Okay, so the firewall guys said they opened your essential Microsoft Lync Edge ports, but did they? We’'ll go over the steps to test if the TCP ports are properly opened using the free TCP Test Tool 3.0 from Simple Com Tools. In our test we will not just check if the TCP ports are opened, but also that our Edge Server receives and can send data with no errors.
We can start by downloading the TCP Test Tool 3.0. You can download the free tool here. Install the TCP Test Tool 3.0 on the Edge Server and some PC (can be any PC, doesn’t need to be a server) outside your network. We won’t run the tool just yet.
Next thing we will need to do is stop the Lync Edge Windows Services, so we can bind the ports to our test tool instead of Lync. We can stop the Lync Edge services in one of 3 ways: by individually stopping them from the Services MMC, from the Lync Server Control Panel or using the Powershell command Stop-CsWindowsService. Below we can see the services are stopped.
Now that the Lync Edge ports are not being used by the Lync Edge services, we can run the TCP Test Tool 3.0 and bind the port we want to test to it. We do this by running the TCP Test Tool, then on the “Server” (right side) side of the TCP Test Tool program, select the correct IP interface, (the interface that is facing the web) and type in the port you want to test and click “Bind” (the first port we’ll test for our example is 5061 as shown below.)
NOTE: If there are any “Current connections” before you connect using the TCP Test Tool from a client PC, this means something is trying to contact your Lync Edge, very likely some Lync client if this is a live server. You may very well get the “Callback Error!” show below for every incoming connection that is not your TCP Test Tool client. A little annoying, I know, but just click OK to get rid of the message(s).
Next we can go to a PC outside your network and test if the port is open. Run TCP Test Tool and on the “Client” side (left side) of the TCP Test Tool fill in the IP or Domain (using the domain tests DNS as well) of your Edge Server, Port and click Connect.
Now you should see “Connected” on the Client side (PC outside your network) and a Connection entry on the Server side. (Note the connection on the server side as you will need to select this connection when sending a response back to the client.) Now you successfully established a TCP connection from a PC outside your network, through your firewall to the Edge Server. Good start!
Now in the “Edit/Send Data” type some text you want to send to your Server/Edge and click “Send”. Hey, our port is working fine!
Now if we want to make sure traffic can go from the Server/Edge to the client we move to the server Server/Edge, select the TCP connection coming from our PC outside the network (that we are keeping in our head from when we started this session, remember?) type some text in the “Edit/Send Data” on the Server side, click “Send” and see if our ports are working bi-directionally.
If this test passes you can be quite confident that your Edge traffic is indeed passing through the firewall (and the firewall guys did their duty!)
Now you can repeat the steps to test all the other TCP ports. Below are the common TCP ports an Edge Server uses:
|Single IP Edge Configuration||TCP Ports||UDP Ports|
|Access/Web/ IP||80, 443, 5061, 444, 50000-59999||3478, 50000-59999|
|3 IP Edge Configuration|
|Access Edge IP||443, 5061|
|WebConf Edge IP||443|
|A/V Edge IP||443, 50000-59999||3478, 50000-59999|
NOTE: If you want to test the UDP ports as well, there is a UDP Test Tool too, get it here: Click Here.
When you are done testing you can Click Disconnect on the Client side.
You will want to fire up your Edge Services by using Start-CsWindowsService and verify by glancing at the Services MMC
When you are all done, make sure you close the TCP Test Tool on both the server and the client as they can be bound to ports and make production environment fail.
Download TCP Test Tool Here:
More TCP Test Tools and Links:
tells who is using what ports:
netstat -a -n -b