SIP/2.0 504 Server time-out - Public IM only

Lync Front End Standard with Lync Edge across 2 DMZs.

All Federation with partners works great, presence and IM.

Adding PIC connectivity and all I get is 504 errors.

I have been through the provisioning some time ago and had confirmation.  I can telnet into the edge/front end back and forth on 5061 and outbound from the external edge to federation.messenger.msn.com

Meetings and dialin works.  I am using TMG as a reverse proxy.  SIP inspection is off on my hardware firewall.

I am at a loss now....

Here is the 504 error from the logs:

TL_INFO(TF_PROTOCOL) [0]0738.0AD0::08/07/2013-08:23:47.205.0000c9cd (SIPStack,SIPAdminLog::TraceProtocolRecord:SIPAdminLog.cpp(125))$$begin_record
Trace-Correlation-Id: 1082938809
Instance-Id: 00008A5D
Direction: incoming;source="external edge";destination="internal edge"
Peer: federation.messenger.msn.com:5061
Message-Type: response
Start-Line: SIP/2.0 504 Server time-out
From: "MyName"<sip:my.name@mysipdomain>;tag=81477811df;epid=8613c43f05
To: <sip:MyOutlookName@outlook.com>;tag=8AB80487F342B2CE5B12D59B1B150C7B
CSeq: 1 INVITE
Call-ID: cfb9d628e17f42aea42017abba190224
Via: SIP/2.0/TLS 192.168.4.20:49157;branch=z9hG4bK7BAB2746.22A22F5E9CCDB593;branched=FALSE;ms-internal-info="djlTaNILYYq-aWjCztZi-pVkKxihxUBTSA7PWTfeL8GI9eL6IiWTCcagAA";received=134.170.96.31;ms-received-port=49157;ms-received-cid=8F01C00
Via: SIP/2.0/TLS 10.99.99.125:49201;branch=z9hG4bKE980734C.4E81800A5EB2C593;branched=FALSE;ms-received-port=49201;ms-received-cid=40300
Via: SIP/2.0/TLS 10.250.250.250:49451;ms-received-port=49451;ms-received-cid=4E4F00
Server: RTC/5.0
Content-Length: 0
Message-Body:
$$end_record

August 7th, 2013 6:36am

Hi,

Check this,

Compare & Check whether you missed any of the steps 

How to Implement Public IM Connectivity (PIC) with Lync Server 2010

http://social.technet.microsoft.com/wiki/contents/articles/9896.how-to-implement-public-im-connectivity-pic-with-lync-server-2010.aspx

Hope that helps :)

Free Windows Admin Tool Kit Click here and download it now
August 7th, 2013 7:00am

The only thing I can see that stands out in my environment is the order of the subject name and SAN names on the certificates.

I have 2 public certificates, one on the TMG as the reverse proxy hosting the 443 forwarding and one on the external edge.

The reverse proxy uses the access edge name as its subject name with the dialin, meet, lyncdiscover URLs as its SAN names.

The external edge has the sip domain as its subject name ans the SAN names of dialin, meet.

I am sure I am missing something but the logs arent giving me much to go on.

August 7th, 2013 7:11am

Hi,

Please double check your DNS records on external DNS server. Here is a similar case for your reference:

http://social.technet.microsoft.com/Forums/lync/en-US/9accfe71-240d-4030-9c8a-ae855a1570fd/public-im-504-errors-yet-all-configured-and-have-a-pic

In addition, the subject name of the certificate is the access Edge external interface fully qualified domain name (FQDN). The subject name of reverse proxy should be external web url of front end. For details:

http://technet.microsoft.com/en-us/library/gg429704.aspx

Free Windows Admin Tool Kit Click here and download it now
August 8th, 2013 2:39am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics