When running the validation wizard on the Access Edge server, you get this error:
DNS Resolution failure: No DNS SRV records corresponding to _sipfederationtls._tcp.domain.com were found for this domainSuggested Resolution: Verify that the domain name is correct and that the DNS SRV record _sipfederationtls._tcp.domain.com exists for this domain.
Warning[0x43FC200C] Not all checks were successful
Verify the external DNS settings (http://it-proknowledge.blogspot.com/2008/01/troubleshooting-ocs-federation.html)
If you are using internal DNS servers on the Access Edge server, the problem might be that the public DNS zone (Domain) is also owned by the internal DNS servers, and therefore the DNS lookup is done against the Internal DNS zone. Use the SRVLOOKUP tool (explained in the article in the link above) from a computer outside the network.
Heres some steps to do when troubleshooting this problem.
1. From the Access Edge server, ping your external sip domain name (sip.domain.com). You should be able to resolve the name to an IP address. (ping response is not needed)
2. From the Access Edge server, use the SRVLOOKUP tool, explained in item 1, in the above linked articel. The response from the SRVLOOKUP tool, should be you sip domain (sip.domain.com)
Both these test shoul be positive. If not, there is a DNS issue.
I have found that best practise for DNS on Access Edge servers, is to build a seperate DNS server:
- Install DNS Server from Add- Remove Windows Components
- Configure the DNS server to use root hints (this should be default)
- Configure the firewall protecting the Access Edge server from the Internet, to allow DNS outbound
- Verify connectivity by using the tool in the DNS Server MMC snap-in
- Configure the servers NIC to use the new DNS server as primary DNS
This way, you should be able to have clean DNS resolution on the Access Edge server.
Please let me know if you have any relevant issues