During an In-Place upgrade to Skype for Business we wanted to enable Skype Directory Search but the SfB client was receiving my error when searching. 😦
You can refer to my existing blog post on configuring Skype directory search if you want to check the setup here
We had already
- registered with pic.lync.com
- Re added the Skype hosting provider
- Allowed user public IM access in External Access Policy
- Upgraded client to latest SfB client
- The customer had ensured me the outbound port 443 from the Edge servers was completed and allowed.
From looking at this error i first checked the Edge servers and found the following in the Lync Server Event Log.
The server selected for next hop could not be reached, or did not reply.
A server selected as a proxy target for HTTP traffic could not be reached or did not reply: skypegraph.skype.com.
Performance Counter Instance:
Failure occurrences: 1, since 03/09/2015 14:32:47.
Failure Details: WebException: Unable to connect to the remote server
Cause: The remote server may be experiencing problems or the network is not available between these servers.
Examine the event logs on the indicated server to determine the cause of the problem.
This looked like a connectivity issue so i did the following.
- First i checked connectivity between the FE and Edge using telnet on port 4443 and this was ok. (Port used for communication between FE and Edge which is the same as CMS replication)
- Checked external DNS resolution on Edge servers and this was ok
- From Edge Sever i tried telnet to skypegraph.skype.com on port 443 and this failed. So im now pretty certain its port 443 outbound being blocked most likely by external firewall.
- The Customer checked the firewalls and indeed port 80 was allowed outbound but not port 443. This was allowed and we retested with telnet to skypegraph.com 443 on edge server and it worked 🙂
- A retest on the SfB client and Skype directory search works !!!!
Port 443 outbound is a new requirement for Skype for Business Edge Servers for the Skype directory search so make sure you have added and allowed this on your firewalls. This was NOT required in Lync Server 2013 so for any In-Place upgraders beware.
The protocol workload poster shows this for reference below.
Hopefully these tests may help you.