Sign up for Office 365
Learn more about Office 365
When running Outlook or Lync client through a Bluecoat proxy that is running DLP, the clients drop the connection. Suspect clients think this is a MITM attach since the DLP is swap SSL certs to do the encryption so that it canplay big brother. Anyone else having same issue?
Additionaly, with Bluecoats, you may need to allow the executable through the BC Proxy along with the URL's. I know in BPOS v1, to get the sign in client to work, you had to allow signin.exe to pass through the proxy as well.
This is worth looking at in your instance as well Tom.
- Richard Rodgers
What is the exact error (or, reason for dropping the connection) that the Bluecoat proxy is giving?
They have to open up access to the services that DirSync, Lync, Outlook and the old Sign In Client (SIC) talk to;
locationservice.microsoftonline.com
provisioning.noam.microsoftonline.com
This has been pretty well documented in the past, I think my original post on this was Fall of 2008 and specific to Bluecoat, Spring 2009.
For Lync:
1.) Please run Data Collection and Network Diagnostics in MOSDAL
2.) Ensure the following protocols and ports are open by reviewing the Network_Diagnostics\PortQry folder from the MOSDAL results.
Port Protocol Notes
5060 TCP (SIP) Used by Microsoft Lync 2010 for SIP communications internally.
5061 TCP (SIP) Used by Microsoft Lync 2010 for SIP communications internally and for SIP/MTLS authentication of A/V users.
Communications flow outbound through the internal firewall.
443 TCP (HTTP) Used by Microsoft Lync 2010 clients connecting from outside the intranet for SIP communications.
1024-65535 UDP/TCP Port range used for inbound and outbound media transfer through the external firewall.
6891-6901 TCP Port ranged used by Microsoft Lync 2010 for file transfer.