Lync for Mac - can't login when connected through VPN

The connections in my office are all under a proxy setting and for me to use it on my Mac, I need to be connected to a VPN.

After I connect, I can navigate with no trouble, but Lync will not connect. I tried a 3G connection and it worked. Below is the log for my latest try:

Microsoft Lync 14.0.10 (141024)
MacOS version 10.10.2 (build 14C109)
2015/02/19 14:13:47.817 SIPService::OnEvent(IApplicationLayerEvent &), type: 0, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:48.361 SIPService::OnEvent(NModel::ILogonSessionEvent), hr: 0x0, oldState: 0, newState: 10, direction: 0
2015/02/19 14:13:48.371 SIPService::OnEvent(IApplicationLayerEvent &), type: 1, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:48.375 SIPService::OnEvent(IApplicationLayerEvent &), type: 3, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:48.715  Office Communications Server LOGON STARTED:  USER = {guilherme.boettcher}
2015/02/19 14:13:48.747 SIPService::Logon
2015/02/19 14:13:48.811 SIPService::OnEvent(IApplicationLayerEvent &), type: 1, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.207 SIPService::OnEvent(IApplicationLayerEvent &), type: 3, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.207 SIPService::OnEvent(IApplicationLayerEvent &), type: 1, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.219 SIPService::OnEvent(IApplicationLayerEvent &), type: 3, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.219 SIPService::OnEvent(IApplicationLayerEvent &), type: 1, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.221 SIPService::OnEvent(IApplicationLayerEvent &), type: 3, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.221 SIPService::OnEvent(IApplicationLayerEvent &), type: 1, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:13:49.224 SIPService::OnEvent(NModel::ILogonSessionEvent), hr: 0x0, oldState: 10, newState: 20, direction: 0
2015/02/19 14:13:49.271 InternalConnect, NLResolveAddress returned: 0
2015/02/19 14:13:49.273 IsLocalAddress, 'sip.totvs.com.br' is not a local address 
2015/02/19 14:13:49.273 FShouldUseProxy, is returning 1 
2015/02/19 14:13:49.273 Connecting to sip.totvs.com.br (port 5061)
2015/02/19 14:13:49.399 OnNotified, SSL Certificate Verification Failed - reason: 28
2015/02/19 14:13:49.399 IsReasonAcceptable, unexpected DITrustFailureReason: 28
2015/02/19 14:13:49.399 InternalConnect, NLCreateConnection returned: 158,
2015/02/19 14:13:49.399 FUsingHttpsTunnelProxies, returning: 0
2015/02/19 14:13:49.399 Listening thread got exception 158
2015/02/19 14:13:51.444 InternalConnect, NLResolveAddress returned: -3176
2015/02/19 14:13:51.445 IsLocalAddress, 'sipinternal.totvs.com.br' is not a local address 
2015/02/19 14:13:51.445 FShouldUseProxy, is returning 1 
2015/02/19 14:13:51.445 Connecting to sipinternal.totvs.com.br (port 0)
2015/02/19 14:13:51.445 InternalConnect, NLCreateConnection returned: -3176,
2015/02/19 14:13:51.445 FUsingHttpsTunnelProxies, returning: 0
2015/02/19 14:13:51.445 Listening thread got exception -3176
2015/02/19 14:13:53.489 InternalConnect, NLResolveAddress returned: 0
2015/02/19 14:13:53.491 IsLocalAddress, 'sip.totvs.com.br' is not a local address 
2015/02/19 14:13:53.491 FShouldUseProxy, is returning 1 
2015/02/19 14:13:53.491 Connecting to sip.totvs.com.br (port 443)
2015/02/19 14:13:53.598 OnNotified, SSL Certificate Verification Failed - reason: 28
2015/02/19 14:13:53.598 IsReasonAcceptable, unexpected DITrustFailureReason: 28
2015/02/19 14:13:53.598 InternalConnect, NLCreateConnection returned: 158,
2015/02/19 14:13:53.599 FUsingHttpsTunnelProxies, returning: 0
2015/02/19 14:13:53.599 Listening thread got exception 158
2015/02/19 14:13:55.643 InternalConnect, NLResolveAddress returned: 0
2015/02/19 14:13:55.645 IsLocalAddress, 'sip.totvs.com.br' is not a local address 
2015/02/19 14:13:55.645 FShouldUseProxy, is returning 1 
2015/02/19 14:13:55.645 Connecting to sip.totvs.com.br (port 5061)
2015/02/19 14:13:55.755 OnNotified, SSL Certificate Verification Failed - reason: 28
2015/02/19 14:13:55.755 IsReasonAcceptable, unexpected DITrustFailureReason: 28
2015/02/19 14:13:55.755 InternalConnect, NLCreateConnection returned: 158,
2015/02/19 14:13:55.755 FUsingHttpsTunnelProxies, returning: 0
2015/02/19 14:13:55.755 Listening thread got exception 158
2015/02/19 14:13:57.803 InternalConnect, NLResolveAddress returned: -3176
2015/02/19 14:13:57.804 IsLocalAddress, 'sipexternal.totvs.com.br' is not a local address 
2015/02/19 14:13:57.804 FShouldUseProxy, is returning 1 
2015/02/19 14:13:57.804 Connecting to sipexternal.totvs.com.br (port 443)
2015/02/19 14:13:57.805 InternalConnect, NLCreateConnection returned: -3176,
2015/02/19 14:13:57.805 FUsingHttpsTunnelProxies, returning: 0
2015/02/19 14:13:57.805 Listening thread got exception -3176
2015/02/19 14:13:59.859 InternalConnect, NLResolveAddress returned: -3176
2015/02/19 14:13:59.860 IsLocalAddress, 'sipexternal.totvs.com.br' is not a local address 
2015/02/19 14:13:59.861 FShouldUseProxy, is returning 1 
2015/02/19 14:13:59.861 Connecting to sipexternal.totvs.com.br (port 0)
2015/02/19 14:13:59.861 InternalConnect, NLCreateConnection returned: -3176,
2015/02/19 14:13:59.861 FUsingHttpsTunnelProxies, returning: 0
2015/02/19 14:13:59.862 Listening thread got exception -3176
2015/02/19 14:14:01.883 SIPService::OnEvent(NModel::ILogonSessionEvent), hr: 0x80072743, oldState: 20, newState: 10, direction: 1
2015/02/19 14:14:01.883 Login (1) failed with error: (0.-2147014845)
2015/02/19 14:14:02.135 SIPService::OnEvent(IApplicationLayerEvent &), type: 8, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.136 SIPService::OnEvent(IApplicationLayerEvent &), type: 2, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.136 SIPService::OnEvent(IApplicationLayerEvent &), type: 4, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.137 SIPService::OnEvent(IApplicationLayerEvent &), type: 6, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.137 SIPService::OnEvent(IApplicationLayerEvent &), type: 4, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.138 SIPService::OnEvent(IApplicationLayerEvent &), type: 6, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.138 SIPService::OnEvent(IApplicationLayerEvent &), type: 4, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:02.141 SIPService::OnEvent(IApplicationLayerEvent &), type: 6, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:19.321 SIPService::FDoQuit, starting m_QuitTimer at 3636.874594
2015/02/19 14:14:19.362 SIPService::OnEvent(IApplicationLayerEvent &), type: 4, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:19.365 SIPService::OnEvent(IApplicationLayerEvent &), type: 6, HasSignedIn(): 0, HasSignedOut: 0
2015/02/19 14:14:19.370 SIPService::OnEvent(NModel::ILogonSessionEvent), hr: 0x80072743, oldState: 10, newState: 0, direction: 1
2015/02/19 14:14:19.381 SIPService::OnEvent(IApplicationLayerEvent &), type: 9, HasSignedIn(): 0, HasSignedOut: 1

To me it looks like the certificates are all in order (especially since I can connect while on 3G).

Can anyone help?

Thanks in advance,

Gui

February 19th, 2015 11:31am

Hi Gui,

To better understand the issue, I would like to collect the following information.

1. Do other people have this issue ?

2. Did you install the internal Root certificate ?

Best regards,

Eric

Free Windows Admin Tool Kit Click here and download it now
February 20th, 2015 2:36am

Hi Gui,

its correct that the error is because of certificate issue.Since you say that when using 3g it Works fine but not VPN.

When connecting thru VPN it will contact Front End server,which normally use internal Certificate.Please install certificate used on front end server on Your computer.

Network People tend to route SIP thru VPN,which is not recomended.Over VPN Lync should be routed from outside and thru Edge server.

February 20th, 2015 2:48am

Hi Eric,

Thanks for the quick response.

1) There is only one other employee using Mac OS and he is not having any trouble. We compared our certificates and configurations and they seem equal in every possible way. 

2) I have installed the internal root certificate

One new information that I got was that it doesn't seem to be an issue with the VPN. I turned it off and was able to navigate with Chrome and get my emails via Outlook, but connection to lync is still a no-go. Mind you, this is not over 3G, it is over WiFi. At first I thought it could be an issue with the proxy or a config in the WiFi or firewalls, but since this other colleague is not facing any issues, I'm not sure how to proceed.

Please, let me know if there is any other information I can provide to help elucidate the issue.

Free Windows Admin Tool Kit Click here and download it now
February 20th, 2015 5:56am

Hi Off2work,

I don't doubt the issue may be in the certificates, but I did install all internal root certificates I could find. I'm sorry if this is a noob question, but where/how can I find the certificates or make sure I have the appropriate ones installed? Is there any way I can force my Mac to look for them and install them?

Thanks a lot for the help so far.

February 20th, 2015 5:59am

Hi,

you can start Lync deployment wizard and choose renew certificate.Then you will see certificates used,mark on it and choose view.

Compare thumbnail to the one installed on Your mac.

Free Windows Admin Tool Kit Click here and download it now
February 20th, 2015 9:32am

I was finally able to find the missing certificate. After I installed it, lync connected with ease.

Thanks again for all the help.

Best,

February 20th, 2015 11:36am

This topic is archived. No further replies will be accepted.

Other recent topics Other recent topics