Cloud & Connectivity | Unified Comms | Virtual Data Centre | MPLS

Leave a comment

Lync Phone Edition (LPE) TLS Failure with 3rd Party Public Certificates


I identified an issue today, at a site externally provisioned (EdgePool) Polycom CX600, CX700 and CX3000. Most running .4044 or .4100. (I was subsequently able to identify a site with what appears to be the same issue where the LPE devices registered against a standard Edition Lync 2010 Server and a Dialogic SBA. All the registrars had 3rd party public certificates (GlobalSign).The phones were failing to sign-in, Logger and Snooper reveled a TLS error:

TL_ERROR(TF_CONNECTION) [1]06D8.0EF8::01/30/2014-10:52:11.726.007895ff (SIPStack,SIPAdminLog::TraceConnectionRecord:SIPAdminLog.cpp(160))$$begin_recordLogType: connectionSeverity: errorText: The connection was closed before TLS negotiation completed. Did the remote peer accept our certificate?Local-IP:,xx,xx:49175Connection-ID: 0x212600Transport: TLS$$end_record

A network trace reveled the edge server sending an RST, following the client and server TLS Hello.

With a certificate from an internal private CA present on the front-end pool / standard edition server / SBA, ensuring a SAN was present in the certificate for strict DNS compliance, the LPE devices were able to successfully authenticate. We were able to update the device to .4100 and then to .4420 (January 2013). Once updated the externally provisioned devices were able to authenticate via the edge pool with the 3rd party public CA.


A contact at Microsoft advised that earlier version of the LPE firmware had the GlobalSign Root CA certificate:

Thumbprint:  2F173F7DE99667AFA57AF80AA2D1B12FAC830338
Serial:  020000000000d678b79405

embedded, this certificate expired 2014-01-28 12:00:00 UTC. It would appear that after this certificates that chained to the GlobalSign Root were not constructing the chain to the newer valid root.


Leave a comment

Microsoft Lync Powerd by Strencom & Skype

Microsoft & Skype announced integration between Lync and Skype in May, Microsoft Lync Powered by Strencom provides this functionality to organizations utilizing Strencom’s Hosted Microsoft Lync.

This allows Lync users to Skype-Lynccommunicate directly with the over 320 million Skype users from their corporate Lync account. Lync users can currently communicate via IM and voice with Skype users with video and other modalities coming later in the year.


Using Microsoft Lync on Linux Desktop

Over the years I have had an on and off relationship with Linux on the desktop.

I have been using Windows 7 as the primary OS on my laptop for the last number of years so over the holidays decided to pull down a CentOS 6 ISO and give it another go as a desktop OS.

A couple of people have asked why CentOS and not one of the more desktopy distros, well its simple, at $DayJob we have a very very large installation base of both RHEL and CentOS boxes so I wanted to use an OS that I could easily integrate into our patch management and day to day IT management systems.

Installation went smoothly and I was left with a dual booting Windows 7 / CentOS 6.5 machine.

From previous times I was using Linux on the desktop I knew tools like evolution were there to take of corporate e-mail and calendar but I was itching to get my Lync client up and running.

It turns out it was quite easy.

Pidgin is a chat program which lets you log in to accounts on multiple chat networks simultaneously. This means that you can be chatting with friends on MSN, talking to a friend on Google Talk, and sitting in a Yahoo chat room all at the same time. And after installing the pidgin-sipe plugin (running the command “yum install pidgin-sipe” from an elevated shell) I was able to add my hosted lync account details and hey presto corporate IM up and running.

Leave a comment

Who do you Lync?

LyncInfographicMicrosoft is reporting that Lync is now a billion dollar business, with 60% of enterprises surveyed deploying or planning to deploy Lync. Many of your customers and partners will already be using Lync. It’s easy to check just how many with the Who Can Federate Tool. The WCF Tool (who can federate tool) will scan through your Outlook contacts and give you a “heads up” on which of your business contacts have public Microsoft Lync or OCS federation enabled. Federation allows for Lync users to be able to view presence, send instant messages and place voice calls with OCS/Lync users from other federated organizations.

Microsoft Lync Hosted by Strencom also enables Skype federation. Users on Strencom’s hosted platform are able to send instant massages and place voice calls with the 600 million current Skype users.