Hello,

I have just recently noticed that if I connect to Lync 2013 after connecting to VPN I get the above error message when connecting remotely on a non domain joined PC. However once I disconnect the VPN I am able to login with no issues.

I have read somewhere that says that I will need to make sure that the root-ca of my Internal server is cascaded to all non -domain joined PC. Does that still ring through today ? If I am able to connect successfully without VPN why do I need to have the certificate installed when I join VPN. Shouldn't that resemble me logging into Lync client locally ( like being in the office) when VPN is eng

Connecting externally via the Edge server will use the Edge server's external 3rd party certificate.
This will normally be trusted on any PC and this is why you can connect.
Once connected to the office via VPN, you will authenticate against the Front-End pool in your office. If you're using a non domain-joined PC, the internal CA will not be trusted on your PC. This will deny the connection.

To fix this you will have to install your organization's CA certificate in the Trusted Root CAs container of the PC.

Thanks Yoav ,

 An observation I've also made is that If I connect to Lync on my non domain joined PC and then afterwards connect to VPN, I have no Issues. I am able to place and receive phone calls . I have not tested desktop sharing and other stuff but It should not be a problem, right !

Testing with various use-cases is the way to go to verify full Lync functionality in- and outside of an organization, including VPN scenarios you described.

Thanks / rgds,