Skype for Business server user cannot join meeting scheduled by online user

Recently an issues was raised with me, where Skype for Business server users couldn’t join meetings scheduled by online users. Issue was happening in big deployment, with multiple pools build around the world.

Issue was reported by users homed in pool located in Japan. When this user wanted to join meeting located online, after about 30 seconds once meeting link was used, user “did not answer” error was shown.

User did not answer error message

UccApi log analysis on user registered on premises did not show major issues, after digging in logs I have found only SERVICE message with Content-Type: application/msrtc-reporterror+xml, where client was complaining that it is still not connected to conference after 33015 miliseconds. Error number is 51027.

Error message found in UccApi log.

So what is causing this situation? Leg between user and Front End server was looking fine, with no major issues in log or netmon/Wireshark capture.

I have started to look for issues in communication between Front End pool and main Edge servers pool, located in Europe. Why I was looking for such weird communication channel? Well, due to Skype for Business restriction, there can be only one Edge Pool per build promoted for federation and online users communication. In this particular case this Edge Servers pool is located on Europe. I was looking especially for firewall issue, as this kind of problems usually are related to improper firewall rules.

That was good direction. After digging in firewall logs, I have found that communication from Edge pools to Front End server is blocked on firewall.

Firewall deny logs

That is where there is a catch. Usually Edge server should not initiate communication, so ports from Edge Pools towards LAN should be closed. With one exception – for communication on port 5061 :). Below I have inserted print screen from Microsoft page, you will find detailed requirements here: https://docs.microsoft.com/en-us/skypeforbusiness/plan-your-deployment/edge-server-deployments/edge-environmental-requirements?toc=/SkypeForBusiness/toc.json&bc=/SkypeForBusiness/breadcrumb/toc.json#port-and-firewall-planning

Microsoft requirement on Firewall ports

So, if you want your users to be able to join conferences hosted online or it is being reported that Skype for Business server user cannot join meeting scheduled by online user, make sure TCP 5061 is opened on private side for both traffic directions ;).

PS: If you want to check Skype for Business vs Teams features comparison I have made, check it here: https://ucblog.pl/2019/05/21/skype-for-business-vs-ms-teams-features-comparision/

Author: Sławomir Czop

I think that it is time to consider myself as "well aged" UC professional. Currently I consult mostly on Microsoft Skype for Business and Cisco CUCM platforms, however I have experience with carrier grade IMS systems, PBXes, SBCs etc. I am consulting in netexperts. During my career I also have had incident with startup in motorization segment, as I have designed and programmed drive-by-wire system for Triggo.

Leave a Reply

Your email address will not be published. Required fields are marked *