We seem to see to encounter a specific connectivity error a lot across a variety of Lync environments. In some instances, users will complain about slow connectivity or no connectivity. The primary symptom is the following event log entry (repeated every 20 minutes or so):
No connectivity with the Lync Web App. Affected Web browser clients cannot use Web Conferencing modality.
Server Machine FQDN: lyncfrontend.yourdomain.com, Port:8061
Server Type: External-WebApp-Edge [HTTP side error:The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel.]
If the problem persists this event will be logged again after 20 minutes
Cause: Service may be unavailable or Network connectivity may have been compromised.
Never fear, this one is easy to fix!
The Root Issue
The application pool registered to the Lync Server External Web Site\Reach application is set to activate On Demand. This results in an IIS application pool that is not spun up when an external reach request is received resulting in a connectivity fault.
Important: The UI based solution only works in IIS8. If you are running IIS7.5, See the “Manually Fix This Issue” below
- Launch Internet Information Services (IIS) Manager on your front-end pool server
- Navigate to Sites –> Lync Server External Web Site –> Reach
- Right click on Reach and select Manage Application –> Advanced Settings
- Note the Application Pool in the advanced settings pop-up
This will be set to LyncExtReach in normal environments
- Click on Application Pools and locate the application pool noted in step#4 above
- Right click on the Application Pool and select Advanced Settings
- Change the Start Mode to AlwaysRunning
- Restart IIS
Told you it was easy!
UPDATED 09/2014: How to Manually Fix This Issue
Running IIS7.5? Don’t see the Start Mode in IIS, here is the manual method!
- Edit the following file in the editor of your choice
Important: Make sure you are running your editor as an Administrator!
- Search for name=”LyncExtFeature”
Important: You are looking for the <add name=”LyncExtReach” within the <system.applicationHost><applicationPools> section!
- Edit the entry to include the startMode attribute (see bold text below)
<add name=”LyncExtReach” autoStart=”true” managedRuntimeVersion=”v4.0″ managedPipelineMode=”Integrated” startMode=”AlwaysRunning”>
- Save the file and restart IIS