08-16-2011 03:24 PM - edited 03-21-2019 04:31 AM
I use a UC520 as my router, DHCP server and have NAT and the firewall turned ON. I need to open some external ports in the firewall for Microsoft Lync, specifically:
Ports Needed Open in External Firewall
Port | Protocol | Direction | Usage |
443 | STUN/TCP | Outbound | Audio, video, and application sharing sessions |
443 | PSOM/TLS | Outbound | Data sharing sessions |
3478 | STUN/UDP | Outbound | Audio and video sessions |
50000-59999 | RTP/UDP | Outbound | Audio and video sessions |
Is there a way to do this in the UC520? There are NO other routers between the UC520 and the Internet. I only need the ports to be OUTBOUND, i.e. open going from the LAN to the WAN (or Internet).
Thanks,
Adam Vayle
08-16-2011 05:29 PM
There are two methods:
1. this will open any ports on the destination device
ip nat inside source static
2. this will open per tcp/udp port
ip nat inside source static tcp
08-17-2011 12:41 AM
I think by default you'll find all outbound traffic is allowed anyway, I usually do not use the ethernet WAN port, but I'm pretty sure this is the case. What the above post opens up is Inbound static NAT, which is not what you're looking for I believe.
Are you receiving an error when running Lync?
08-17-2011 03:19 AM
I am getting the following error when trying to login to Lync:
"Cannot sign in to Lync. There was a problem acquiring a personal certificate required to sign in. "
I wanted to make sure I had the right ports open before contacting Microsoft support. I was thinking all outbound ports might be open by default, but wasn't sure. Can anyone confirm this?
Thanks.
08-17-2011 03:54 AM
The error you're getting does not seem firewall-related anyway, try this:-
to fix it would be to go under the " Admin " Page, Then "Users" under management, Then click on the box of the users name, Click on License and Uncheck the "Lync" Box , Save then go back to the same user and then re-apply the "lync" license. It should re-create a lync account for that user. Now after you do that you need to give it about 5 to 10 mins, best way to tell to try it would be to look under the "More" Option and you'll see the lync "Change user settings" go from grey to blue, meaning that the user account has been established and is reay for config
08-17-2011 03:39 PM
Hi Adam,
I know you have already got some wonderful posts, I thought I would throw in a CCA mix on this, if you use CCA to do this it is a seamless process and it will not only configure the NAT it can help you with any Firewall Settings and in some cases even with NAT applied you might still need to make sure there are some ACL's in place (Depending on what it is you are doing).
Have a look at this screen shot of NAT configuration in CCA 3.1.1:
It is quite a simple process to use CCA and there is some pretty good control as to how it needs to work.
Cheers,
David.
08-18-2011 06:48 PM
Thanks to everyone for their replies. Interestingly, Lync suddenly started working all by itself. I hadn't even made any changes to the UC520 yet. So, it looks like it was a Microsoft Lync server problem in the cloud. I guess this means the outbound ports are open by default.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide