Hello,
Can anyone verify if they're able to successfully connect to https://meet.lync.com ?
I've had a tunnel up for quite a while, things work great. Can connect all over the world, in and outbound to websites, rsync, etc. Facebook, Google, Youtube, etc all work great via https over the tunnel.
$DAYJOB went to Office 365 and we use Lync for conferencing. However, if my boxes are set to prefer IPv6, I can't connect. Change Windows to prefer IPv4 and it connects. Microsoft claims it's fully IPv6 enabled, but I'm unable to establish a SSL connection over IPv6. I've tried tweaking MTU and that hasn't solved it either.
Debugging via a OpenSSL appears the packet gets sent, but no response ever comes back after it times out.
openssl s_client -port 443 -host meet.lync.com -showcerts -debug
CONNECTED(00000003)
write to 0x159ac80 [0x15bbe60] (263 bytes => 263 (0x107))
0000 - 16 03 01 01 02 01 00 00-fe 03 03 53 57 be 05 87 ...........SW...
0010 - 15 60 36 eb 87 cd b4 1b-b4 18 37 3a 6a 8a 50 39 .`6.......7:j.P9
0020 - ac 2a de 2e 61 d2 32 54-bb 64 f6 00 00 94 c0 30 .*..a.2T.d.....0
0030 - c0 2c c0 28 c0 24 c0 14-c0 0a 00 a3 00 9f 00 6b .,.(.$.........k
0040 - 00 6a 00 39 00 38 00 88-00 87 c0 32 c0 2e c0 2a .j.9.8.....2...*
0050 - c0 26 c0 0f c0 05 00 9d-00 3d 00 35 00 84 c0 12 .&.......=.5....
0060 - c0 08 00 16 00 13 c0 0d-c0 03 00 0a c0 2f c0 2b ............./.+
0070 - c0 27 c0 23 c0 13 c0 09-00 a2 00 9e 00 67 00 40 .'.#.........g.@
0080 - 00 33 00 32 00 9a 00 99-00 45 00 44 c0 31 c0 2d .3.2.....E.D.1.-
0090 - c0 29 c0 25 c0 0e c0 04-00 9c 00 3c 00 2f 00 96 .).%.......<./..
00a0 - 00 41 00 07 c0 11 c0 07-c0 0c c0 02 00 05 00 04 .A..............
00b0 - 00 15 00 12 00 09 00 14-00 11 00 08 00 06 00 03 ................
00c0 - 00 ff 01 00 00 41 00 0b-00 04 03 00 01 02 00 0a .....A..........
00d0 - 00 06 00 04 00 18 00 17-00 23 00 00 00 0d 00 22 .........#....."
00e0 - 00 20 06 01 06 02 06 03-05 01 05 02 05 03 04 01 . ..............
00f0 - 04 02 04 03 03 01 03 02-03 03 02 01 02 02 02 03 ................
0100 - 01 01 00 0f 00 01 01 .......
read from 0x159ac80 [0x15c13c0] (7 bytes => -1 (0xFFFFFFFFFFFFFFFF))
write:errno=104
---
no peer certificate available
---
No client certificate CA names sent
---
SSL handshake has read 0 bytes and written 263 bytes
---
New, (NONE), Cipher is (NONE)
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
---
Before I escalate to MS, I wondered if ANYONE can connect to them. I'd really like to not have to flip back and forth between IPv6 and IPv4 just to do a videoconference.
Thanks in advance
I'm not sure what the expected behavior of that link is, but if I open it, I get "We're having trouble getting you into the meeting. It's possible you're using a bad URL. Try calling into the meeting using the phone number on the invite, or ask the organizer to drag you into the meeting from the Contacts list" Chrome says the connection is over IPv6
That error is actually good. The site is able to answer. Can you confirm it's connected on IPv6?
On my side, I get a blank screen because it can't setup the SSL session at all (see the dump above).
Anyone else?
I can confirm IPv6 as accurately as my IPvFoo add-in for Chrome reports it. In that case, (and I have no reason to distrust it) it's reporting IPv6
Thanks
Annnnd, it's resolved.
I use Vyatta for the router and tunnel termination point.
IPv6 Tunnel MTU is 1472. Ethernet interfaces did not match, nor did the RA. Shoved them down to 1472 and all is well.
Need to dig in to that a little more, but it's resolved, for now.
Thanks all
Hi,
I also have problems with lync!
> tracert6 meet.lync.com
traceroute to webams1e-ipv6.infra.lync.com (2a01:111:f404:8003::40) from 2001:470:dd58:1:d116:6a26:f124:c324, 30 hops max, 60 bytes packets
1 ### 13.921 ms 13.903 ms 13.803 ms
2 ### 19.905 ms 32.917 ms 18.934 ms
3 ge2-20.core1.sto1.he.net (2001:470:0:11e::1) 32.950 ms 18.947 ms 18.533 ms
4 2001:7f8:d:fb::181 (2001:7f8:d:fb::181) 20.175 ms 16.622 ms 19.792 ms
5 ae15-0.ams-96c-1a.ntwk.msn.net (2a01:111:2000:3::65) 39.198 ms 38.335 ms 42.806 ms
6 2a01:111:0:1e::56 (2a01:111:0:1e::56) 38.292 ms 36.813 ms 42.961 ms
7 * * *
8 * * *
But it's not totally dead..
> curl -D- http://meet.lync.com
HTTP/1.1 302 Redirect
Content-Type: text/html; charset=UTF-8
Location: https://meet.lync.com/
Server: Microsoft-IIS/7.5
Date: Thu, 15 Oct 2015 09:50:43 GMT
Content-Length: 145
<head><title>Document Moved</title></head>
<body><h1>Object Moved</h1>This document may be found <a HREF="https://meet.lync.com/">here</a></body>
> curl -D- https://meet.lync.com
curl: (35) Unknown SSL protocol error in connection to meet.lync.com:443
But when i force the connection to ipv4 it works.?!?!
>curl -D- -4 https://meet.lync.com
Cache-Control: private
Content-Type: text/html; charset=utf-8
X-MS-Server-Fqdn: AMS1E01EDG05.infra.lync.com
X-MS-Correlation-Id: 2147513293
client-request-id: 59b5dd42-1aa5-4755-82e5-96ff8e43e65e
X-Content-Type-Options: nosniff
Date: Thu, 15 Oct 2015 09:53:26 GMT
Content-Length: 65585
<!--NOTE: If DOCTYPE element is present, it causes the iFrame to be displayed in a small-->
<!--portion of the browser window instead of occupying the full browser window.-->
<html xmlns="http://www.w3.org/1999/xhtml" class="reachJoinHtml">
<head>
<meta http-equiv="X-UA-Compatible" content="IE=10; IE=9; IE=8;"/>
<meta name="viewport" content="width=device-width; initial-scale=1.0; maximum-scale=1.0; user-scalable=0;" />
<title>Skype for Business Web App</title>
<script type="text/javascript">
var reachURL = "";
var escapedXML = "";
var validMeeting = "False";
var reachClientRequested = "False";
var htmlLwaClientRequested = "False";
var currentLanguage = "en-US";
var reachClientProductName = "Skype for Business Web App";
var blockPreCU2Clients = "False";
.....
Leffe
Got it fixed by changing my radvd.conf.
AdvLinkMTU 1480;
Thanks for the hint on MTU. I think it is originally related to PMTUD somewhere..
/Leffe
Quote from: cholzhauer on April 23, 2014, 06:51:49 AM
I'm not sure what the expected behavior of that link is, but if I open it, I get "We're having trouble getting you into the meeting. It's possible you're using a bad URL. casesam.co.uk (http://www.casesam.co.uk/)Try calling into the meeting using the phone number on the invite, or ask the organizer to drag you into the meeting from the Contacts list" Chrome says the connection is over IPv6
yeah, the same to him.
I have the same problem.
I'm running a SonicWALL so I'm unable to adjust the MTU for tunnel interfaces.
Any suggestions?