found SOAP fault string "The AppliesTo element of web ticket request points to a different web server or site.".
2013-06-24 15:13:43.921-5 : Warning : 8 : WebTicketManager : Found MsDiagnostic info in SOAP fault. Code: 28037. Reason: "The AppliesTo element of web ticket request points to a different web server or site.".
2013-06-24 15:13:43.921-5 : Error : 8 : HttpRequestPump : Got a failure response to request IssueWT. Status: UnknownError. Code: 500.
2013-06-24 15:13:43.923-5 : Verbose : 8 : HttpRequestPump : Error status description for request IssueWT is "Internal Server Error".
I have seen that many people have had problems with these devices because it requires certificate have HTTP Urls in the CRL (Certificate Revocation List). so I gave myself the task of making the change and returned to the FE generate my certificates but the problem persists after this.
My next step was to check my DNS records, webservicesexternal A record pointing to the front end so if I need to make the hair pin I need to point to the internal interface of the RP but before I made some changes in the RP:
also opened firewall port 443 and then proceeding to change webservicesexternal record IP for internal interface pointed to the RP when I tested the result was bad was not even able to
open:
https://extweb.doamin.com/Mcx/McxService.svc.
When performing a telnet does not respond:
tweb.domain.com telnet 443
But when I do a packet capture with Network Monitor 3.4 I see the requests coming to RP but do not know what to do with packets and fails to make the hair pin
any ideas?