Home
Home    Lync Online administration    Set up your network for Lync Online
Search all help topics

Set up your network for Lync Online

 

Topic Last Modified: 2012-07-27

Set up your network for Lync Online by configuring your external firewall or proxy server to allow Lync traffic. If you’re using your own domain name, add Lync CNAME and SRV records to your external DNS server. And if your firewall blocks external SRV queries, add Lync CNAME and SRV records to your internal DNS server as well.

To configure your firewall or proxy server for Lync Online

  1. Open the following ports in your organization’s external firewalls and reverse proxy servers.

     

    Port Protocol Direction Usage

    443

    STUN/TCP

    Outbound

    Audio, video, and application sharing sessions

    443

    PSOM/TLS

    Outbound

    Data sharing sessions

    3478

    STUN/UDP

    Outbound

    Audio and video sessions

    5223

    TCP

    Outbound

    Lync Mobile push notifications

    20000–45000

    UDP

    Outbound

    Lync-to-phone (Jajah Voice)

    50000-59999

    RTP/UDP

    Outbound

    Audio and video sessions
    noteNote:
    Individual computers are automatically configured for Lync Online network traffic when Lync is installed.

  2. Create the following rules to apply to all users on your organization’s network.

    • Allow outgoing connections to *.microsoftonline.com
    • Allow outgoing connections to *.outlook.com
    • Allow outgoing connections to *.lync.com
    • Add a firewall entry for the Microsoft Online Services Sign-in Assistant, msoidsvc.exe.
    • Set the HTTP/SSL time out value to 8 (eight) hours.
To configure external domain name settings

  1. If you’re using your own domain name with Office 365, add the following CNAME and SRV entries to your DNS server:

    Lync desktop client autodiscover

    Type Host name Destination TTL

    CNAME

    sip.yourDomainName.com

    sipdir.online.lync.com

    1 hour

    Lync mobile client autodiscover

    Type Host name Destination TTL

    CNAME

    lyncdiscover.yourDomainName.com

    webdir.online.lync.com

    1 hour

    Lync desktop autodiscover for anonymous (unauthenticated) users

    Type Service Protocol Port Weight Priority TTL Name Target

    SRV

    _sip

    _tls

    443

    1

    100

    1 hour

    yourDomainName.com

    sipdir.online.lync.com

  2. If your organization supports domain federation or public IM connectivity, add the following SRV record as well:

    Lync autodiscover for federation and public IM connectivity

    Type Service Protocol Port Weight Priority TTL Name Target

    SRV

    _sipfederationtls

    _tcp

    5061

    1

    100

    1 hour

    yourDomainName.com

    sipfed.online.lync.com
To configure internal domain name settings

  • If your organization’s Internet proxies or firewalls are configured to block external SRV queries, add the following CNAME and SRV entries to your internal DNS server:

    Lync autodiscover for desktop and mobile clients

    Type Host name Destination TTL

    CNAME

    sip.yourDomainName.com

    sipdir.online.lync.com

    1 hour

    CNAME

    lyncdiscoverinternal.yourDomainName.com

    webdir.online.lync.com

    1 hour

    Lync desktop autodiscover for anonymous (unauthenticated) users

    Type Service Protocol Port Weight Priority TTL Name Target

    SRV

    _sip

    _tls

    443

    1

    100

    1 hour

    yourDomainName.com

    sipdir.online.lync.com
 
Arrow Was this article helpful? Tell us what you think
Microsoft
©2013 Microsoft Corporation
Legal
|
Privacy