Set up your network for Lync Online

To set up your network for Lync Online:

  1. Add Lync CNAME (alias) and SRV (service) settings to your Domain Name System (DNS) server.

  2. If you have an external firewall or proxy server, configure it to allow Lync traffic.

  3. Test your DNS and firewall settings.

Step One: Add DNS settings

If you’re using your own domain name, add these entries your external DNS server:

Type

Host name

Destination

TTL

CNAME

sip.yourDomainName.com

sipdir.online.lync.com

1 hour

CNAME

lyncdiscover.yourDomainName.com

webdir.online.lync.com

1 hour

Type

Service

Protocol

Port

Weight

Priority

TTL

Name

Target

SRV

_sip

_tls

443

1

100

1 hour

yourDomainName.com

sipdir.online.lync.com

SRV

_sipfederationtls

_tcp

5061

1

100

1 hour

yourDomainName.com

sipfed.online.lync.com

See DNS setting details for the features affected by each record.

If you have a firewall that blocks external SRV queries, add these entries to your internal DNS server as well:

Type

Host name

Destination

TTL

CNAME

sip.yourDomainName.com

sipdir.online.lync.com

1 hour

CNAME

lyncdiscoverinternal.yourDomainName.com

webdir.online.lync.com

1 hour

Type

Service

Protocol

Port

Weight

Priority

TTL

Name

Target

SRV

_sip

_tls

443

1

100

1 hour

yourDomainName.com

sipdir.online.lync.com

Step Two: Configure your firewall or proxy server

If you have an firewall or proxy server that connects to the web, you must define rules for Lyncports, outgoing connections, and IP address ranges. For other ports and protocols that are used by other Office 365 products, see Ports and protocols used by Office 365.

The minimum required destination ports that must be opened for Lync connectivity are TCP 443 and UDP 3478. However, the recommended ports for Lync are listed in this table.

Recommended TCP/UDP ports

Open the following ports:

 Purpose

Source IP

Destination IP

Source Port

Destination Port

SIP signaling

Client

Office 365

Ephemeral TCP ports

TCP 443

Persistent Shared Object Model (PSOM) connections web conferencing

Client

Office 365

Ephemeral TCP ports

TCP 443

HTTPS downloads

Client

Office 365

Ephemeral TCP ports

TCP 443

Audio

Client

Office 365

TCP/UDP 50,000-50019

TCP 443, UDP 3478, TCP/UDP 50,000-59,999

Video

Client

Office 365

TCP/UDP 50,020-50039

TCP 443, UDP 3478, TCP/UDP 50,000-59,999

Desktop sharing

Client

Office 365

TCP/UDP 50,040-50059

TCP 443, TCP 50,000-59,999

Lync Mobile push notifications for Lync Mobile 2010 on iOS devices. You don't need this for Android, Nokia Symbian or Windows Phone mobile devices.

Client

Office 365

Ephemeral TCP ports

TCP 5223

Note   Office 365 Lync Online Edge servers listen on the entire range of TCP and UDP ports 50,000-59,999 for Lync client audio, video, and desktop sharing sessions.

For Lync server on-premises, see Ports and protocols for internal servers in Lync Server 2013.

Outgoing URLs

Create rules that allow outgoing connections for TLS and HTTPS to these locations:

  • *.microsoftonline.com

  • *.microsoftonline-p.com

  • *.onmicrosoft.com

  • officecdn.microsoft.com

  • *.sharepoint.com

  • *.outlook.com

  • *.lync.com

  • evsecure-ocsp.verisign.com

  • evsecure-aia.verisign.com

  • evsecure-crl.verisign.com

  • sa.symcb.com

Set the HTTP/SSL time-out value to eight hours.

IP address ranges

You will need to create firewall rules for IP addresses that are used for Lync and other Office 365 software that are located at Office 365 URLs and IP address ranges.

Step Three: Test your settings

Test your DNS settings:

  1. Go to the Microsoft Remote Connectivity Analyzer.

  2. On the Office 365 tab, choose Office 365 Lync Domain Name Server (DNS) Connectivity Test, and then click Next.

  3. Enter the sign-in address that you use when you sign in to Lync Online (for example, bob@contoso.com), and then start the test.

If you have an external firewall or proxy server, test your network settings:

DNS setting details

This table shows the Lync features affected by each DNS setting.

Type

Host name or service

Features affected

CNAME

sip.yourDomainName.com

Lync desktop client autodiscover and sign-in

Anonymous and Guest access to Lync meetings and audio conferences

CNAME

lyncdiscover.yourDomainName.com

lyncdiscoverinternal.yourDomainName.com

Lync mobile client autodiscover and sign-in

Schedule online meetings from Outlook Web App

SRV

_sip

Lync desktop client autodiscover and sign-in

Authenticated user sign-in with Lync Web App

SRV

_sipfederationtls

Lync IM and presence integration with Outlook Web App

Supports adding external users to the Lync Contacts list:

  • Lync users in other organizations

  • Skype users signed in with a Microsoft account

See also

Troubleshooting Lync Online DNS configuration issues in Office 365

Troubleshoot Lync Online issues after you add your custom domain in Office 365

Applies To: Lync Online



Was this information helpful?

Yes No

How can we improve it?

255 characters remaining

To protect your privacy, please do not include contact information in your feedback. Review our privacy policy.

Thank you for your feedback!

Support resources

Change language