This article will cover various issues found pertaining to federated calls between Microsoft Skype for Business (SfB) and Cisco's collaboration platform via the Expressway appliances.
SfB Client Reports "We couldn't reach firstname.lastname@example.org"
This issue was encountered when trying to call from an Office 365 SfB client into a Cisco CMS space via Expressways. Initial investigation showed that the Expressway-E's received no inbound communication from the Office 365 cloud when the SfB client tried to initiate the call. Testing confirmed there were no firewall or DNS resolution issues and so the problem appeared to be occurring somewhere in the SfB environment.
Inspecting the SfB client logs which can be found here C:\Users\AppData\Local\Microsoft\Office\16.0\Lync\Tracing. The following sip messaging was found in the Lync-UccApi-0.UccApilog log file.
Authentication-Info: TLS-DSK qop="auth", opaque="3CC13C20", srand="DE5F47F6", snum="22", rspauth="cc1e3102aad152c03101397443285f049da4012f", targetname="SY3AU103FES10.infra.lync.com", realm="SIP Communications Service", version=4
Via: SIP/2.0/TLS 192.168.44.32:62358;received=184.108.40.206;ms-received-port=62358;ms-received-cid=1D8CC800
From: "Jason Neurohr"<sip:email@example.com>;tag=fccc1ffe4e;epid=a9169be875
CSeq: 1 INVITE
ms-diagnostics: 1009;reason="No match for domain in DNS SRV results";domain="ciscoenv.domain.com";fqdn1="expe1.domain.com:5061";source="sipfedau1.online.lync.com"
Immediately we now have some direction as to what is causing the problem.
After some investigation the following Microsoft TechNet article reveals the source of the problem, DNS requirements for Skype for Business.
The problem is occurring because the target FQDN returned by the _sipfederationtls._tcp.ciscoenv.domain.com SRV record is outside of the SIP namespace ciscoenv.domain.com. To resolve the issue the SRV and A DNS records were updated such that expe1 is now expe1.ciscoenv.domain.com.